Proposed a hybrid tunneling technique in VPN

number: 
2387
English
Degree: 
Author: 
Raghad Safi Mustafa
Supervisor: 
Dr. Mumtaz Mohammed Ali
year: 
2009

Abstract: The data security can be enhanced by using IPSec/VPN policies. In this work the task of encryption are integrated to provide the higher level of security services. The work has focused on the tunnel technique to be the core of the proposed VPN. A tunnel is a way to transfer data that can be enclosed by the corresponding tunnel protocol (IPSec tunnel mode). Raw socket software programming interface has been implemented to send and receive IP datagrams throughput the network. This technique provides the ability to fabricate the IP packets and to build the outer IP header in the tunneling design. The security suggested in this study depends on “proposed hybrid technique” which combines the strengths of symmetric and asymmetric ciphers, Rivest Cipher 5 (RC5) is used to implement the symmetric ciphers, Rivest, Shamir, Adleman (RSA) is used to implement the asymmetric ciphers and Message Digest 2 (MD2) is used to implement the hashing algorithm. IPSec architecture has been enhanced by the work to provide integrity and data origin authentication for IP datagrams. The developed header has been named the Augmented Security Header of IPSec protocol which provides authentication for the IP header as well as for upper level protocol data. The developed system in this work has been modeled using Visual C++ programming environment. Execution of the IPSec has been tested to determine performance levels. The network throughput has increased, this is because it requires more computing effort to route encrypted data while the efficiency of the packet reduced due to the complexity added to the header which led to increase its length.