simple explanations for macsec and ipsec
-
06-02-2021 - |
题
I need to implement IPSEC and MACSEC transformations on ethernet packets (i.e. I don't need to deal with setting up parameters, security associations, or key exchange issues, just do the transformations on the packets when that is already known. Also I can nick GCM/AES implementations so I don't have to implement the actual ciphering either.)
Unfortunately I am just too stupid to understand the specifications.
Does anyone know of a nice simple explanation, designed for an idiot, with diagrams and concrete examples, of what the transformations are supposed to look like?
解决方案 2
This illustrated guide is good for IPSEC
http://unixwiz.net/techtips/iguide-ipsec.html
And this was invaluable for packing and unpacking IP headers.
http://www.daemon.org/ip.html#proto
There appears to be a bit of a gap in the market for MACSEC though.
其他提示
MACsec provides three sub-functions, namely:
- Encryption/decryption
- Integrity protection
- Replay protection
These sub-functions are negotiated with other stations using MACsec Key Agreement protocol (MKA).
MACsec uses MACsec Key Agreement protocol (MKA) for exchange and agreement of secure keys between supported devices. MKA uses the EAP framework specified in IEEE 802.1X-2010 forcommunication