IPSec. Overview. Overview. Levente Buttyán

Similar documents
The IPsec protocols. Overview

IPSec. Slides by Vitaly Shmatikov UT Austin. slide 1

CSCE 715: Network Systems Security

IP Security. Have a range of application specific security mechanisms

CSC 6575: Internet Security Fall 2017

Cryptography and Network Security. Sixth Edition by William Stallings

CIS 6930/4930 Computer and Network Security. Topic 8.1 IPsec

Cryptography and Network Security Chapter 16. Fourth Edition by William Stallings

Chapter 6. IP Security. Dr. BHARGAVI H. GOSWAMI Department of Computer Science Christ University

Virtual Private Networks (VPN)

Chapter 6/8. IP Security

The Internet community has developed application-specific security mechanisms in a number of application areas, including electronic mail (S/MIME,

Lecture 13 Page 1. Lecture 13 Page 3

IP Security. Cunsheng Ding HKUST, Kong Kong, China

Chapter 11 The IPSec Security Architecture for the Internet Protocol

Lecture 12 Page 1. Lecture 12 Page 3

The IPSec Security Architecture for the Internet Protocol

IP Security Part 1 04/02/06. Hofstra University Network Security Course, CSC290A

Virtual Private Network

INFS 766 Internet Security Protocols. Lectures 7 and 8 IPSEC. Prof. Ravi Sandhu IPSEC ROADMAP

CSE509: (Intro to) Systems Security

INTERNET PROTOCOL SECURITY (IPSEC) GUIDE.

Protocols, Technologies and Standards Secure network protocols for the OSI stack P2.1 WLAN Security WPA, WPA2, IEEE i, IEEE 802.1X P2.

Junos Security. Chapter 8: IPsec VPNs Juniper Networks, Inc. All rights reserved. Worldwide Education Services

IP Security IK2218/EP2120

IPsec (AH, ESP), IKE. Guevara Noubir CSG254: Network Security

Lecture 33. Firewalls. Firewall Locations in the Network. Castle and Moat Analogy. Firewall Types. Firewall: Illustration. Security April 15, 2005

Cryptography and secure channel. May 17, Networks and Security. Thibault Debatty. Outline. Cryptography. Public-key encryption

Internet Security. - IPSec, SSL/TLS, SRTP - 29th. Oct Lee, Choongho

Chapter 5: Network Layer Security

IPSec implementation for SCTP

Lecture 9: Network Level Security IPSec

Internet security and privacy

8. Network Layer Contents

Cryptography and Network Security

Table of Contents 1 IKE 1-1

VPN and IPsec. Network Administration Using Linux. Virtual Private Network and IPSec 04/2009

IP Security Discussion Raise with IPv6. Security Architecture for IP (IPsec) Which Layer for Security? Agenda. L97 - IPsec.

COSC4377. Chapter 8 roadmap

Firewalls, Tunnels, and Network Intrusion Detection

Secure channel, VPN and IPsec. stole some slides from Merike Kaeo

Parallelizing IPsec: switching SMP to On is not even half the way

Network Security IN2101

IBM i Version 7.2. Security Virtual Private Networking IBM

Computer Security 3e. Dieter Gollmann. Security.di.unimi.it/sicurezza1415/ Chapter 16: 1

CSC 4900 Computer Networks: Security Protocols (2)

Network Security (NetSec) IN2101 WS 16/17

Configuration of an IPSec VPN Server on RV130 and RV130W

Chapter 32 Security in the Internet: IPSec, SSL/TLS, PGP,

VPN, IPsec and TLS. stole slides from Merike Kaeo apricot2017 1

Use of IPSec in Mobile IP

IPv6 Protocol. Does it solve all the security problems of IPv4? Franjo Majstor EMEA Consulting Engineer Cisco Systems, Inc.

IPsec Working Group. Expires January 2003 July IP Authentication Header draft-ietf-ipsec-rfc2402bis-01.txt. Status of This Memo

How to Configure an IPsec VPN to an AWS VPN Gateway with BGP

Network Security: IPsec. Tuomas Aura

How to Configure an IKEv1 IPsec VPN to an AWS VPN Gateway with BGP

How to Configure an IKEv1 IPsec VPN to an AWS VPN Gateway with BGP

VPN Overview. VPN Types

Network Security - ISA 656 IPsec IPsec Key Management (IKE)

Network Working Group Request for Comments: November 1998

Network Working Group. Obsoletes: 2402 December 2005 Category: Standards Track

How to Configure Forcepoint NGFW Route-Based VPN to AWS with BGP TECHNICAL DOCUMENT

IPsec and SSL/TLS. Applied Cryptography. Andreas Hülsing (Slides mostly by Ruben Niederhagen) Dec. 1st, /43

IPsec Working Group. draft-ietf-ipsec-rfc2402bis-05.txt September 2003 Expires March IP Authentication Header draft-ietf-ipsec-rfc2402bis-05.

IKE and Load Balancing

Configuring Security for VPNs with IPsec

CONTENTS. vii. Chapter 1 TCP/IP Overview 1. Chapter 2 Symmetric-Key Cryptography 33. Acknowledgements

Virtual Private Networks

Voice over IPSec. Emilia Rosti Dip. Informatica e Comunicazione Univ. Degli Studi di Milano

IPSec VPN Setup with IKE Preshared Key and Manual Key on WRVS4400N Router

IPSec. Dr.Talal Alkharobi. IPsec (IP security)

Packetization Layer Path Maximum Transmission Unit Discovery (PLPMTU) For IPsec Tunnels

Princess Nora Bint Abdulrahman University College of computer and information sciences Networks department Networks Security (NET 536)

Lehrstuhl für Netzarchitekturen und Netzdienste Fakultät für Informatik Technische Universität München. ilab. Lab 8 SSL/TLS and IPSec

INF3510 Information Security University of Oslo Spring Lecture 9 Communication Security. Audun Jøsang

Pre-Fragmentation for IPSec VPNs

IPsec NAT Transparency

IPSec Site-to-Site VPN (SVTI)

Computer Security 3e. Dieter Gollmann. Security.di.unimi.it/sicurezza1516/ Chapter 16: 1

Virtual Private Networks

Int ernet w orking. Internet Security. Literature: Forouzan: TCP/IP Protocol Suite : Ch 28

BCRAN. Section 9. Cable and DSL Technologies

How to Configure IPSec Tunneling in Windows 2000

Application Layer. Presentation Layer. Session Layer. Transport Layer. Network Layer. Data Link Layer. Physical Layer

VPNs and VPN Technologies

Sharing IPsec with Tunnel Protection

Packet Header Formats

RFC 430x IPsec Support

Distributed Systems. 27. Firewalls and Virtual Private Networks Paul Krzyzanowski. Rutgers University. Fall 2013

The First Puzzle Piece: The Authentication Header

IPSec Transform Set Configuration Mode Commands

KB How to Configure IPSec Tunneling in Windows 2000

Network Encryption 3 4/20/17

The Internet Security Protocol, IPsec, incorporates security for network transmission

CS 356 Internet Security Protocols. Fall 2013

Sample excerpt. Virtual Private Networks. Contents

IPSECv6 Peach Pit User Guide. Peach Fuzzer, LLC. v3.7.50

IPsec NAT Transparency

Time Synchronization Security using IPsec and MACsec

Configuring Internet Key Exchange Security Protocol

Transcription:

IPSec - brief overview - security associations (SAs) - Authentication Header (AH) protocol - Encapsulated Security Payload () protocol - combining SAs (examples) Overview Overview IPSec is an Internet standard for network layer security provides protection for IP and protocols above (ICMP, TCP, ) allows selection of the required security services and algorithms puts in place the necessary cryptographic keys can be applied between a pair of hosts, between a pair of security gateways (e.g., firewalls), and between a host and a gateway components: an authentication protocol (Authentication Header AH) a combined encryption and authentication protocol (Encapsulated Security Payload ) key management protocols (ISAKMP and IKE) these protocols can be applied alone or in combination with each other possible ways to implement IPSec: integration into the native IP stack implementation bump-in-the-stack (BITS): between IP and the network driver bump-in-the-wire (BITW): a separate HW device (security gateway) 2 1

IPSec services AH (encryption only) (encryption and authentication) integrity origin authentication replay detection confidentiality limited traffic flow confidentiality Overview 3 Modes of operation transport mode provides protection primarily for upper layer protocols protection is applied to the payload of the IP packet in transport mode encrypts and optionally authenticates the IP payload but not the IP AH in transport mode authenticates the IP payload and selected fields of the IP used between end-systems Overview tunnel mode provides protection to the entire IP packet the entire IP packet is considered as payload and encapsulated in another IP packet (with potentially different source and destination addresses) in tunnel mode encrypts and optionally authenticates the entire inner IP packet AH in transport mode authenticates the entire inner IP packet and selected fields of the outer IP usually used between two security gateways or between a host and a security gateway 4 2

Security Associations (SA) Security associations an SA is a one-way relationship between a sender and a receiver system an SA is used either for AH or for but never for both an SA is uniquely identified by three parameters Security Parameters Index (SPI) a bit string assigned to the SA carried in AH and s to allow the receiving party to select the SA which must be used to process the packet destination IP address address of an end-system or a security gateway security protocol identifier indicates whether the SA is an AH or an SA 5 SA parameters Security associations end-points IP addresses AH / information algorithm, key, and related parameters protocol mode tunnel or transport mode sequence number counter counts the packets sent using this SA sequence counter overflow flag indicates whether overflow of the sequence number counter should prevent further transmission using this SA anti-replay window used to determine whether an inbound AH or packet is a replay lifetime a time interval or byte count after which this SA must be terminated path MTU any observed maximum transmission unit 6 3

Authentication Header AH Authentication Header (AH) Protocol 0 8 16 31 next payload length Security Parameters Index (SPI) sequence number authentication (variable length) reserved next type of immediately following this (e.g., TCP, IP, etc.) payload length length of AH (in 32 bit words) minus 2 e.g., 4 if Authentication is 3x32 bits long Security Parameters Index identifies the SA used to generate this sequence number sequence number of the packet authentication a (truncated) MAC (default length is 3x32 bits) 7 AH in transport and tunnel mode IPv4 packet IP Authentication Header (AH) Protocol AH in transport mode AH in tunnel mode IP new IP AH authenticated except for mutable fields in the IP AH IP authenticated except for mutable fields in the outer IP 8 4

Replay detection replay: the attacker obtains an authenticated packet and later transmits (replays) it to the intended destination receiver has an anti-replay window of default size W = 64 last received packet packets received Authentication Header (AH) Protocol window (of size 7)...... dropped dropped if MAC is correct then mark otherwise drop if MAC is correct then mark and advance window 9 MAC Authentication Header (AH) Protocol implementations must support HMAC-MD5-96 HMAC-SHA1-96 the MAC is calculated over IP fields that do not change in transit the AH fields (Authentication field is set to 0) entire upper layer protocol the fields not covered by the MAC are set to 0 for the calculation IP AH payload 0000 TTL 0000... 0000... checksum MAC MAC authentication 10 5

Encapsulating Security Payload Encapsulating Security Payload () Protocol 0 16 24 31 Security Parameters Index (SPI) sequence number payload (variable length) padding (0-255 bytes) pad length authentication (variable length) next Security Parameters Index identifies the SA used to generate this encrypted packet sequence number payload transport level segment (transfer mode) or encapsulated IP packet (tunnel mode) padding variable length padding pad length next identifies the type of contained in the payload authentication a (truncated) MAC computed over the packet (SPI... next ) 11 Encryption and MAC algorithms Encapsulating Security Payload () Protocol encryption applied to the payload, padding, pad length, and next fields if an IV is needed, then it is explicitly carried at the beginning of the payload (the IV is not encrypted) implementations must support DES-CBC other suggested algorithms: 3DES, RC5, IDEA, 3IDEA, CAST, Blowfish MAC default length is 3x32 bits implementations must support HMAC-MD5-96 and HMAC-SHA1-96 MAC is computed over the SPI, sequence number, and encrypted payload, padding, pad length, and next fields unlike in AH, here the MAC does not cover the preceding IP 12 6

in transport and tunnel mode IPv4 packet IP Encapsulating Security Payload () Protocol in transport mode IP in tunnel mode new IP IP encrypted authenticated encrypted authenticated trailer MAC trailer MAC 13 transport adjacency (basic -AH combination) 1. apply in transport mode without authentication 2. apply AH in transport mode IP AH trailer authenticated except for mutable fields in the IP iterated tunneling (multiple nested tunnels) both end-points of the two tunnels are the same (host-to-host) one end-point of the two tunnels is the same (host-to-gateway) neither endpoint of the two tunnels is the same (gateway-togateway) transport within tunnel 14 7

Examples host-to-host security with transport adjacency one or more transport SAs Internet 15 Examples a corporate VPN (virtual private network) with tunnel SAs tunnel SAs in both direction Internet 16 8

Examples remote access to a corporate network tunnel SAs in both direction Internet 17 Examples private connection within a corporate VPN transport or tunnel SAs tunnel SAs Internet 18 9

Recommended readings Internet RFCs: RFC 2401: an overview of the IPSec security architecture RFC 2402: specification of AH RFC 2406: specification of RFC 2408: specification of ISAKMP RFC 2409: specification of IKE 19 10

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback