swIPe provides confidentiality, integrity, and authentication of network traffic, and can be used to provide both end-to-end and intermediate-hop security. swIPe is concerned only with security mechanisms. The protocol does not handle policy and key management, which are handled outside the protocol. It works by augmenting each packet with a cryptographically strong authenticator and/or encrypting the data to be sent.[1]
Protocol descriptionedit
swIPe encapsulates each IP datagram to be secured inside a swIPe packet.[1] A swIPe packet is an IP packet of protocol type 53.[2][3] A swIPe packet starts with a header, which contains identifying data and authentication information; the header is followed by the original IP datagram, which in turn is followed by any padding required by the security processing. Depending on the negotiated policy, the sensitive part of the swIPe packet (the authentication information and the original IP datagram) may be encrypted.[1]
Cisco routers and switches running IOS have been found vulnerable to denial of service (DoS) attacks which may result from processing packets with IP Protocol 53.[4]
Referencesedit
^ abcJohn Ioannidis and Matt Blaze (December 1993). "The swIPe IP Security Protocol INTERNET DRAFT". Columbia University and AT&T Bell Labs.
^"Assigned Internet Protocol Numbers". Internet Assigned Numbers Authority (IANA).
^"RFC5237". Internet Engineering Task Force (IETF).
^"Cisco IOS Interface Blocked by IPv4 Packets". Cisco. Retrieved 28 October 2022.
December 01, 2023
swipe, protocol, swipe, security, protocol, swipe, experimental, internet, protocol, security, protocol, that, specified, 1993, operates, internet, layer, internet, protocol, suite, purpose, editswipe, provides, confidentiality, integrity, authentication, netw. The swIPe IP Security Protocol swIPe is an experimental Internet Protocol IP security protocol that was specified in 1993 It operates at the Internet Layer of the Internet Protocol Suite Purpose editswIPe provides confidentiality integrity and authentication of network traffic and can be used to provide both end to end and intermediate hop security swIPe is concerned only with security mechanisms The protocol does not handle policy and key management which are handled outside the protocol It works by augmenting each packet with a cryptographically strong authenticator and or encrypting the data to be sent 1 Protocol description editswIPe encapsulates each IP datagram to be secured inside a swIPe packet 1 A swIPe packet is an IP packet of protocol type 53 2 3 A swIPe packet starts with a header which contains identifying data and authentication information the header is followed by the original IP datagram which in turn is followed by any padding required by the security processing Depending on the negotiated policy the sensitive part of the swIPe packet the authentication information and the original IP datagram may be encrypted 1 Cisco routers and switches running IOS have been found vulnerable to denial of service DoS attacks which may result from processing packets with IP Protocol 53 4 References edit a b c John Ioannidis and Matt Blaze December 1993 The swIPe IP Security Protocol INTERNET DRAFT Columbia University and AT amp T Bell Labs Assigned Internet Protocol Numbers Internet Assigned Numbers Authority IANA RFC5237 Internet Engineering Task Force IETF Cisco IOS Interface Blocked by IPv4 Packets Cisco Retrieved 28 October 2022 Retrieved from https en wikipedia org w index php title SwIPe protocol amp oldid 1152152844, wikipedia, wiki, book, books, library,
