HIP Host Identity Protocol. October 2007 Patrik Salmela Ericsson

Transcription

1 HIP Host Identity Protocol October 2007 Patrik Salmela Ericsson

2 Agenda What is the Host Identity Protocol (HIP) What does HIP try to solve HIP basics Architecture The HIP base exchange HIP basic features Security, Mobility, Multi-homing HIP extensions Mobility/HIP Mobility/Network Mobility Different mobility solutions, Comparison of mobility solutions Implementation status Implementations, Usage of HIP today Standardization IETF drafts, IETF status Possible usage of HIP HIP Mobile Router demo presentation Conclusions Ericsson AB

3 Identifier-locator split In today s Internet IP address describes the topological location of the host IP address used for identifying the host In practice deliver packet to entity at the destination locator mobile host new IP address; changed locator, changed identity Room 123 Ericsson AB

4 Identifier-locator split In HIP IP address describes topological location of the host Host Identity used for identifying the host In practice deliver packet to, e.g., Host Identity Patrik mobile host new IP address; changed locator, same identity Room 123 Ericsson AB

5 Why HIP? HIP provides a combination of useful features: Identifier-locator split Security Mobility IPv4 and IPv6 interoperability Multi-homing Ericsson AB

6 Why HIP? They are (separately) available elsewhere but. IP addresses no longer work for identifying hosts IPsec is hard to configure Mobile IP is large and complex Mobile IPv4 and IPv6 do not work together No simple solutions for multi-access / multi-homing Ericsson AB

7 What is the Host Identity Protocol Architectural change to the TCP/IP stack A new layer between IP and transport New namespace of Host Identities (HI) HI = public key HI presented as hash values IPv6: Host Identity Tag (HIT), 128 bits IPv4: Local Scope Identifier (LSI), 32 bits Connections established between HIs Ericsson AB

8 What is the Host Identity Protocol The new Host Identity layer Sockets bound to HIs IPv6: HIT IPv4: LSI The Host Identity Layer translates HIs to IP addressess and vice versa Process Transport Host Identity IP layer Link layer < Host IP addr ID, port> Host ID IP address Ericsson AB

9 The layering in detail End-to-end, HIT Hop-by-hop, IP address Transport Layer IP layer IPsec HIP Fragmentation Forwarding v4/v6 bridge Multi-homing Mobility Link Layer Ericsson AB

10 HIP a new waist for TCP/IP Interoperability between IPv4 and IPv6 IPv6 checksum, HITs as IP addresses v4 app v6 app v4 app v6 app TCPv4 TCPv6 Host identity IPv4 IPv6 Link layer HIT IP TCPv4 TCPv6 Host identity IPv4 IPv6 Link layer Ericsson AB

11 Host Identity Protocol HIP packets I1, R1, I2, R2 Base exchange UPDATE change connection parameters Rekeying (e.g. SA lifetime expires) Setting up additional SAs Change in locators Deleting SAs CLOSE, CLOSE_ACK closing a HIP association NOTIFY Notification messages Ericsson AB

12 Host Identity Protocol HIP packets Packets consist of a HEADER and zero or more parameters HIP header: Next Header Payload Len Type VER. RES Controls Checksum Sender's Host Identity Tag (HIT) Receiver's Host Identity Tag (HIT) / HIP Parameters / / / Ericsson AB

13 Host Identity Protocol Parameters Parameters are coded in Type-Length-Value format For different purposes: Puzzle solution Diffie-Hellman Transforms Signatures HMACs... Ericsson AB

14 The HIP Base exchange 4-way handshake Creates a HIP association Authentication of hosts Negotiates security parameters Diffie-Hellman Establishes ESP security associations Algorithms Keys Opportunistic mode if responder s identity unknown Use only destination IP address in initialization, learn HI Ericsson AB

15 The HIP Base exchange DNS query resolving the responder s locator Initiator DNS Internet DNS query: Responder DNS response: HI, IP address Responder Ericsson AB

16 The HIP Base exchange I1 packet - initialization Initiator DNS Internet I1: Initialization, Hello, I m here. I want to talk HIP! Responder Ericsson AB

17 The HIP Base exchange R1 packet - Challenge Initiator DNS Internet R1: Challenge: Solve this puzzle Puzzle ESP SA initialization D-H initialization HI Responder Responder Ericsson AB

18 The HIP Base exchange I2 packet - puzzle solution Initiator DNS - Solve puzzle - Generate Internet keying material - Select ESP SPI I2: Challenge response Puzzle solution D-H parameters HI Initiator SPI Initiator Responder Ericsson AB

19 The HIP Base exchange R2 packet - finalizing connection setup Initiator DNS Internet R2: Connection setup finalization - Verify puzzle SPI Responder - Generate keying material - Select ESP SPI Responder Ericsson AB

20 The HIP Base exchange Initiator DNS Internet ESP Security Association Responder Ericsson AB

21 Security in HIP The Host Identity is a public key Prove the ownership using private key Used for host authentication and setting up HIP association Traffic protected with IPsec Encapsulating Security Payload (ESP) draft-ietf-hip-esp-06 New IPSec mode, BEET ESP SA establishment during HIP base exchange ESP SAs bound to HITs Ericsson AB

22 BEET A Bound End-to-End Tunnel (BEET) mode for ESP draft-nikander-esp-beet-mode-07 BEET mode augments the existing ESP tunnel and transport modes. end-to-end tunnels purpose is to provide limited tunnel mode semantics without the overhead IP addresses seen by the applications and the IP addresses used on the wire are distinct from each other BEET mode is intended to support new uses of ESP e.g. mobility and multi-address multi-homing Ericsson AB

23 Mobility in HIP Connections bound to constant Host Identities (HIs) Mobile host new locator (IP address) same connection endpoint (HI) Connections don t break Peer host informed of new locator (IP addr.) Mobility between IPv4 and IPv6 is supported Ericsson AB

24 HIP update Location update Location update message: Hi, I ve moved to over here Internet Can also be used for re-keying, with or without mobility MN HIP association established CN Ericsson AB

25 HIP update Reachability test Reachability test: Are you really there? MN Internet CN Ericsson AB

26 HIP update Reachability reply Reachability reply: Yes, I am here MN Internet CN Ericsson AB

27 The Mobility Protocol MN UPDATE: HITs, new locator(s), sig UPDATE: HITs, RR challenge, sig UPDATE: HITs, RR response, sig CN ESP protected TCP/UDP, no explicit HIP header Ericsson AB

28 Prevention against attacks HIP prevents against impersonation attacks HMAC quick and cheap verification SIGNATURE third party DoS attack (location update) Optional address check the host is where it is supposed to be making DoS expensive for the attacker (BEX) Initiator needs to solve puzzle Ericsson AB

29 Multihoming Mobile host has many addresses over time Multi-homed host has many addresses at the same time The presented mechanism can be used to ADD addresses multiple locators for reaching a host connections still bound to HIs Challenges source and destination address selection load balancing need to mesh SAs to avoid replay window problems IPsec SAs are symmetrically setup, but asymmetrical groups of addresses between hosts are possible updating keying material for a subset of SAs Ericsson AB

30 Multihoming Mobile host has many addresses over time Multi-homed host has many addresses at the same time The presented mechanism can be used to ADD addresses multiple locators for reaching a host connections still bound to HIs Challenges source and destination address selection load balancing need to mesh SAs to avoid replay window problems IPsec SAs are symmetrically setup, but asymmetrical groups of addresses between hosts are possible updating keying material for a subset of SAs Ericsson AB

31 Example Access MN IF1 IF2 Network #1 Access Internet CN Network #2 A Mobile Node (MN) having multiple connections over multiple interfaces toward a single correspondent node (CN). Ericsson AB

32 DNS based initial rendezvous How to find a moving end-point? Keys and/or HITs in DNS IP addresses in DNS PKI or DNSSEC needed to secure binding from DNS names to the keys DNS does not support mobility well caching DYNDNS is not considered to be fast enough Simultaneous movement problem A separate Rendezvous point is needed Ericsson AB

33 Benefits from using HIP Operators More controlled network Data requires HIP handshake first Protection against DoS and DDoS Resilience Integrated multi-homing No single points of failure Enterprises More secure firewalls Integrated mobility and multi-access Across IPv4 and IPv6 Individual users Supports home servers (NAT traversal) Configuration free baseline security Ericsson AB

34 Comparison of mobility solutions Solution Pros Cons Mobile IP Standard, implemented, available in products, mature Bottleneck: home agent, only node mobility, IPv4/6 separate NEMO Standard, implemented Bottleneck: home agent, triangular routing, only IPv6 subnet mobility SIP Standard, implemented Slow (a lot of signaling), only SIPbased applications NetLMM PMIP implemented by Cisco Ongoing standardization war, only edge mobility, to start with only IPv6 BGP (Connexion) HIP Based on standards, implemented by Boeing Experimental standard, IPv6+v4, implemented, incl. Base security A bit slow, only subnet mobility, loads BGP Not on official standards track, requires new infrastructure Ericsson AB