ESP provides encryption, authentication, and integrity for IP packets. It operates on a per-packet basis (ESP header and trailer encapsulate the payload) and supports transport and tunnel modes. The ESP packet fields include the SPI, sequence number, payload, padding, pad length, and ICV. ESP packet processing at the sender involves lookup SA, encryption, authentication, and sequencing. At the receiver, it involves verification of decryption, authentication and sequencing. ESP aims to provide data origin authentication, confidentiality, and traffic flow confidentiality with anti-replay detection.

1. ENCAPSULATING SECURITY PAYLOAD
Submitted to
PROF. ANUPAMA S
Assistant Professor
Dept of E&C, SJCE
CRYPTOGRAPHY AND NETWORK SECURITY
EC743
1. Ajay M
2.P Sudarshan Yadav
3.Rishitha R Gowda
4.Surya Ms
01JST19EC005
01JST19EC057
01JST19EC070
01JST19EC089
Presented by

2. OUTLINE
 Introduction
 ESP Overview
 ESP Packet Format
 ESP Fields
 ESP Modes
 ESP packet processing
 Why ESP?
 Security Considerations
 ESP Performance Impacts
 Conclusion

3. INTRODUCTION
• Internet Protocol Security (IPsec): A security
function implemented at the IP level of the
protocol stack.
• Security Association (SA): is used to track a
given communication session. It defines the
information about the traffic security protocol,
the authentication algorithm, and the encryption
algorithm to be used. Also, it gives the
information on data flow, lifetime of the SA and
sequence numbering to guard against replay
attacks.

4. ESP OVERVIEW
• ESP protocol is used in an IPsec transmitted over IP.
• ESP is identified by protocol number 50.
• ESP provides optional services to provide the protection for
anything such as authentication, encryption, and integrity check for
IP datagrams. It operates on a per-packet basis.
Encryption scrambles the data packet to prevent unauthorized
people from reading the message.
Authentication verifies that the source address was not forged.
Anti replay mechanism ensures the packet was not tampered while
in route to its destination.

5. ESP PACKET FORMAT
There is an ESP header, an ESP trailer, and ESP authentication data. The
payload is located (encapsulated) between the header and the trailer, which
gives the protocol its name.

6. PACKET FIELDS
The ESP packet contains the following fields:
 Security Parameters Index (32 bits): Identifies a security association.
 Sequence Number (32 bits): A monotonically increasing counter value; this provides
an anti-replay function, as discussed for AH.
 Payload Data (variable): This is a transport-level segment (transport mode) or IP
packet (tunnel mode) that is protected by encryption.
 Padding (0–255 bytes): The purpose of this field is to add bits to fill block size.
 Pad Length (8 bits): Indicates the number of pad bytes immediately preceding this
field.
 Next Header (8 bits): Identifies the type of data contained in the payload data field by
identifying the first header in that payload.
 Integrity Check Value (variable): A variable-length field (must be an integral number
of 32-bit words) that contains the Integrity Check Value computed over the ESP packet
minus the Authentication Data field.

7. ESP MODES
• Transport Mode
Here the ESP header is inserted immediately after the IP header.
The ESP trailer and the optional authentication data are
appended to the payload. In transport mode, ESP neither
authenticates nor encrypts the IP header. But this mode has a
low computational overhead.

8. ESP MODES
• Tunnel Mode
Here, a new IP packet is made with a new IP header. ESP/Transport is then
applied and the original datagram is the payload for the new packet. If
authentication and encryption have been initiated, the packet is protected.
However, the new IP header is not protected.

9. ESP PACKET PROCESSING
Sender Processes:
1. Look up SA
2. Packet encryption and authentication data
3. Generate sequence number
 Encapsulate the original next layer protocol information or the entire original IP
datagram
 Add necessary padding
 Encrypt the result using the key and encryption algorithm mode specified in SA
 Compute the authenticate data over the ESP packet using hash functions.

10. ESP PACKET PROCESSING
• Receiver Processes:
1. Determines the appropriate SA
2. Verify sequence number
3. Verify the decryption and authentication
 Decrypts and integrity check the ESP payload data, padding, pad length, and next
header using the key, algorithm, algorithm mode indicated by SA
 If the check fail, discard the packet and log the SPI value, date/time received,
source address, destination address, the sequence number.
 Extract the original IP datagram or transport-layer frame from the ESP Payload
Data field.

11. WHY ESP?
 Data origin authentication is a security service that verifies
the identity of the claimed source of data
 Confidentiality is the security service that protects data from
unauthorized parties.
 The disclosure of external characteristics of communication,
also known as the traffic-flow confidentiality that is support
by concealing source and destination addresses, message
length, or frequency of communication.
 Anti-replay detects arrival of duplicate IP datagram (using
sliding receive window). It is supported by the sequence
number which is an unsigned 32-bit field contains a
monotonically increasing counter value in ESP header

12. SECURITY CONSIDERATIONS
The quality of the security provides by this ESP mechanism
depends on
The strength of the implemented cryptographic algorithms
The strength of the key being used
The correct implementation of the cryptographic algorithms
The security of the key management protocol
The correct implementation of IP
Several security mechanisms in all of the participating systems.
The ESP protocol is described as a security service focuses only
on the IP layer not solves the security of the entire system.

13. PERFORMANCE IMPACTS
The encapsulating security approach used by ESP can
noticeably impact network performance in participating
systems
1. Protocol processing in participating systems will be more
complex when encapsulating security is used, requiring both
more time and more processing power.
2. Use of encryption will also increase the communications
latency. The increased latency is primarily due to the
encryption and decryption required for each IP datagram
containing an Encapsulating Security Payload

14. CONCLUSION
• Encapsulating Security Payload covers packet format
and general issues for packet encryption. It offers the
security service at the IP layer. Hence, it could be used
in the conjunction with other security mechanisms in
designing robust distributed systems.