The Evolution of IPsec - Invited Talk by Steven Bellovin

Explore the evolution of IPsec in this invited talk by Steven Bellovin from Columbia University, delivered at the Conference for Failed Approaches and Insightful Losses in Cryptology (CFAIL 2020). Delve into the history, structure, and scenarios of IPsec, examining its headers, integrity, encryption, and authentication methods. Analyze the state of cryptography, RFC developments, and organizational politics that influenced IPsec's development. Investigate the problems faced, lessons learned, and recent changes in IPsec implementation. Engage with thought-provoking questions on standards, universal authentication methods, and the future direction of network security.

Introduction
Slides
What is IPsec
Scenarios of IPsec
Generic structure
IPsec history
IPsec headers
IPsec integrity
Encryption
Swipe
IPsec
State of Cryptography
RFC 182529
Packet layouts
SPI
TCP
Authentication
Skip
Algorithms
Organizational politics
Final outcome
Problems
Properties of CFAIL
Assumptions
What can happen
Generating fullsize packets
What went wrong
IPsec is back
New packet formats
IP header
IETF
Other IPsec changes
Lessons
Did we succeed
Questions
Usenet
S HTTP
Policy Question
Personal Question
Applications vs Network Layer
TLS Encryption
Are we going in the right direction
Are standards dying
Universal method of authentication
Google Play Services