IP Encapsulating Security Payload (ESP)
01 Aug 1995-Vol. 1827, pp 1-12
TL;DR: This document describes an updated version of the Encapsulating Security Payload (ESP) protocol, which is designed to provide a mix of security services in IPv4 and IPv6.
Abstract: This document describes an updated version of the Encapsulating
Security Payload (ESP) protocol, which is designed to provide a mix of
security services in IPv4 and IPv6. ESP is used to provide
confidentiality, data origin authentication, connectionless integrity,
an anti-replay service (a form of partial sequence integrity), and
limited traffic flow confidentiality. This document obsoletes RFC 2406
(November 1998). [STANDARDS-TRACK]
Citations
More filters
01 Aug 1995
TL;DR: This document describes an updated version of the "Security Architecture for IP", which is designed to provide security services for traffic at the IP layer, and obsoletes RFC 2401 (November 1998).
Abstract: This document describes an updated version of the "Security
Architecture for IP", which is designed to provide security services
for traffic at the IP layer. This document obsoletes RFC 2401
(November 1998). [STANDARDS-TRACK]
3,455 citations
Cites background from "IP Encapsulating Security Payload (..."
...Both protocols are described in more detail in their respective RFCs [KA98a, KA98b ]....
[...]
...The Encapsulating Security Payload (ESP) protocol [ KA98b ] may provide confidentiality (encryption), and limited traffic flow confidentiality....
[...]
...b. security protocols ‐ RFCs describing the Authentication Header (AH) [KA98a] and Encapsulating Security Payload (ESP) [ KA98b ] protocols....
[...]
01 Oct 2000
TL;DR: This document describes the Stream Control Transmission Protocol (SCTP), which is designed to transport PSTN signaling messages over IP networks, but is capable of broader applications.
Abstract: This document describes the Stream Control Transmission Protocol (SCTP). SCTP is designed to transport PSTN signaling messages over IP networks, but is capable of broader applications.
2,270 citations
TL;DR: It is argued that router mechanisms are needed to identify and restrict the bandwidth of selected high-bandwidth best-effort flows in times of congestion, and several general approaches are discussed for identifying those flows suitable for bandwidth regulation.
Abstract: This paper considers the potentially negative impacts of an increasing deployment of non-congestion-controlled best-effort traffic on the Internet. These negative impacts range from extreme unfairness against competing TCP traffic to the potential for congestion collapse. To promote the inclusion of end-to-end congestion control in the design of future protocols using best-effort traffic, we argue that router mechanisms are needed to identify and restrict the bandwidth of selected high-bandwidth best-effort flows in times of congestion. The paper discusses several general approaches for identifying those flows suitable for bandwidth regulation. These approaches are to identify a high-bandwidth flow in times of congestion as unresponsive, "not TCP-friendly", or simply using disproportionate bandwidth. A flow that is not "TCP-friendly" is one whose long-term arrival rate exceeds that of any conformant TCP in the same circumstances. An unresponsive flow is one failing to reduce its offered load at a router in response to an increased packet drop rate, and a disproportionate-bandwidth flow is one that uses considerably more bandwidth than other flows in a time of congestion.
1,787 citations
TL;DR: It is discussed, how blockchain, which is the underlying technology for bitcoin, can be a key enabler to solve many IoT security problems.
1,743 citations
01 Dec 1998
TL;DR: This document specifies the Neighbor Discovery protocol for IP Version 6.
Abstract: This document specifies the Neighbor Discovery protocol for IP Version 6. IPv6 nodes on the same link use Neighbor Discovery to discover each other's presence, to determine each other's link-layer addresses, to find routers and to maintain reachability information about the paths to active neighbors.
1,586 citations
References
More filters
01 Aug 1995
TL;DR: This document describes an updated version of the "Security Architecture for IP", which is designed to provide security services for traffic at the IP layer, and obsoletes RFC 2401 (November 1998).
Abstract: This document describes an updated version of the "Security
Architecture for IP", which is designed to provide security services
for traffic at the IP layer. This document obsoletes RFC 2401
(November 1998). [STANDARDS-TRACK]
3,455 citations
Journal Article•
TL;DR: Presentation de la norme americaine de codage des donnees informatisees (DES: Data Encryption Standard) permet de proteger lesDonnees selon des criteres qui sont developpes dans ce texte.
Abstract: Presentation de la norme americaine de codage des donnees informatisees (DES: Data Encryption Standard). Adaptee par l'Agence nationale de securite en janvier 1988, elle permet de proteger les donnees selon des criteres qui sont developpes dans ce texte
1,240 citations
AT&T1
TL;DR: A variety of attacks based on a number of serious security flaws inherent in the TCP/IP protocols are described, including sequence number spoofed, routing attacks, source address spoofing, and authentication attacks.
Abstract: The TCP/IP protocol suite, which is very widely used today, was developed under the sponsorship of the Department of Defense. Despite that, there are a number of serious security flaws inherent in the protocols, regardless of the correctness of any implementations. We describe a variety of attacks based on these flaws, including sequence number spoofing, routing attacks, source address spoofing, and authentication attacks. We also present defenses against these attacks, and conclude with a discussion of broad-spectrum defenses such as encryption.
647 citations
AT&T1
TL;DR: A number of attacks against various versions of IP-layer encryption and authentication protocols, including confidentiality failures and authentication failures are described, which are troubling for the utility of this entire effort.
Abstract: The Internet Engineering Task Force (IETF) is in the proces of adopting standards for IP-layer encryption and authentication (IPSEC). We describe a number of attacks against various versions of these protocols, including confidentiality failures and authentication failures. The implications of these attacks are troubling for the utility of this entire effort.
181 citations
"IP Encapsulating Security Payload (..." refers background in this paper
...However, use of confidentiality without integrity/authentication (either in ESP or separately in AH) may subject traffic to certain forms of active attacks that could undermine the confidentiality service (see [Bel96]....
[...]
01 Apr 1993
TL;DR: It is the purpose of this document, Security Protocols for SNMPv2, to define one such authentication and one such privacy protocol.
Abstract: It is the purpose of this document, Security Protocols for SNMPv2, to
define one such authentication and one such privacy protocol
[STANDARDS-TRACK]
36 citations