Skip to Content
IPv6 Essentials
book

IPv6 Essentials

by Silvia Hagen
July 2002
Beginner
360 pages
11h 19m
English
O'Reilly Media, Inc.
Content preview from IPv6 Essentials

IPv6 Security Elements

The following section introduces the individual security elements of the IPv6 security framework and discusses how they work together.

Security Associations

Communicating partners need to agree on a common set of information before they can use the security elements of IPv6: a key, the authentication or encryption algorithm to be used, and some additional parameters specific to the algorithms used. This set of agreements constitutes a Security Association (SA) between communication partners. SAs are unidirectional, and one SA is required for each security service; thus, two communication partners wishing to both encrypt and authenticate a two-way connection require a total of four SAs (one for each of the two required security features, in each of two directions).

Two types of SA are differentiated: transport mode and tunnel mode. In transport mode, the SA is defined between two end systems and describes either encryption or authentication for the payload contained in all IP packets related to that particular connection. In tunnel mode, the SA is defined between two security gateways, which surround the IP packet and payload with an outer IP packet “wrapper”, thus being able to apply either encryption or authentication to the whole inner packet, including the inner IP header. Based on these two modes of operation, individual SAs may be bundled either through transport adjacency (i.e., the use of both encryption and authentication services in the same ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

Read now

Unlock full access

More than 5,000 organizations count on O’Reilly

AirBnbBlueOriginElectronic ArtsHomeDepotNasdaqRakutenTata Consultancy Services

QuotationMarkO’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.
Julian F.
Head of Cybersecurity
QuotationMarkI wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.
Addison B.
Field Engineer
QuotationMarkI’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.
Amir M.
Data Platform Tech Lead
QuotationMarkI'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.
Mark W.
Embedded Software Engineer

You might also like

IPv6 Essentials, 2nd Edition

IPv6 Essentials, 2nd Edition

Silvia Hagen
IPv6 Security

IPv6 Security

Scott Hogg, Eric Vyncke

Publisher Resources

ISBN: 0596001258Catalog PageErrata