IPsec protocol work

 IPsec  Internet security related protocol work

how the protocols work

IPsec is a collection of protocols that work together to create secure connections between devices. It aids in the security of data exchanged over public networks.

Key exchange: Encryption requires keys, which are random strings of characters that can be used to "lock" (encrypt) and "unlock" (decrypt) messages. IPsec establishes keys by a key exchange between connected devices, allowing each device to decrypt the messages of the other.

Packet headers and trailers: All data transferred across a network is divided into smaller units known as packets. Packets contain a payload, or the data being transmitted, as well as headers, or information about that data, so that computers  receiving the packets know what to do with them. IPsec encrypts data packets and includes many headers including authentication and encryption information. IPsec also includes trailers, which appear after rather than before the payload of each packet.

Authentication: Like a stamp of authenticity on a rare item, IPsec authenticates each packet. This assures that packets are coming from a legitimate source rather than a malicious one.

 

Encryption: IPsec encrypts both the contents and the IP headers of each packet (unless transport mode is used instead of tunnel mode). This ensures that data delivered through IPsec is safe and secure.

Transmission: Encrypted IPsec packets use a transport mechanism to move across one or more networks to their destination. IPsec transmission differs from conventional IP traffic at this point in that it frequently uses UDP rather than TCP as its transport protocol. The Transmission Control Protocol (TCP) establishes dedicated connections between devices and ensures that all packets arrive in a timely manner. These dedicated connections are not established by UDP (User Datagram Protocol). Because UDP allows IPsec packets to pass across firewalls, IPsec uses it.

 

Decryption: The packets are decrypted at the other end of the communication, and apps (such as a browser) can now utilise the supplied data.