IP Security. Have a range of application specific security mechanisms

Similar documents
CIS 6930/4930 Computer and Network Security. Topic 8.1 IPsec

CSC 6575: Internet Security Fall 2017

CSCE 715: Network Systems Security

Cryptography and Network Security Chapter 16. Fourth Edition by William Stallings

IPSec. Overview. Overview. Levente Buttyán

IPSec. Slides by Vitaly Shmatikov UT Austin. slide 1

The IPsec protocols. Overview

Cryptography and Network Security

IP Security IK2218/EP2120

Chapter 6. IP Security. Dr. BHARGAVI H. GOSWAMI Department of Computer Science Christ University

Cryptography and Network Security. Sixth Edition by William Stallings

Chapter 6/8. IP Security

Lecture 13 Page 1. Lecture 13 Page 3

Lecture 12 Page 1. Lecture 12 Page 3

The Internet community has developed application-specific security mechanisms in a number of application areas, including electronic mail (S/MIME,

IP Security. Cunsheng Ding HKUST, Kong Kong, China

INTERNET PROTOCOL SECURITY (IPSEC) GUIDE.

Lecture 33. Firewalls. Firewall Locations in the Network. Castle and Moat Analogy. Firewall Types. Firewall: Illustration. Security April 15, 2005

Internet security and privacy

Virtual Private Networks (VPN)

Virtual Private Network

CSE509: (Intro to) Systems Security

IP Security Part 1 04/02/06. Hofstra University Network Security Course, CSC290A

VPN and IPsec. Network Administration Using Linux. Virtual Private Network and IPSec 04/2009

CS 356 Internet Security Protocols. Fall 2013

IPSec implementation for SCTP

Lecture 9: Network Level Security IPSec

Protocols, Technologies and Standards Secure network protocols for the OSI stack P2.1 WLAN Security WPA, WPA2, IEEE i, IEEE 802.1X P2.

COSC4377. Chapter 8 roadmap

Computer Security 3e. Dieter Gollmann. Security.di.unimi.it/sicurezza1415/ Chapter 16: 1

Chapter 5: Network Layer Security

Internet Security. - IPSec, SSL/TLS, SRTP - 29th. Oct Lee, Choongho

Manual Key Configuration for Two SonicWALLs

Chapter 11 The IPSec Security Architecture for the Internet Protocol

Computer Security 3e. Dieter Gollmann. Security.di.unimi.it/sicurezza1516/ Chapter 16: 1

IPsec (AH, ESP), IKE. Guevara Noubir CSG254: Network Security

IPsec and SSL/TLS. Applied Cryptography. Andreas Hülsing (Slides mostly by Ruben Niederhagen) Dec. 1st, /43

Firewalls, Tunnels, and Network Intrusion Detection

Junos Security. Chapter 8: IPsec VPNs Juniper Networks, Inc. All rights reserved. Worldwide Education Services

The IPSec Security Architecture for the Internet Protocol

Distributed Systems. 27. Firewalls and Virtual Private Networks Paul Krzyzanowski. Rutgers University. Fall 2013

Chapter 32 Security in the Internet: IPSec, SSL/TLS, PGP,

Set Up a Remote Access Tunnel (Client to Gateway) for VPN Clients on RV016, RV042, RV042G and RV082 VPN Routers

CSC 4900 Computer Networks: Security Protocols (2)

Network Encryption 3 4/20/17

8. Network Layer Contents

Network Security: IPsec. Tuomas Aura

CONTENTS. vii. Chapter 1 TCP/IP Overview 1. Chapter 2 Symmetric-Key Cryptography 33. Acknowledgements

Int ernet w orking. Internet Security. Literature: Forouzan: TCP/IP Protocol Suite : Ch 28

IPSec Site-to-Site VPN (SVTI)

Application Layer. Presentation Layer. Session Layer. Transport Layer. Network Layer. Data Link Layer. Physical Layer

Cryptography and secure channel. May 17, Networks and Security. Thibault Debatty. Outline. Cryptography. Public-key encryption

Network Security - ISA 656 IPsec IPsec Key Management (IKE)

Lehrstuhl für Netzarchitekturen und Netzdienste Fakultät für Informatik Technische Universität München. ilab. Lab 8 SSL/TLS and IPSec

Princess Nora Bint Abdulrahman University College of computer and information sciences Networks department Networks Security (NET 536)

IP Security Discussion Raise with IPv6. Security Architecture for IP (IPsec) Which Layer for Security? Agenda. L97 - IPsec.

Network Working Group Request for Comments: November 1998

VPN Overview. VPN Types

IPsec Working Group. Expires January 2003 July IP Authentication Header draft-ietf-ipsec-rfc2402bis-01.txt. Status of This Memo

Network Security (NetSec) IN2101 WS 16/17

Network Security IN2101

IPsec NAT Transparency

Virtual Private Networks

IPsec Working Group. draft-ietf-ipsec-rfc2402bis-05.txt September 2003 Expires March IP Authentication Header draft-ietf-ipsec-rfc2402bis-05.

Network Security Protocols NET 412D

IBM i Version 7.2. Security Virtual Private Networking IBM

Network Working Group. Obsoletes: 2402 December 2005 Category: Standards Track

SonicWALL Addendum. A Supplement to the SonicWALL Internet Security Appliance User's Guide

Voice over IPSec. Emilia Rosti Dip. Informatica e Comunicazione Univ. Degli Studi di Milano

Configuration of an IPSec VPN Server on RV130 and RV130W

VPNs and VPN Technologies

Sample excerpt. Virtual Private Networks. Contents

INF3510 Information Security University of Oslo Spring Lecture 9 Communication Security. Audun Jøsang

Network Security 2. Module 4 Configure Site-to-Site VPN Using Pre-Shared Keys

Secure channel, VPN and IPsec. stole some slides from Merike Kaeo

Use of IPSec in Mobile IP

Network Security: IPsec. Tuomas Aura T Network security Aalto University, Nov-Dec 2014

IPsec NAT Transparency

Network Interconnection

Configuring Security for VPNs with IPsec

INFS 766 Internet Security Protocols. Lectures 7 and 8 IPSEC. Prof. Ravi Sandhu IPSEC ROADMAP

SECURITY IMPROVEMENT FOR MOBILE IP COMMUNICATION

The EN-4000 in Virtual Private Networks

Configuring IPSec tunnels on Vocality units

Chapter 10: Cipher Techniques

IPv6 Protocol. Does it solve all the security problems of IPv4? Franjo Majstor EMEA Consulting Engineer Cisco Systems, Inc.

Packet Tracer - Configure and Verify a Site-to-Site IPsec VPN Using CLI

IPSec Transform Set Configuration Mode Commands

KENIC-AFRINIC IPv6 Workshop 17th 20th June 2008

Security and Lawful Intercept In VoIP Networks. Manohar Mahavadi Centillium Communications Inc. Fremont, California

BCRAN. Section 9. Cable and DSL Technologies

VPN, IPsec and TLS. stole slides from Merike Kaeo apricot2017 1

Outline. 0 Topic 4.1: Securing Real-Time Communications 0 Topic 4.2: Transport Layer Security 0 Topic 4.3: IPsec and IKE

How to Configure an IPsec VPN to an AWS VPN Gateway with BGP

Service Managed Gateway TM. Configuring IPSec VPN

High-Speed IP/IPsec Processor LSIs

Virtual Private Networks

Network Working Group Request for Comments: Nokia Research Center F. Dupont GET/ENST Bretagne June 2004

IPSec Transform Set Configuration Mode Commands

Global Information Assurance Certification Paper. Copyright SANS Institute Author Retains Full Rights

Transcription:

IP Security

IP Security Have a range of application specific security mechanisms eg. S/MIME, PGP, Kerberos, SSL/HTTPS However there are security concerns that cut across protocol layers Would like security implemented by the network for all applications

IPSec General IP Security mechanisms Provides authentication confidentiality key management Applicable to use over LANs, across public & private WANs, & for the Internet

IPSec Uses Transparency

Benefits of IPSec In a firewall/router provides strong security to all traffic crossing the perimeter In a firewall/router is resistant to bypass Is below transport layer, hence transparent to applications Can be transparent to end users Can provide security for individual users Secures routing architecture

IP Security Architecture Specification is quite complex Defined in numerous RFC s incl. RFC 2401/2402/2406/2408 many others, grouped by category Mandatory in IPv6, optional in IPv4 Have two security header extensions: Authentication Header (AH) Encapsulating Security Payload (ESP)

Architecture & Concepts Tunnel vs. Transport mode Security association (SA) Security parameter index (SPI) Security policy database (SPD) SA database (SAD) Authentication header (AH) Encapsulating security payload (ESP) Practical Issues w/ NAT

Transport Mode vs. Tunnel Mode Transport mode: host -> host Tunnel mode: host->gateway or gateway->gateway Encrypted Tunnel Gateway 1 Gateway 2 A Encrypted B New IP Header AH or ESP Header Orig IP Header TCP Data

Transport Mode IP header IP options IPSec header Higher layer protocol Real IP destination ESP AH ESP protects higher layer payload only AH can protect IP headers as well as higher layer payload

Tunnel Mode Outer IP header IPSec header Inner IP header Higher layer protocol Destination IPSec entity ESP AH Real IP destination ESP applies only to the tunneled packet AH can be applied to portions of the outer header

Security Association - SA Defined by 3 parameters: Security Parameters Index (SPI) IP Destination Address Security Protocol Identifier Have a database of Security Associations Determine IPSec processing for senders Determine IPSec decoding for destination SAs are not fixed! Generated and customized per traffic flows

Security Parameters Index - SPI Can be up to 32 bits large The SPI allows the destination to select the correct SA under which the received packet will be processed According to the agreement with the sender The SPI is sent with the packet by the sender SPI + Dest IP address + IPSec Protocol (AH or ESP) uniquely identifies a SA

SA Database - SAD Holds parameters for each SA Lifetime of this SA AH and ESP information Tunnel or transport mode Every host or gateway participating in IPSec has their own SA database

Security Policy Database - SPD What traffic to protect? Policy entries define which SA or SA bundles to use on IP traffic Each host or gateway has their own SPD Index into SPD by Selector fields Dest IP, Source IP, Transport Protocol, IPSec Protocol, Source & Dest Ports,

SPD Entry Actions Discard Do not let in or out Bypass Outbound: do not apply IPSec Inbound: do not expect IPSec Protect will point to an SA or SA bundle Outbound: apply security Inbound: check that security must have been applied

SPD Protect Action If the SA does not exist Outbound processing: use IKE to generate SA dynamically Inbound processing: drop packet

Outbound Processing Outbound packet (on A) IP Packet Is it for IPSec? If so, which policy entry to select? SPD (Policy) A SA Database B IPSec processing Determine the SA and its SPI SPI & IPSec Packet Send to B

Inbound Processing Inbound packet (on B) A B From A SPI & Packet SA Database SPD (Policy) Use SPI to index the SAD Was packet properly secured? un-process Original IP Packet

Architecture & Concepts Tunnel vs. Transport mode Security association (SA) Security parameter index (SPI) Security policy database (SPD) SA database (SAD) Authentication header (AH) Encapsulating security payload (ESP) Practical Issues w/ NAT

Authenticated Header Data integrity Entire packet has not been tampered with Authentication Can trust IP address source Use MAC to authenticate Symmetric encryption, e.g, DES One-way hash functions, e.g, HMAC-MD5-96 or HMAC- SHA-1-96 Anti-replay feature Integrity check value

IPSec Authenticated Header SAD Length of the authentication header Next Header (TCP/UDP) Payload Length Reserved SPI Sequence Number ICV

Integrity Check Value - ICV Keyed Message authentication code (MAC) calculated over IP header field that do not change or are predictable Source IP address, destination IP, header length, etc. Prevent spoofing Mutable fields excluded: e.g., time-to-live (TTL), IP header checksum, etc. IPSec protocol header except the ICV value field Upper-level data Code may be truncated to first 96 bits

AH: Tunnel and Transport Mode Original Transport Mode Cover most of the original packet Tunnel Mode Cover entire original packet

Encapsulating Security Payload (ESP) Provide message content confidentiality Provide limited traffic flow confidentiality Can optionally provide the same authentication services as AH Supports range of ciphers, modes, padding Incl. DES, Triple-DES, RC5, IDEA, CAST etc A variant of DES most common Pad to meet blocksize, for traffic flow

ESP: Tunnel and Transport Mode Original Transport Mode Good for host to host traffic Tunnel Mode Good for VPNs, gateway to gateway security

Outbound Packet Processing Form ESP header Security parameter index (SPI) Sequence number Pad as necessary Encrypt result [payload, padding, pad length, next header] Apply authentication (optional) Allow rapid detection of replayed/bogus packets Integrity Check Value (ICV) includes whole ESP packet minus authentication data field

ESP Transport Example Authentication coverage Encrypted Original IP Header SPI Sequence Number Payload (TCP Header and Data) Variable Length Padding (0-255 bytes) Pad Length Next Header Integrity Check Value

Inbound Packet Processing... Sequence number checking Duplicates are rejected! Packet decryption Decrypt quantity [ESP payload,padding,pad length,next header] per SA specification Processing (stripping) padding per encryption algorithm Reconstruct the original IP datagram Authentication verification (optional) Allow potential parallel processing - decryption & verifying authentication code

Architecture & Concepts Tunnel vs. Transport mode Security association (SA) Security parameter index (SPI) Security policy database (SPD) SA database (SAD) Authentication header (AH) Encapsulating security payload (ESP) Practical Issues w/ NAT

NATs Network address translation = local, LAN-specific address space translated to small number of globally routable IP addresses Motivation: Scarce address space Security: prevent unsolicited inbound requests Prevalence of NATs Claim: 50% of broadband users are behind NATs All Linksys/D-Link/Netgear home routers are NATs

NAT types All use net-10/8 (10.*.*.*) or 192.168/16 Address translation Address-and-port translation (NAPT) most common form today, still called NAT one external (global) IP address Change IP header and TCP/UDP headers

NAT Example IAP s Point of Presence Messages sent between host B to another host on the Internet Host B original source socket: 192.168.0.101 port 1341 Host B translated socket: 68.40.162.3 port 5280 A B C Router with NAT External IP: 68.40.162.3 Internal IP: 192.168.0.0 Router assigns internal IPs to hosts on LAN : A: 192.168.0.100 B: 192.168.0.101 C: 192.168.0.102

Will IPSec Work with NAT? Consider both AH and ESP protocols. Consider both transport and tunnel modes. For tunnel mode, consider the following two cases Sender NAT IPSec Gateway 1 IPSec Gateway 2 Receiver Sender IPSec Gateway 1 NAT IPSec Gateway 2 Receiver What about w/o port # translation?

Backup Slides

Combining Security Associations SA s can implement either AH or ESP to implement both need to combine SA s form a security association bundle may terminate at different or same endpoints combined by transport adjacency iterated tunneling issue of authentication & encryption order

Combining Security Associations

SA Bundle More than 1 SA can apply to a packet Example: ESP does not authenticate new IP header. How to authenticate? Use SA to apply ESP w/o authentication to original packet Use 2 nd SA to apply AH

Outbound Packet Processing... Integrity Check Value (ICV) calculation ICV includes whole ESP packet minus authentication data field Implicit padding of 0 s between next header and authentication data is used to satisfy block size requirement for ICV algorithm

Inbound Packet Processing Sequence number checking Anti-replay is used only if authentication is selected Sequence number should be the first ESP check on a packet upon looking up an SA Duplicates are rejected! 0 reject Check bitmap, verify if new Sliding Window size >= 32 verify

Anti-replay Feature Optional Information to enforce held in SA entry Sequence number counter - 32 bit for outgoing IPSec packets Anti-replay window 32-bit Bit-map for detecting replayed packets

Anti-replay Sliding Window Window should not be advanced until the packet has been authenticated Without authentication, malicious packets with large sequence numbers can advance window unnecessarily Valid packets would be dropped!

ESP Processing - Header IPv4 Location... New IP hdr ESP hdr Orig IP hdr TCP Data ESP trailer ESP Auth IPv6 New IP hdr New ext hdr ESP hdr Orig IP hdr Orig TCP Data ESP ext hdr trailer ESP Auth Tunnel mode IPv4 and IPv6

Key Management Handles key generation & distribution Typically need 2 pairs of keys 2 per direction for AH & ESP Manual key management Sysadmin manually configures every system Automated key management Automated system for on demand creation of keys for SA s in large systems

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback