EESP: A Security protocol that supports QoS management

In order to effectively manage network resources and to serve different traffic needs, several works have been done in the QoS area. Basically, ldquomulti-field (MF) packet classifiersrdquo classify a packet by looking for multiple fields of the IP/TCP headers, recognize which flow the packet belongs to, and according to this information, provide service differentiation in IP networks. However, for security purposes, existing security protocols (such as the IPSec Encapsulating Security Payload (ESP) algorithm) hides much of this information in their encrypted payloads, preventing network control devices such as routers and switches from utilizing this information in performing classification appropriately. The ESPQ (ESP considered QoS) protocol deals with this problem but unfortunately, it has some security weaknesses. In this paper we present the ESPQ vulnerabilities and we propose EESP (Enhanced encapsulated security payload) as a security protocol that provides both security and QoS.