Lecture 5 ip security

Blekinge Institute of Technology

IP Security

Outline

• Passive Attacks
• IP Security Overview
 IP Security Architecture
 Security Associations (SA)
 Authentication Header
 Encapsulating Security Payload (ESP)
• Internet Key Exchange
 Key Management Protocosl
– Oakley
– ISAKMP
 Authentication Methods
– Digital signatures
– Public Key Encryption
– Symmetric Key Encryption

Network Security
2

Recommended TCP/IP Reading

• Comer, D. Internetworking with TCP/IP, Volume I:
Principles, Protocols and Architecture. Prentic Hall, 1995

• Stevens, W. TCP/IP Illustrated, Volume 1: The Protocols.
Addison-Wesley, 1994

Network Security
3

Passive Attacks

ET1318 - Network Security
4

Interception

Source Dest

Darth

This is an attack on confidentiality

ET1318 - Network Security
5

TCP/IP Example

Network Security
6

IP Security (Ipsec) Overview
• General framework that allows a pair of communicating entities to
use a set of algorithm for secure communication.

• Not a single protocol but Protocol suite for securing Internet Protocol
(IP) communications by
 authenticating
 encrypting
each IP packet of a communication session.

• includes protocols for establishing mutual authentication between a
pair of communicating entities at the
 beginning of the session
 negotiation of cryptographic keys to be used during the session.

Network Security
7

IP Security Overview
• Encrypt and/or authenticate all traffic at IP level. Thus, applications,
e-mail, file transfer, WEB access can be secured.
 Applications do not need to be specifically designed to use IPsec.

• Applications of IPSec/VPN
 Secure branch office connectivity over the Internet
 Secure remote access over the Internet
 Establishing connectivity with partners
 Enhancing electronic commerce security

Network Security
8

IP Security Scenario

Network Security
9

IP Security Overview

• Benefits of IPSec
 Transparent to applications (below transport layer (TCP, UDP))
 Provide security for individual users

• IPSec can assure that:
 A router or neighbor advertisement comes from an authorized router
 A redirect message comes from the router to which the initial packet was
sent
 A routing update is not forged

Network Security
10

IP Security Architecture

• IPSec documents:
 RFC 2401: An overview of security architecture
 RFC 2402: Description of a packet authentication extension to IPv4 and
IPv6
 RFC 2406: Description of a packet encryption extension to IPv4 and
IPv6
 RFC 2408: Specification of key management capabilities

• IPsec uses the following protocols to perform various functions
 Authentication Headers (AH)
 Encapsulating Security Payloads (ESP)
 Security associations (SA)

Network Security
11

IPSec modes of operation

• IPSec can be implemented in a
 host-to-host transport mode
– Only the payload of the IP packet is encrypted and/or authenticated.
– The routing is intact, since the IP header is neither modified nor encrypted.
– Transport mode is used for host-to-host communications.

 network tunnel mode
– The entire IP packet is encrypted and/or authenticated. It is then encapsulated
into a new IP packet with a new IP header.
– Tunnel mode is used to create virtual private networks (VPN) for network-to-
network communications (e.g. between routers to link sites), host-to-network
communications (e.g. remote user access), and host-to-host communications
(e.g. private chat).

Network Security
12

Security associations (SA)

• A security association is simply the bundle of algorithms and
parameters (such as keys)
 used to encrypt and authenticate a particular flow in one direction (AH and/or ESP
operations).
 In bi-directional traffic, the flows are secured by a pair of security associations.

• Security associations are established using the ISAKMP (Internet
Security Association and Key Management Protocol)
 ISAKMP defines the procedures for authenticating a communicating peer, creation
and management of Security Associations, key generation techniques, and threat
mitigation (e.g. denial of service and replay attacks).(From Wikipedia)

Network Security
13

Security Associations (SA)

• A one way relationship between a sender and a receiver.
• To decide what protection - for an outgoing packet, Ipsec is
identified by three parameters:
 Security Parameter Index (SPI)
 IP Destination address
 Security Protocol Identifier (is it an AH or an ESP?)
(Similar procedure for an incoming packet)

Network Security
14

SA Parameters

• A SA is defined by the following parameters:
 Sequence Number Counter
 Sequence Counter Overflow
 Anti-replay Window
 AH Information
 ESP Information
 Lifetime of this SA
 IPSec protocol mode (Tunnel or Transport?)
 Path MTU

Network Security
15

Combinations of Security Associations

Network Security
16


Network Security
17


Network Security
18


Network Security
19

IPSec Document Overview

Network Security
20

Authentication Header

• Access Control
• Integrity
• Data origin authentication
• Rejection of replayed packets
• Confidentiality (encryption)

Network Security
21

Before applying AH

Network Security
22

Transport Mode (AH Authentication)

Network Security
23

Tunnel Mode (AH Authentication)

Network Security
24

End-to-end versus End-to-Intermediate
Authentication

Network Security
25

Encapsulating Security Payload
• Provides
 origin authenticity
 integrity
 confidentiality protection of packets.

• ESP supports encryption-only and authentication-only
 using encryption without authentication is strongly discouraged
because it is insecure
• ESP does not protect the IP packet header.
• Tunnel Mode :
 the entire original IP packet is encapsulated with a new packet
header added
 ESP protection is afforded to the whole inner IP packet (including
the inner header) while the outer header remains unprotected.
• ESP provides confidentiality services

Network Security
26

Encapsulating Security Payload

Network Security

Encryption and Authentication Algorithms

• Encryption:
 Three-key triple DES
 RC5
 IDEA
 Three-key triple IDEA
 CAST
 Blowfish
 AES
 NULL
• Authentication:
 HMAC-MD5-96
 HMAC-SHA-1-96

Network Security
28

ESP Encryption and Authentication

Network Security
29

ESP Encryption and Authentication

Network Security
30

IPsec Operation Matrix

Transport Mode SA Tunnel Mode SA
AH Authenticates IP payload Authenticates entire inner
and selected portions of IP IP packet plus selected
header and IPv6 extension portions of outer IP header
headers

ESP Encrypts IP payload and any Encrypts inner IP packet
IPv6 extension header

ESP with Encrypts IP payload and any Encrypts inner IP packet .
authentication IPv6 extension header. Authenticates inner IP
Authenticates IP payload but packet
no IP header

Network Security
31

Internet Key Exchange

• Involves the determination and distribution of secret keys
 Require four keys : transmit and recieve pairs for both integrity and
confidentiality.

• Two types:
 Manual : System administrator manually configures each system with its
own keys and with keys of other communicating system

 Automated : Enables on-demand creation of keys for SAs
– Oakley Key Determination Protocol
– Internet Security Association and Key Management Protocol (ISAKMP)

Network Security
32


• Key Management Protocols
• Oakley Key Determination Protocol : (Reading Assignment)
 The Oakley Key Determination Protocol is a key-agreement protocol that
allows authenticated parties to exchange keying material across an
insecure connection using the Diffie-Hellman key exchange algorithm.
 Based on Diffie-Hellman algorithm
 Generic : doesn’t provide specific format

• Internet Security Association and Key Management Protocol
(ISAKMP)
 The ISAKMP provides a framework for authentication and key exchange,
with actual authenticated keying material
 Provides a framework for Internet Key management
 Provides specific protocol support such as formats

Network Security
33

ISAKMP

• A protocol defined for establishing Security Associations (SA) and
cryptographic keys in an Internet environment.

• ISAKMP only provides a framework for authentication and key
exchange and is designed to be key exchange independent;
protocols

• ISAKMP defines the procedures
 for authenticating a communicating peer
 creation and management of Security Associations
 key generation techniques,
 threat mitigation (e.g. denial of service and replay attacks).

Network Security
34

ISAKMP

• ISAKMP defines payloads for exchanging key generation and
authentication data.

• ISAKMP is distinct from key exchange protocols
 There may be many different key exchange protocols, each with
different security properties.
– common framework is required for agreeing to the format of SA attributes, and
for negotiating, modifying, and deleting SAs.
 ISAKMP serves as this common framework.

Network Security

ISAKMP

• A Preliminary SA is formed using this protocol; later a fresh keying is
done.

• ISAKMP can be implemented over any transport protocol.

• All implementations must include send and receive capability for
ISAKMP using UDP on port 500.

Network Security

ISAKMP

Network Security
37

ISAKMP Payload Types

• Key Exchange Payload
• Certificate Payload (transfers a public key certificate)
• Notification Payload (error messages)
• Responder-Lifetime
• Hash Payload
• Signature Payload

Network Security
38


• Three authentication methods
 Digital signatures :(Reading Assignment)
– a mathematical scheme for demonstrating the authenticity of a
digital message or document
• Exchange is authenticated by signing a mutually obtainable hash
• Each party encrypts the hash with its private key
• Hash is generated over important parameters such as user ID

 Public Key Encryption
– The exchange is authenticated by encrypting parameters such as
Ids with senders private key

 Symmetric Key Encryption
– A key derived by some mechanism can be used to authenticate the
exchange by symmetric encryption of exchange parameters.

Network Security
39

Public-Key Encryption

 Public-key encryption
– involves the use of asymmetric key algorithms
– does not require a secure initial exchange of one or more secret
keys to both sender and receiver.
– related key pair: a secret private key and a published public key.

Network Security

Public-Key Encryption

Network Security
41

Authentication using Public-Key System

Network Security
42

Symmetric Key Cryptography

 Symmetric-key encryption
– Uses identical, cryptographic keys for both decryption and encryption
etc.
– shared secret between two or more parties that can be used to
maintain a private information link.
– Other terms for symmetric-key encryption are single-key, shared-key,
one-key encryption.
– Symmetric-key algorithms can be divided into
• stream ciphers: Stream ciphers encrypt the bits of the message one at a
time
• block ciphers: block ciphers take a number of bits and encrypt them as a
single unit. Blocks of 64 bits have been commonly used.

Network Security
43

Symmetric Key Cryptography

Network Security
44

Interesting Research Areas

• DoS attacks
 Resource exhaustion

• Policy conflicts
 SA bundles

• Additional Readings
 http://www.unixwiz.net/techtips/iguide-ipsec.html
http://technet.microsoft.com/en-us/network/bb531150
http://www.tcpipguide.com/free/t_IPSecurityIPSecProtocols.htm
 http://technet.microsoft.com/en-us/library/bb742429.aspx (If you are
interested in practical)

Network Security
45

Lecture 5 ip security

Recomendados

Recomendados

Mais conteúdo relacionado

Mais procurados

Mais procurados (20)

Destaque

Destaque (6)

Semelhante a Lecture 5 ip security

Semelhante a Lecture 5 ip security (20)

Mais de rajakhurram

Mais de rajakhurram (14)

Último

Último (20)

Lecture 5 ip security