| By reaction to various types of attacks on the Internet, a commercial standard for secure networking has emerged. It implements the three basic functions of system authentication, data privacy, and data integrity. The government equivalent (HAIPE) combines more robust algorithms with IPSec type protocols. Counter-measures to IPSec and HAIPE continue to be developed. This paper presents the different functions of IPSec, compares them to HAIPE, and outlines some generic, implementation, and configuration vulnerabilities of the embedded protocols and fundamental algorithms. Some counter-counter-measures are also suggested. |