✕
Synopsys Software Integrity Group is now operating as Black Duck Software, Inc., a subsidiary of Synopsys. Click to learn more.
Sorry, not available in this language yet
English
日本語
简体中文
IPsec Test Suite Data Sheet
Test Suite:
IPsec Test Suite
Direction:
Client or Server
Internet Protocol security (IPsec) is a protocol framework that offers methods for securing and authenticating the IP packets that are traversing through the Internet network. IPsec supports peer authentication, data origin authentication, data integrity and data confidentiality. This test suite can be used to test IPsec implementations for security flaws and robustness problems. This test suite cannot be used in IPv6 networks, instead IPv6 test suite is the suite that can be used to test IPv6 IPsec implementations.
Used specifications
Specification
Title
Notes
RFC768
User Datagram Protocol
RFC791
Internet Protocol Specification
RFC792
Internet Control Message Protocol
RFC2402
IP Authentication Header
Obsoleted by RFC4302
RFC2406
IP Encapsulating Security Payload (ESP)
Obsoleted by RFC4303
RFC3173
IP Payload Compression Protocol (IPComp)
RFC3948
UDP Encapsulation of IPsec ESP Packets
RFC4106
The use of Galois/Counter Mode (GCM) in IPsec Encapsulating Security Payload (ESP)
RFC4302
IP Authentication Header
Obsoletes RFC2402
RFC4303
IP Encapsulating Security Payload (ESP)
Obsoletes RFC2406
RFC4304
Extended Sequence Number (ESN) Addendum to IPsec Domain of Interpretation (DOI) for Internet Security Association
RFC4305
Cryptographic Algorithm Implementation Requirements for Encapsulating Security Payload (ESP) and Authentication Header (AH)
RFC4868
Using HMAC-SHA-256, HMAC-SHA-384, and HMAC-SHA-512 with IPsec
RFC4494
The AES-CMAC-96 Algorithm and Its Use with IPsec
RFC4891
Using IPsec to Secure IPv6-in-IPv4 Tunnels
Tool-specific information
Tested message elements
Specifications
IPv4 header
RFC791
ICMP header
RFC792
IPComp header
RFC3173
Authentication header
RFC4302
Encapsulated Security Payload
RFC4303
Interoperability not verified with the following message groups
Sub-Group
NAT-Traversal Transport
ESP, Keep-Alive
NAT-Traversal Tunnel
ESP, Keep-Alive
Other features
Modes/Algorithms
IPsec tested with:
AH, ESP and AH+ESP both in transport and tunnel modes and with IPComp.
Supported AH authentication algorithms and ESP integrity algorithms: