IPSec based Virtual Private Network
Deepak Kumar Tawri,
M.Tech,
00,
42 pp.
Department of
Computer Science and Engineering
Indian Institute of Technology Bombay,
Powai, Mumbai 400 076.
Supervisor(s):
G. Sivakumar
A {\bf VPN (Virtual Private Network)} is a private network created
by {\it tunneling} encrypted packets through an IP-based
network, such as the Internet or an intranet.
This project concerns the development of a VPN based on
IPSec which is the standard protocol for encryption
and authentication services at IP layer.
In this report, we discuss various components of a simplistic VPN and
propose an architecture for the same. This has been used
to develop a prototype model of the VPN. Key issues related
to VPN, like {\it Key Management}
and {\it PKI} support have been discussed in detail.
An automatic key exchange method as part of IKE (Internet Key
Exchange) protocol has been implemented which uses {\it Public Key
Encryption} based authentication. Automatic key exchange
which uses Pre-shared key for authentication has also been used.
Implementation of {\it Secure DNS} has been
used as a public key repository which gives public key(s)
and public key certificate(s) of hosts on demand in authenticated manner.
Some of the experiments done over the developed VPN have been
explained at the end of report and system performance
has been analyzed on parameters like CPU overhead, increase
in packet size and increase in number of packets due to
fragmentation.