Protect Yourself Against Security Challenges with Next-Generation Encryption

Similar documents
Designing Network Encryption for the Future Emily McAdams Security Engagement Manager, Security & Trust Organization BRKSEC-2015

Cryptography and the Internet

About FIPS, NGE, and AnyConnect

FIPS Compliance of Industry Protocols in Edward Morris September 25, 2013

IPSec Transform Set Configuration Mode Commands

Cisco Exam Questions & Answers

Implementing Cisco Edge Network Security Solutions ( )

Elaine Barker and Allen Roginsky NIST June 29, 2010

IPSec Transform Set Configuration Mode Commands

IOS Common Cryptographic Module (IC2M)

Configuring LAN-to-LAN IPsec VPNs

Cisco VPN Internal Service Module for Cisco ISR G2

Network Working Group Request for Comments: 4869 Category: Informational May Suite B Cryptographic Suites for IPsec. Status of This Memo

FIPS Non-Proprietary Security Policy. Level 1 Validation Version 1.2

VPN Overview. VPN Types

AnyConnect Client Complains About Unsupported Cryptographic Algorithms When FIPS is Enabled

Satisfying CC Cryptography Requirements through CAVP/CMVP Certifications. International Crypto Module Conference May 19, 2017

Configuring Security for VPNs with IPsec

Acronyms. International Organization for Standardization International Telecommunication Union ITU Telecommunication Standardization Sector

TLS 1.1 Security fixes and TLS extensions RFC4346

NIST Cryptographic Toolkit

Cryptographic Knowledge Base

Message authentication codes

What is Suite B? How does it relate to Government Certifications?

LAN-to-LAN IPsec VPNs

Dell SonicWALL. NSA 220, NSA 220W and NSA 240. FIPS Non-Proprietary Security Policy

Security for VPNs with IPsec Configuration Guide, Cisco IOS XE Release 3S

Oracle Solaris Userland Cryptographic Framework Software Version 1.0 and 1.1

Configuring Internet Key Exchange Version 2

Security for VPNs with IPsec Configuration Guide, Cisco IOS Release 15S

Oracle Solaris Kernel Cryptographic Framework Software Version 1.0 and 1.1

Australasian Information Security Evaluation Program

Cisco 4451 X Integrated Services Router (ISR) (with PVDM4 32, PVDM4 64, PVDM4 128 and PVDM4 256)

FIPS Security Policy. for Marvell Semiconductor, Inc. Solaris 2 Cryptographic Module

Configuring Internet Key Exchange Version 2 and FlexVPN Site-to-Site

Securing IoT applications with Mbed TLS Hannes Tschofenig Arm Limited

RSA BSAFE Crypto-C Micro Edition Security Policy

Contents. Configuring SSH 1

BCA III Network security and Cryptography Examination-2016 Model Paper 1

IPsec and ISAKMP. About Tunneling, IPsec, and ISAKMP

IPsec and ISAKMP. About Tunneling, IPsec, and ISAKMP

Silent Circle Mobile Application Cryptographic Module

Security for VPNs with IPsec Configuration Guide, Cisco IOS Release 15M&T

Findings for

Introduction to Network Security Missouri S&T University CPE 5420 Data Integrity Algorithms

IPsec and ISAKMP. About Tunneling, IPsec, and ISAKMP

Slides by Kent Seamons and Tim van der Horst Last Updated: Oct 7, 2013

FIPS Security Policy

Scaling Acceleration Capacity from 5 to 50 Gbps and Beyond with Intel QuickAssist Technology

Secure channel, VPN and IPsec. stole some slides from Merike Kaeo

Implementing Cisco Secure Mobility Solutions

MACSec Security Service FIPS Validation. Richard Wang May 19, 2017 International Crypto Module Conference

Protocols, Technologies and Standards Secure network protocols for the OSI stack P2.1 WLAN Security WPA, WPA2, IEEE i, IEEE 802.1X P2.

UNCLASSIFIED INFORMATION TECHNOLOGY SECURITY GUIDANCE

The IPsec protocols. Overview

Symantec Corporation

Security for VPNs with IPsec Configuration Guide Cisco IOS Release 12.4T

TLS1.2 IS DEAD BE READY FOR TLS1.3

FIPS Non-Proprietary Security Policy. Cotap Cryptographic Module. Software Version 1.0. Document Version 1.4.

Remote Access IPsec VPNs

VPN, IPsec and TLS. stole slides from Merike Kaeo apricot2017 1

DataTraveler 5000 (DT5000) and DataTraveler 6000 (DT6000) Ultimate Security in a USB Flash Drive. Submitted by SPYRUS, Inc.

Cryptography and the Common Criteria (ISO/IEC 15408) by Kirill Sinitski

FlexVPN Between a Router and an ASA with Next Generation Encryption Configuration Example

Internet Engineering Task Force (IETF) Request for Comments: 6379 Obsoletes: 4869 Category: Informational October 2011 ISSN:

Demonstration Lecture: Cyber Security (MIT Department) Trusted cloud hardware and advanced cryptographic solutions. Andrei Costin

Updates: 2409 May 2005 Category: Standards Track. Algorithms for Internet Key Exchange version 1 (IKEv1)

Cisco VPN 3002 Hardware Client Security Policy

Assurance Activity Report (AAR) for a Target of Evaluation

Internet Engineering Task Force (IETF) Request for Comments: 7192 Category: Standards Track April 2014 ISSN:

NCP Secure Enterprise macos Client Release Notes

Security Requirements of FIPS PUB 140 & Reconfigurable Hardware. G. Bertoni Politecnico di Milano

CSE 127: Computer Security Cryptography. Kirill Levchenko

IKE and Load Balancing

IPsec and SSL/TLS. Applied Cryptography. Andreas Hülsing (Slides mostly by Ruben Niederhagen) Dec. 1st, /43

Encrypted Phone Configuration File Setup

Remote Access IPsec VPNs

Keep your fingers off my keys today & tomorrow

Datapath. Encryption

Enhanced Authentication Protocol EAP-TTLS using encrypted ECDSA

Acme Packet VME. FIPS Level 1 Validation. Software Version: E-CZ Date: July 20, 2018

Data Sheet. NCP Secure Entry Mac Client. Next Generation Network Access Technology

Computer Security: Principles and Practice

2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 1

Cisco Systems 5760 Wireless LAN Controller

Virtual Private Networks

Overview of TLS v1.3 What s new, what s removed and what s changed?

SMPTE Standards Transition Issues for NIST/FIPS Requirements

CSCE 715: Network Systems Security

Coming of Age: A Longitudinal Study of TLS Deployment

Virtual Private Network

IBM i Version 7.2. Security Virtual Private Networking IBM

Acronyms. International Organization for Standardization International Telecommunication Union ITU Telecommunication Standardization Sector

Dell Software, Inc. Dell SonicWALL NSA Series SM 9600, SM 9400, SM 9200, NSA FIPS Non-Proprietary Security Policy

Datapath. Encryption

Implementing Cisco Network Security (IINS) 3.0

Secure Extension of L3 VPN s over IP-Based Wide Area Networks

Cisco Live /11/2016

COMP4109 : Applied Cryptography

Internet Engineering Task Force (IETF) Request for Comments: 6194 Category: Informational. IECA P. Hoffman VPN Consortium March 2011

Transcription:

Protect Yourself Against Security Challenges with Next-Generation Encryption agrieco@cisco.com mcgrew@cisco.com

How to detect attacks? Malware Broken encryption 2

How to detect attacks? Malware Host Process Monitoring Network Monitoring Tripwire Antivirus Antimalware Product Security Bulletins Behavioral Analysis Broken encryption 3

Upgrades all crypto mechanisms Designed to meet security and scalability requirements of next two decades Standards based Available today 4

Cryptographic Mechanisms Encryption Data Authentication Key Establishment Signatures Hashing 5

Using cryptographic mechanisms in IPsec IKE_SA_INIT IKE_AUTH IKEv2 CREATE_CHILD_SA 6

Using cryptographic mechanisms in IPsec IKE_SA_INIT IKE_AUTH IKEv2 CREATE_CHILD_SA ESP ESP ESP 7

Authenticated Encryption Single algorithm provides both confidentiality and authentication in a single pass over data More efficient More secure 8

Authenticated Encryption - security issues solved On the (in)security of IPsec in MAC-then-encrypt configurations, Paterson, Degabriele, ACM CCS 2010. Attacking the IPsec Standards in Encryption-only Configurations, Degabriele and Paterson, IEEE Symposium on Privacy and Security, 2009. Security Flaws Induced by CBC Padding - Applications to SSL, IPSEC, WTLS..., Vaudenay, EUROCRYPT 2002. Problem Areas for the IP Security Protocols, Bellovin, USENIX Security, 1996. 9

Authenticated Encryption Authentication AES-GCM HMAC-SHA-2 Key Establishment ECDH Digital Signatures ECDSA Hashing SHA-2 Entropy SP800-90 Protocols TLSv1.2, IKEv2, IPsec, MACSec 10

Authenticated Encryption Authentication AES-GCM HMAC-SHA-2 Key Establishment ECDH Suite B Digital Signatures ECDSA Hashing SHA-2 Entropy SP800-90 Protocols TLSv1.2, IKEv2, IPsec, MACSec 11

Security Problems Solved by NGE 3DES 1GB limit HMAC-MD5 Theoretical attacks DH, RSA 1024-bit at risk RSA, DSA 1024-bit at risk MD5, SHA-1 Collision attacks Entropy Inconsistent quality TLS1.0, IKEv1 No AE, security issues 12

Key Strength Strong Weak Sources: Lenstra and Verheul, NIST 13

Hacker ($400) 14

Medium Organization ($300K) 15

Intelligence Agency 16

Key Strength 17

Algorithms Never Get Stronger SHA-1 Sources: FIPS-180-1, Wang, Yin, Yu 05, Cochran 07 18

Prevalent AES-128-CBC DH-1024 RSA-1024 SHA-1 19

128-bit Security Level ECDSA- AES-128-GCM ECDH-P256 SHA-256 P256 20

NGE higher security levels AES-256-GCM ECDH-P521 ECDSA- P521 SHA-512 AES-192-GCM ECDH-P384 ECDSA- P384 SHA-384 21

ECC Efficiency Signatures per second 10000 1000 100 RSA ECC 10 1 80 96 112 128 144 160 192 176 208 224 240 256 22

Implementations of NGE

NGE Enabled Encryption Architectures: Available Today GM3 GM4 ASA Firewall GM2 CSM / ASDM GM1 GM5 GM6... Remote Access VPNs GM9 GM8 GM7 KS Guest User Data sent in clear GETVPN* Authenticated User Encrypt Decrypt Site to Site, DMVPN, and FlexVPN Spok e-3 Supplicant with MACSec 802.1X &^*RTW#(*J^*&*sd#J$%UJ&( MACSec Link &^*RTW#(*J^*&*sd#J$%UJWD&( MACSec MACSec Capable Devices 24

Cisco NGE Enabled Products ISRG2 800 Series 1900 Series 2900 Series ISRG2 3900 Series VPN-ISM AnyConnect ASA 5505 ASA 5512-X ASA 5515-X ASA 5525-X ASA 5545-X ASA 5555-X ASA 5585 SSP-10 ASA 5585 SSP-20 ASA 5585 SSP-40 ASA 5585 SSP-60 Catalyst 3750-X Catalyst 3560-X Catalyst 45xx-E w/ Supervisor 7-E Catalyst 6500-E Nexus 7000 25

NGE Enabled IPSec VPNs NGE Capabilities Software Requirements Protocols: IPSEC with IKEv2 Cryptography: AES-GCM (128 and 256 bit keys) ECDSA (256 and 384) ECDH (256 and 384) SHA2 (256 and 384) Entropy: Hardware based RNGs For Cisco IOS devices: Cisco IOS releases >15.1(4)M For Cisco Adaptive Security Appliance: ASA 9.0 release For Cisco AnyConnect Secure Mobile Client: AnyConnect 3.1 26

NGE Enabled Encryption: High Speed, High Density MACsec AES-GCM for per frame encryption and authentication Supported at High speeds: Cisco Nexus 7000 Series Modules 2 Port 100 Gigabit Ethernet 6 Port 40 Gigabit Ethernet 24-Port 10 Gigabit Ethernet 48-Port Gigabit Ethernet Cisco Nexus 7000 M2-Series 2-Port 100 Gigabit Ethernet Module 27

Standards FIPS-197, SP800-38D, SP800-38, RFC5116 RFC2104, RFC4868, FIPS-198 RFC6090, SP800-56 RFC6090, FIPS-186-3 FIPS-180-2 SP800-90 IKEv2, IPsec, TLS1.2, IEEE 802.1 AE 28

NGE Benefits Upgrades the entire Crypto Suite Efficient at high security levels Addresses escalating threats Scalable to high speeds USG recommended crypto algorithms Subset of FIPS-140 Approved for sensitive information protection by global governments (US Government, UK Government) Included in many standards IPsec, TLS, MACSec 29

Conclusions Next Generation Encryption Highly Secure Scalable and Efficient Standards Based and Interoperable Available Today 30

BRKSEC-3009

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback