Paper 2006/097

A Cryptographic Tour of the IPsec Standards

Kenneth G. Paterson


In this article, we provide an overview of cryptography and cryptographic key management as they are specified in IPsec, a popular suite of standards for providing communications security and network access control for Internet communications. We focus on the latest generation of the IPsec standards, recently published as Request for Comments 4301–4309 by the Internet Engineering Task Force, and how they have evolved from earlier versions of the standards.

Note: Cryptography is only one part of the IPsec puzzle. However, getting the cryptography right is vital in ensuring that IPsec delivers the security expected of it. We hope that this article will open up the new family of IPsec RFCs to a wider range of cryptographic researchers, encouraging them to work in a fascinating area located at the boundary between theory and practice.

Available format(s)
Publication info
Published elsewhere. To appear in "Information Security Technical Report", Elsevier
IPsecnetwork securitycryptographykey management
Contact author(s)
kenny paterson @ rhul ac uk
2006-04-18: revised
2006-03-12: received
See all versions
Short URL
Creative Commons Attribution


      author = {Kenneth G.  Paterson},
      title = {A Cryptographic Tour of the IPsec Standards},
      howpublished = {Cryptology ePrint Archive, Paper 2006/097},
      year = {2006},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.