What is IPsec Encryption?

Instructor: David Whitsett

David has taught computer applications, computer fundamentals, computer networking, and marketing at the college level. He has a MBA in marketing.

IPsec encryption is a fundamental part of network communication. In this lesson, we'll see how it works. We will also discuss how networks function to illustrate how IPsec Encryption fits into the scheme of things.

Authentication and Encryption

Imagine two spies forced to have a conversation over an unsecure phone line. The first thing they'd want to do is make sure they're talking to the right person on the other end - let's call that authentication. So they exchange a greeting both recognize and now can begin talking. But someone may be listening in, so they have to use code words - let's call that encryption. An eavesdropper couldn't make sense of the code words and wouldn't understand the conversation.

IPsec encryption uses authentication (verification of identity and/or origin) and encryption (scrambling a message so that it has to be decoded to be understood) to send data across a network. IPsec (short for Internet Protocol Security) is one part of a protocol suite, which is a modular set of rules and standards for data transmission. The words suite and modular are used because different parts of the rules refer to different parts of sending data. For example, in addition to the rules about authentication and encryption, there are also rules about when a message is started and stopped, and rules for how programs talk to each other. These rules are also considered standards, because everyone using a network must agree to communicate within this framework in order for it to work at all. Think about it like this - if ten people walked into a room and all began shouting over each other in ten different languages, not much would get done!

Authentication within IPsec is handled via authentication headers (AH), which ensure the integrity and verify the origin (source) of the data. Think of an AH like a package address label that says where something came from and where it's supposed to go. Another part of the IPsec protocol suite is Encapsulating Security Payload (ESP), which works to ensure data confidentiality. Using the package example above, think of ESP as wrapping a box in plain brown paper so no one can tell from the outside what's in the box.

What Capabilities Does IPsec Encryption Have?

IPsec encryption is often used in setting up virtual private networks (VPNs). A VPN is used to send private information over a public network, like the Internet. Let's say you work for a company that allows you to work from home - you log into your company network via your Internet connection. IPsec encryption allows you to set up kind of a shielded tunnel - no one can tap into your data stream and the data is also encrypted, so even if someone got the data, it wouldn't be in usable form.

Without a key, stolen encrypted data is useless.
IPsec Encryption requires keysl

To unlock this lesson you must be a Study.com Member.
Create your account

Register to view this lesson

Are you a student or a teacher?

Unlock Your Education

See for yourself why 30 million people use Study.com

Become a Study.com member and start learning now.
Become a Member  Back
What teachers are saying about Study.com
Try it risk-free for 30 days

Earning College Credit

Did you know… We have over 160 college courses that prepare you to earn credit by exam that is accepted by over 1,500 colleges and universities. You can test out of the first two years of college and save thousands off your degree. Anyone can earn credit-by-exam regardless of age or education level.

To learn more, visit our Earning Credit Page

Transferring credit to the school of your choice

Not sure what college you want to attend yet? Study.com has thousands of articles about every imaginable degree, area of study and career path that can help you find the school that's right for you.

Create an account to start this course today
Try it risk-free for 30 days!
Create An Account
Support