Other IPSec Encryption Standards
IPSec employs several different technologies to provide a
complete system of confidentiality, integrity, and authenticity. These
technologies are as follows:
Message Digest 5 (MD5)–A hash algorithm is
used to authenticate packet data.
Secure Hash Algorithm-1 (SHA-1)–A hash
algorithm is used to authenticate packet data.
Diffie-Hellman (DH)–A key exchange
standard allows two parties to establish a shared secret key to be used by
Rivest, Shamir, and Adelman Signatures
(RSA)–A public-key cryptographic system used for authentication.
Internet Key Exchange (IKE)–A hybrid
protocol that provides setup utility services for IPSec, including
authentication of the IPSec peers, negotiation of IKE and IPSec security
associations (SAs), and establishment of keys for encryption algorithms used by
Certificate authority (CA)–Cisco router
and PIX Firewall support of CAs allows the IPSec-protected network to scale by
providing the equivalent of a digital ID card for each device.
Internet Security Association Key Management Protocol
(ISAKMP) is synonymous with IKE in Cisco router or PIX Firewall configuration
commands. The keyword ISAKMP is always used instead of IKE.