View
37
Download
0
Category
Tags:
Preview:
DESCRIPTION
CSCE 815 Network Security Lecture 13. IP Security (IPSec). March 4, 2003. PGP Homework. 5.4 page 159 Find PGP on SUNs (whereis, which, whatis, man-k) Construct a RSA based signing key Construct an encryption key Pick a partner from the class. - PowerPoint PPT Presentation
Citation preview
CSCE 815 Network Security CSCE 815 Network Security Lecture 13 Lecture 13CSCE 815 Network Security CSCE 815 Network Security Lecture 13 Lecture 13
IP SecurityIP Security
(IPSec)(IPSec)
March 4, 2003
– 2 – CSCE 815 Sp 03
PGP HomeworkPGP Homework
1.1. 5.4 page 1595.4 page 159
2.2. Find PGP on SUNs (whereis, which, whatis, man-k)Find PGP on SUNs (whereis, which, whatis, man-k)
3.3. Construct a RSA based signing keyConstruct a RSA based signing key
4.4. Construct an encryption keyConstruct an encryption key
5.5. Pick a partner from the class.Pick a partner from the class.
6.6. Send a signed but cleartext message to your Send a signed but cleartext message to your partner.partner.
7.7. Validate the signature of the received message.Validate the signature of the received message.
8.8. Send the key and an encrypted message to the Send the key and an encrypted message to the partner.partner.
9.9. Decrypt the message.Decrypt the message.
– 3 – CSCE 815 Sp 03
Chapter 6 – IP SecurityChapter 6 – IP Security
If a secret piece of news is divulged by a spy before If a secret piece of news is divulged by a spy before the time is ripe, he must be put to death, together the time is ripe, he must be put to death, together with the man to whom the secret was told.with the man to whom the secret was told.
——The Art of WarThe Art of War, Sun Tzu, Sun Tzu
– 4 – CSCE 815 Sp 03
OutlineOutline
Internetworking and Internet Protocols (Appendix 6A)Internetworking and Internet Protocols (Appendix 6A)
IP Security OverviewIP Security Overview
IP Security ArchitectureIP Security Architecture
Authentication HeaderAuthentication Header
Encapsulating Security PayloadEncapsulating Security Payload
Combinations of Security AssociationsCombinations of Security Associations
Key ManagementKey Management
– 5 – CSCE 815 Sp 03
TCP/IP Example (fig 6.13)TCP/IP Example (fig 6.13)
– 6 – CSCE 815 Sp 03
IP SecurityIP Security
have considered some application specific security have considered some application specific security mechanismsmechanisms eg. S/MIME, PGP, Kerberos, SSL/HTTPS
however there are security concerns that cut across however there are security concerns that cut across protocol layersprotocol layers
would like security implemented by the network for all would like security implemented by the network for all applicationsapplications
– 7 – CSCE 815 Sp 03
IPSecIPSec
general IP Security mechanismsgeneral IP Security mechanisms
providesprovides authentication confidentiality key management
applicable to use over LANs, across public & private applicable to use over LANs, across public & private WANs, & for the InternetWANs, & for the Internet
Internet Engineering Task Force (IETF) develops Internet Engineering Task Force (IETF) develops protocol standards for the internetprotocol standards for the internet
– 8 – CSCE 815 Sp 03
IPv4 HeaderIPv4 Header
– 9 – CSCE 815 Sp 03
IP version 4 FieldsIP version 4 Fields
Version (4 bits) the value is 0100 = 4Version (4 bits) the value is 0100 = 4
Internet Hedaer Length (IHL)(4) length of header in 32bit words. Internet Hedaer Length (IHL)(4) length of header in 32bit words. The minimum value is 5.The minimum value is 5.
Type of Service(8)Type of Service(8)
Total Length (16) Total IP packet length in octetsTotal Length (16) Total IP packet length in octets
Identification (16) sequence numberIdentification (16) sequence number
Flags(3) “more”, and “don’t fragment”Flags(3) “more”, and “don’t fragment”
Fragment offset (13) where is belongs in 64bit unitsFragment offset (13) where is belongs in 64bit units
Time to Live (TTL) (8) number of “seconds” for packet to liveTime to Live (TTL) (8) number of “seconds” for packet to live
ChecksumChecksum
Addresses 32 bit source and destination addressesAddresses 32 bit source and destination addresses
OptionsOptions
– 10 – CSCE 815 Sp 03
IPv6 HeaderIPv6 Header
– 11 – CSCE 815 Sp 03
IP version 6 FieldsIP version 6 Fields
Version (4 bits) the value is 0110 (6)Version (4 bits) the value is 0110 (6)
Traffic class (8) priority of this packet for routersTraffic class (8) priority of this packet for routers
Flow Label(20) label packets for special processing by Flow Label(20) label packets for special processing by routersrouters
Payload Length(16)Payload Length(16)
Next Header(8) – usually TCP or UDP or an IPv6 Next Header(8) – usually TCP or UDP or an IPv6 extensionextension
Hop limit (8)Hop limit (8)
Source Address(128=16 octets=4 words)Source Address(128=16 octets=4 words)
Destination address (128=16octets=4 words)Destination address (128=16octets=4 words)
– 12 – CSCE 815 Sp 03
IP Security OverviewIP Security Overview
IPSec is not a single protocol. Instead, IPSec IPSec is not a single protocol. Instead, IPSec provides a set of security algorithms plus a provides a set of security algorithms plus a general framework that allows a pair of general framework that allows a pair of communicating entities to use whichever communicating entities to use whichever algorithms provide security appropriate for the algorithms provide security appropriate for the communication.communication.
– 13 – CSCE 815 Sp 03
IP Security OverviewIP Security Overview
Applications of IPSecApplications of IPSec Secure branch office connectivity over the Internet Secure remote access over the Internet Establshing extranet and intranet connectivity with
partners Enhancing electronic commerce security
Virtual Private NetworksVirtual Private Networks http://www.howstuffworks.com/vpn.htm
Two protocolsTwo protocols
1.1. Authentication Header (AH) authentication protocolAuthentication Header (AH) authentication protocol
2.2. Encapsulating Security Protocol (ESP) combined Encapsulating Security Protocol (ESP) combined encryption/authentication protocolencryption/authentication protocol
– 14 – CSCE 815 Sp 03
IP Security ScenarioIP Security Scenario
– 15 – CSCE 815 Sp 03
IP Security ArchitectureIP Security Architecture
specification is quite complexspecification is quite complex
defined in numerous RFC’sdefined in numerous RFC’s RFC 2401 – overview of security architecture RFC 2402 – packet authentication extension RFC 2406 – packet encryption RFC 2408 – key management many others, grouped by category
mandatory in IPv6, optional in IPv4mandatory in IPv6, optional in IPv4
Figure 6.2 summarizes additional documentsFigure 6.2 summarizes additional documents
– 16 – CSCE 815 Sp 03
IPSec Document OverviewIPSec Document Overview
– 17 – CSCE 815 Sp 03
Benefits of IPSecBenefits of IPSec
in a firewall/router provides strong security to all traffic in a firewall/router provides strong security to all traffic crossing the perimetercrossing the perimeter
is resistant to bypassis resistant to bypass
is below transport layer, hence transparent to is below transport layer, hence transparent to applicationsapplications
can be transparent to end userscan be transparent to end users
can provide security for individual users if desiredcan provide security for individual users if desired
– 18 – CSCE 815 Sp 03
Routing Applications supportRouting Applications support
IPsec can play a vital role in routing architectureIPsec can play a vital role in routing architecture
Routing protocols such as OSPF run on top of IPSecRouting protocols such as OSPF run on top of IPSec
Benefits provided by IPSec for routing applicationBenefits provided by IPSec for routing application Router advertisement is valid Neighbor advertisement is avlid Verify redirect message come from the same router the
initial packet was sent from Validate routing update messages
– 19 – CSCE 815 Sp 03
IPSec ServicesIPSec Services
Access controlAccess control
Connectionless integrityConnectionless integrity
Data origin authenticationData origin authentication
Rejection of replayed packetsRejection of replayed packets a form of partial sequence integrity
Confidentiality (encryption)Confidentiality (encryption)
Limited traffic flow confidentialityLimited traffic flow confidentiality
Table 6.1 summarizes the services provided by AH and Table 6.1 summarizes the services provided by AH and ESPESP
– 20 – CSCE 815 Sp 03
Security AssociationsSecurity Associations
a one-way relationship between sender & receiver that a one-way relationship between sender & receiver that affords security for traffic flowaffords security for traffic flow
For two-way it requires two separate SAsFor two-way it requires two separate SAs
Uniquely defined by 3 parameters:Uniquely defined by 3 parameters: Security Parameters Index (SPI) this is carried in AH and
ESP headers IP Destination Address Security Protocol Identifier
has a number of other parametershas a number of other parameters Sequence number, AH & EH info, lifetime etc
have a database of Security Associationshave a database of Security Associations
– 21 – CSCE 815 Sp 03
SA ParametersSA Parameters
Sequence number counterSequence number counter
Sequence counter overflow flagSequence counter overflow flag
Anti-replay windowAnti-replay window
AH info: authentication algorithm, keys, key lifetimesAH info: authentication algorithm, keys, key lifetimes
ESP info: encryption and authentication algorithm, ESP info: encryption and authentication algorithm, keys, key lifetimeskeys, key lifetimes
Lifetime of this Security Association (SA)Lifetime of this Security Association (SA)
IPSec protocol mode: tunnel or transportIPSec protocol mode: tunnel or transport
Path MTU maximum transmission unitPath MTU maximum transmission unit
– 22 – CSCE 815 Sp 03
SA SelectorsSA Selectors
IPSec offers flexibility in selecting and applying SAs to IPSec offers flexibility in selecting and applying SAs to IP trafficIP traffic
Security Policy database (SPD)Security Policy database (SPD) SPD entries define a subset of the IP traffic and the SA that
should be applied to this traffic
– 23 – CSCE 815 Sp 03
Authentication Header (AH)Authentication Header (AH)
provides support for data integrity & authentication of provides support for data integrity & authentication of IP packetsIP packets end system/router can authenticate user/app prevents address spoofing attacks by tracking sequence
numbers
based on use of a MACbased on use of a MAC HMAC-MD5-96 or HMAC-SHA-1-96
parties must share a secret keyparties must share a secret key
– 24 – CSCE 815 Sp 03
IPSec ServicesIPSec Services
Access ControlAccess Control
Connectionless integrityConnectionless integrity
Data origin authenticationData origin authentication
Rejection of replayed packetsRejection of replayed packets
Confidentiality (encryption)Confidentiality (encryption)
Limited traffic flow confidentiallityLimited traffic flow confidentiallity
– 25 – CSCE 815 Sp 03
Transport Mode SATransport Mode SA Tunnel Mode SATunnel Mode SA
AHAH Authenticates IP payload and Authenticates IP payload and selected portions of IP header selected portions of IP header and IPv6 extension headersand IPv6 extension headers
Authenticates entire inner Authenticates entire inner IP packet plus selected IP packet plus selected portions of outer IP headerportions of outer IP header
ESPESP Encrypts IP payload and any Encrypts IP payload and any IPv6 extesion headerIPv6 extesion header
Encrypts inner IP packetEncrypts inner IP packet
ESP with ESP with authenticationauthentication
Encrypts IP payload and any Encrypts IP payload and any IPv6 extesion header. IPv6 extesion header. Authenticates IP payload but no Authenticates IP payload but no IP headerIP header
Encrypts inner IP packet. Encrypts inner IP packet. Authenticates inner IP Authenticates inner IP packet.packet.
– 26 – CSCE 815 Sp 03
Before applying AHBefore applying AH
– 27 – CSCE 815 Sp 03
Transport Mode (AH Authentication)Transport Mode (AH Authentication)
– 28 – CSCE 815 Sp 03
Tunnel Mode (AH Authentication)Tunnel Mode (AH Authentication)
– 29 – CSCE 815 Sp 03
Authentication HeaderAuthentication Header
Provides support for data integrity and Provides support for data integrity and authentication (MAC code) of IP packets.authentication (MAC code) of IP packets.
Guards against replay attacks.Guards against replay attacks.
– 30 – CSCE 815 Sp 03
End-to-end versus End-to-Intermediate AuthenticationEnd-to-end versus End-to-Intermediate Authentication
– 31 – CSCE 815 Sp 03
Encapsulating Security PayloadEncapsulating Security Payload
ESP provides confidentiality servicesESP provides confidentiality services
– 32 – CSCE 815 Sp 03
Encryption and Authentication AlgorithmsEncryption and Authentication AlgorithmsEncryption:Encryption:
Three-key triple DES RC5 IDEA Three-key triple IDEA CAST Blowfish
Authentication:Authentication: HMAC-MD5-96 HMAC-SHA-1-96
– 33 – CSCE 815 Sp 03
ESP Encryption and AuthenticationESP Encryption and Authentication
– 34 – CSCE 815 Sp 03
ESP Encryption and AuthenticationESP Encryption and Authentication
– 35 – CSCE 815 Sp 03
Combinations of Security AssociationsCombinations of Security Associations
– 36 – CSCE 815 Sp 03
Combinations of Security AssociationsCombinations of Security Associations
– 37 – CSCE 815 Sp 03
Combinations of Security AssociationsCombinations of Security Associations
– 38 – CSCE 815 Sp 03
Combinations of Security AssociationsCombinations of Security Associations
– 39 – CSCE 815 Sp 03
Key ManagementKey Management
Two types:Two types: Manual Automated
Oakley Key Determination Protocol Internet Security Association and Key Management Protocol
(ISAKMP)
– 40 – CSCE 815 Sp 03
OakleyOakley
Three authentication methods:Three authentication methods: Digital signatures Public-key encryption Symmetric-key encryption
– 41 – CSCE 815 Sp 03
ISAKMPISAKMP
– 42 – CSCE 815 Sp 03
Recommended ReadingRecommended Reading
Comer, D. Comer, D. Internetworking with TCP/IP, Volume I: Internetworking with TCP/IP, Volume I: Principles, Protocols and ArchitecturePrinciples, Protocols and Architecture. Prentic Hall, . Prentic Hall, 19951995
Stevens, W. Stevens, W. TCP/IP Illustrated, Volume 1: The TCP/IP Illustrated, Volume 1: The ProtocolsProtocols. Addison-Wesley, 1994. Addison-Wesley, 1994
Recommended