simple explanations for macsec and ipsec
https://stackoverflow.com/questions/7636361
-
06-02-2021 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianPregunta
I need to implement IPSEC and MACSEC transformations on ethernet packets (i.e. I don't need to deal with setting up parameters, security associations, or key exchange issues, just do the transformations on the packets when that is already known. Also I can nick GCM/AES implementations so I don't have to implement the actual ciphering either.)
Unfortunately I am just too stupid to understand the specifications.
Does anyone know of a nice simple explanation, designed for an idiot, with diagrams and concrete examples, of what the transformations are supposed to look like?
Solución 2
This illustrated guide is good for IPSEC
http://unixwiz.net/techtips/iguide-ipsec.html
And this was invaluable for packing and unpacking IP headers.
http://www.daemon.org/ip.html#proto
There appears to be a bit of a gap in the market for MACSEC though.
Otros consejos
MACsec provides three sub-functions, namely:
- Encryption/decryption
- Integrity protection
- Replay protection
These sub-functions are negotiated with other stations using MACsec Key Agreement protocol (MKA).
MACsec uses MACsec Key Agreement protocol (MKA) for exchange and agreement of secure keys between supported devices. MKA uses the EAP framework specified in IEEE 802.1X-2010 forcommunication
