Download - IPSec VPN
IPSec VPN
Avinash BhashyamAxel Christiansen
Group Number 1
Group Project Description• Internet Protocol Security (IPsec) is a
framework of open standards for ensuring private communication over the public network.
• The goal of the project is to Use IPsec to create a Virtual Private Network(VPN).
• The goal is to provide several types of data protection including confidentiality, integrity, data origin authentication, replay protection and access control.
Project Description (cont.)
• Tasks allocation• Avinash Bhashyam– Research (50%)– Programing (75%)– Report (25%)
• Axel Christiansen– Research (50%)– Programing (25%)– Report (75%)
Technical Details
• Confidentiality is provided by using encryption. The Encryption algorithm like the AES(CBC) will be used.
• Integrity checking is to be provided by using the HMAC-MD5.
• Authentication is provided by the pre-shared keys and Digital Signatures.
• Reply protection and the access control are to provide by periodically changing the pre-shared keys. The key exchange can be performed using the IKE-v2 protocol.
Technical Details (Cont.)
• The VPN can be setup in the following manner:– Android Phone to Android Phone– This where the Calling Android Phone is the control
for the VPN.• Software,: StrongSwan 4.5, Linux, Android 2.0
Emulator and Android SDK,.– C compiler.
• Hardware : Basic Computer with network conative and Android Phone.
. UMTS network architecture
Network Architecture
This is a mobile subscriber using a mobile station (MS) and attempting to establish a secure remote connection to a corporate Local Area Network (LAN), and access a remote server through the UMTS infrastructure. [1]
ISAKMP and IPsec SA negotiation
Notations definition
End-to-end VPN deployment scheme over UMTS
Risks and Benefits • Novel aspects of this project:• Setting up a IPsec VPN from mobile phones• Risks/challenges:• Processing power of the mobile is much lower than that of
a traditional computer.• Flaws in algorithms,software or configuration setting can
be exploited by attackers• Potential applications & benefits:• Data can be communicated securely over public networks.• Sophisticated Mobile Apps can be developed.
Tasks Accomplished by Now
• Project Goals Established.• Software defined• Downloaded SDK• Established what programmable language– C++ The SDK recommends other languages
• Picked up Android phone from professor.
Conclusion
• Successful implementation of the project has the potential to led to developing Sophisticated mobile applications.
• Project may lead to a potential public application.
Demo
• A project Demo will be preformed at the end of current semseter.
References
• [1] Xenakis, Christos, Merakos, Merakos (2004) Security and Performance in Wireless and Mobile Networks, Retruner on March 3, 2011 from Computer Communications Volume 27, Issue 17, 1 November 2004, Pages 1693-1708
End of Slide presentation
Are there any questions about the project?