CSE509: (Intro to) Systems Security

Similar documents
Chapter 10: Cipher Techniques

CSCE 715: Network Systems Security

IPSec. Slides by Vitaly Shmatikov UT Austin. slide 1

IPSec. Overview. Overview. Levente Buttyán

CIS 6930/4930 Computer and Network Security. Topic 8.1 IPsec

The IPsec protocols. Overview

IP Security. Have a range of application specific security mechanisms

Cryptography and Network Security Chapter 16. Fourth Edition by William Stallings

IP Security IK2218/EP2120

CSC 6575: Internet Security Fall 2017

IP Security. Cunsheng Ding HKUST, Kong Kong, China

Cryptography and Network Security. Sixth Edition by William Stallings

Lecture 13 Page 1. Lecture 13 Page 3

The Internet community has developed application-specific security mechanisms in a number of application areas, including electronic mail (S/MIME,

VPN and IPsec. Network Administration Using Linux. Virtual Private Network and IPSec 04/2009

Chapter 6. IP Security. Dr. BHARGAVI H. GOSWAMI Department of Computer Science Christ University

Lecture 12 Page 1. Lecture 12 Page 3

Virtual Private Network

Lecture 33. Firewalls. Firewall Locations in the Network. Castle and Moat Analogy. Firewall Types. Firewall: Illustration. Security April 15, 2005

Chapter 11 The IPSec Security Architecture for the Internet Protocol

8. Network Layer Contents

Computer Security 3e. Dieter Gollmann. Security.di.unimi.it/sicurezza1415/ Chapter 16: 1

INFS 766 Internet Security Protocols. Lectures 7 and 8 IPSEC. Prof. Ravi Sandhu IPSEC ROADMAP

Internet Security. - IPSec, SSL/TLS, SRTP - 29th. Oct Lee, Choongho

Chapter 32 Security in the Internet: IPSec, SSL/TLS, PGP,

Application Layer. Presentation Layer. Session Layer. Transport Layer. Network Layer. Data Link Layer. Physical Layer

The IPSec Security Architecture for the Internet Protocol

Network Security - ISA 656 IPsec IPsec Key Management (IKE)

Lecture 9: Network Level Security IPSec

Chapter 6/8. IP Security

IP Security Part 1 04/02/06. Hofstra University Network Security Course, CSC290A

VPN Overview. VPN Types

Configuring Security for VPNs with IPsec

Junos Security. Chapter 8: IPsec VPNs Juniper Networks, Inc. All rights reserved. Worldwide Education Services

Cryptography and Network Security

INTERNET PROTOCOL SECURITY (IPSEC) GUIDE.

IPsec NAT Transparency

Internet security and privacy

Network Security: IPsec. Tuomas Aura

IPSec implementation for SCTP

Computer Security 3e. Dieter Gollmann. Security.di.unimi.it/sicurezza1516/ Chapter 16: 1

Fun with Crypto keys and protocols. some Bishop, some Jim, some RA

Protocols, Technologies and Standards Secure network protocols for the OSI stack P2.1 WLAN Security WPA, WPA2, IEEE i, IEEE 802.1X P2.

Information Security & Privacy

AIT 682: Network and Systems Security

Chapter 5: Network Layer Security

IPsec (AH, ESP), IKE. Guevara Noubir CSG254: Network Security

IPsec and SSL/TLS. Applied Cryptography. Andreas Hülsing (Slides mostly by Ruben Niederhagen) Dec. 1st, /43

Lehrstuhl für Netzarchitekturen und Netzdienste Fakultät für Informatik Technische Universität München. ilab. Lab 8 SSL/TLS and IPSec

Network Encryption 3 4/20/17

Set Up a Remote Access Tunnel (Client to Gateway) for VPN Clients on RV016, RV042, RV042G and RV082 VPN Routers

CS 356 Internet Security Protocols. Fall 2013

Cryptography and secure channel. May 17, Networks and Security. Thibault Debatty. Outline. Cryptography. Public-key encryption

Virtual Private Networks

Security for VPNs with IPsec Configuration Guide, Cisco IOS Release 15M&T

Secure channel, VPN and IPsec. stole some slides from Merike Kaeo

Virtual Private Networks (VPN)

Security for VPNs with IPsec Configuration Guide Cisco IOS Release 12.4T

Service Managed Gateway TM. Configuring IPSec VPN

Int ernet w orking. Internet Security. Literature: Forouzan: TCP/IP Protocol Suite : Ch 28

IPSec Transform Set Configuration Mode Commands

Protocol Architecture (2) Suguru Yamaguchi Nara Institute of Science and Technology Department of Information Science

Virtual Private Networks.

Firewalls, Tunnels, and Network Intrusion Detection

COSC4377. Chapter 8 roadmap

A-B I N D E X. backbone networks, fault tolerance, 174

Network Security: IPsec. Tuomas Aura T Network security Aalto University, Nov-Dec 2014

IPsec NAT Transparency

Index. Numerics 3DES (triple data encryption standard), 21

Network Security (NetSec) IN2101 WS 16/17

VPN, IPsec and TLS. stole slides from Merike Kaeo apricot2017 1

Security for VPNs with IPsec Configuration Guide, Cisco IOS XE Release 3S

Sample excerpt. Virtual Private Networks. Contents

IPSec. Dr.Talal Alkharobi. IPsec (IP security)

BCRAN. Section 9. Cable and DSL Technologies

Virtual Private Networks

IP Security Discussion Raise with IPv6. Security Architecture for IP (IPsec) Which Layer for Security? Agenda. L97 - IPsec.

Network Security IN2101

IBM i Version 7.2. Security Virtual Private Networking IBM

IPSec Transform Set Configuration Mode Commands

IPSec Site-to-Site VPN (SVTI)

Princess Nora Bint Abdulrahman University College of computer and information sciences Networks department Networks Security (NET 536)

IKE and Load Balancing

Table of Contents 1 IKE 1-1

CSC 4900 Computer Networks: Security Protocols (2)

VPNs and VPN Technologies

VPN World. MENOG 16 Istanbul-Turkey. By Ziad Zubidah Network Security Specialist

IPSec Network Applications

show crypto group summary, page 1 show crypto ikev2-ikesa security-associations summary spi, page 2

PPTP Server: This guide will show how an IT administrator can configure the VPN-PPTP server settings.

Securizarea Calculatoarelor și a Rețelelor 29. Monitorizarea și depanarea VPN-urilor IPSec Site-to-Site

iii PPTP... 7 L2TP/IPsec... 7 Pre-shared keys (L2TP/IPsec)... 8 X.509 certificates (L2TP/IPsec)... 8 IPsec Architecture... 11

CIT 480: Securing Computer Systems

Distributed Systems. 27. Firewalls and Virtual Private Networks Paul Krzyzanowski. Rutgers University. Fall 2013

Configuring Internet Key Exchange Security Protocol

BCA III Network security and Cryptography Examination-2016 Model Paper 1

INF3510 Information Security University of Oslo Spring Lecture 9 Communication Security. Audun Jøsang

Virtual Private Networks

Cisco Live /11/2016

How to Configure an IPsec VPN to an AWS VPN Gateway with BGP

Transcription:

CSE509: (Intro to) Systems Security Fall 2012 Invited Lecture by Vyas Sekar IPSec 2005-12 parts by Matt Bishop, used with permission

Security in Real Life: Motivation Site SF Company X $$$ Site NY Site NY Systems Security September 25, 2012 2

Security in Real Life: Why don t you run it on IP? Site NY Site SF Internet IP provides no security! Spoofing Replay Modify Systems Security September 25, 2012 3

Networks and Cryptography ISO/OSI model Conceptually, each host has peer at each layer Peers communicate with peers at same layer Application layer Application layer Presentation layer Presentation layer Session layer Session layer T ransport layer Transport layer Netw ork layer Netw ork layer Netw ork layer Data link layer Data link layer Data link layer Physical layer Ph ysical layer Physical layer Systems Security September 25, 2012 4

Link and End-to-End Protocols Link Protocol End-to-End (or E2E) Protocol Systems Security September 25, 2012 5

Encryption Link encryption Each host enciphers message so host at next hop can read it Message can be read at intermediate hosts End-to-end encryption Host enciphers message so host at other end of communication can read it Message cannot be read at intermediate hosts Systems Security September 25, 2012 6

Cryptographic Considerations Link encryption Each host shares key with neighbor End-to-end Each host shares key with destination Message cannot be read at intermediate nodes Systems Security September 25, 2012 8

Eve: Traffic Analysis Link encryption Can protect headers of packets Possible to hide source and destination Note: may be able to deduce this from traffic flows End-to-end encryption Cannot hide packet headers Intermediate nodes need to route packet Attacker can read source, destination Systems Security September 25, 2012 9

Real Life: Secure Communication IP Security (IPSec) Network layer protocol VPNs Secure Socket Layer (SSL) Transport layer protocol Systems Security September 25, 2012 10

IPsec (RFC 4301-4309) Network layer security Provides confidentiality, integrity, authentication of endpoints, replay detection Protects all messages sent along a path IP IP+IPsec IP dest gw2 gw1 src security gateway Systems Security September 25, 2012 11

IPsec Transport Mode Original IP header encrypted data body Encapsulate IP packet data area Use IP to send IPsec-wrapped data packet Note: IP header not protected Used: when both endpoints support IPSec Systems Security September 25, 2012 12

IPsec Tunnel Mode New IP header encrypted original IP Header encrypted data body Encapsulate IP packet (IP header and IP data) Use IP to send IPsec-wrapped packet Note: IP header protected Used: When only two intermediate nodes support IPSec Systems Security September 25, 2012 13

IPsec Sub-Protocols Authentication Header (AH) Protocol Adds authentication to an IP datagram: crypto-hash/mac (e.g. SHA) of all unchangeable or predictable fields Message integrity Origin authentication Anti-replay (!) sequence numbers, 32 slot packet window at receiver Encapsulating Security Payload (ESP) Confidentiality encrypts IP payload Supports: tunnel/transport modes IPComp Compress BEFORE encryption (why not after?! ) IKE/IKEv2 Internet Key Exchange Systems Security September 25, 2012 14

Where do Keys come from? IKE (Internet Key Exchange) RFC 2409 Compliant with ISAKMP: Internet Security Association and Key Management Protocol (RFC 2408) Key Exchange: e.g. Oakley (Diffie-Hellman) Manual keys Systems Security September 25, 2012 15

IPsec Architecture: Associations Security Association (SA) Association between peers for security services Identified uniquely by dest address, security protocol (AH or ESP), unique 32-bit number (security parameter index, or SPI allows receiver to lookup secret key for packet) ISAKMP invention Unidirectional Can apply different services in either direction SA uses either ESP or AH; if both required, 2 SAs needed Systems Security September 25, 2012 16

SA Database (SAD) Entry describes SA. Fields: AH algorithm identifier, keys (e.g. SHA ) When SA uses AH ESP encryption algorithm identifier, keys (e.g., 3DES) When SA uses confidentiality from ESP ESP authentication algorithm identifier, keys When SA uses authentication, integrity from ESP SA lifetime (time for deletion or max byte count) IPsec mode (tunnel, transport, either) Systems Security September 25, 2012 17

IPsec Architecture: Policies Security Policy Database (SPD) how to handle messages: discard add security services forward unchanged SPD associated with network interface SPD determines entry from packet attributes Including source, destination, transport protocol Systems Security September 25, 2012 18

Example Goals Discard SMTP (mail) packets from host 192.168.2.9 Forward packets from 192.168.19.7 without change SPD entries src 192.168.2.9, dest 10.1.2.3 to 10.1.2.103, port 25, discard src 192.168.19.7, dest 10.1.2.3 to 10.1.2.103, port 25, bypass dest 10.1.2.3 to 10.1.2.103, port 25, apply IPsec Note: entries scanned/applied in order If no match for packet, it is discarded Systems Security September 25, 2012 19

Packet Processing Packet arrives Look in SPD Find appropriate entry Get dest address, security protocol Get also SPI from packet header Find associated SA in SAD Use dest address, security protocol, SPI Apply security services in SA (if any) Systems Security September 25, 2012 20

SA Bundles and Nesting SA Bundle: sequence of SAs that IPsec applies to packets Nest tunnel mode SAs This is iterated tunneling Systems Security September 25, 2012 21

Example: Nested Tunnels Group in A.org communicates with group in B.org Gateways of A, B use IPsec mechanisms But information must be secret to everyone (even other people in A.org and B.org) except the two groups Inner tunnel: a SA between the two groups Outer tunnel: the SA between the two gateways Systems Security September 25, 2012 22

Example: Systems gwa.a.org hosta.a.org hostb.b.org SA in tunnel mode (outer tunnel) SA in tunnel mode (inner tunnel) gwb.b.org Systems Security September 25, 2012 23

Example: Packets IP header from gwa AH header from gwa ESP header from gwa IP header from hosta AH header from hosta ESP header from hosta IP header from hosta Transport layer headers, data Packet generated on hosta Encapsulated by hosta s IPsec mechanisms Again encapsulated by gwa s IPsec mechanisms Above diagram shows headers, but as you go left, everything to the right would be enciphered and authenticated, etc. Systems Security September 25, 2012 24

AH Protocol Parameters in AH header Length of header SPI of SA applying protocol Sequence number (anti-replay) Integrity value check (IVC) Two steps Check that replay is not occurring Check authentication data Systems Security September 25, 2012 25

Sender Check sequence number will not cycle Increment sequence number Compute IVC of packet Includes IP header, AH header, packet data IP header: include all fields that will not change in transit; assume all others are 0 AH header: authentication data field set to 0 for this Packet data includes encapsulated data, higher level protocol data Systems Security September 25, 2012 26

Recipient Assume AH header found Get SPI, destination address Find associated SA in SAD If no associated SA, discard packet If anti-replay not used Verify IVC is correct If not, discard Systems Security September 25, 2012 27

Recipient, Using Antireplay Check packet beyond low end of sliding window Check IVC of packet Check packet s slot not occupied If any of these is false, discard packet current window Systems Security September 25, 2012 28

ESP Protocol Parameters in ESP header Identification (SPI) of SA applying protocol Sequence number (anti-replay) Generic payload data field Padding and length of padding Contents depends on ESP services enabled; may be an initialization vector for a chaining cipher, for example Used also to pad packet to length required by cipher Optional authentication data field Introduced in later versions for efficiency (instead of using AH) Systems Security September 25, 2012 29

ESP Protocol figure unknown author online Systems Security September 25, 2012 30

Sender Add ESP header Includes whatever padding needed Encipher result Do not encipher SPI, sequence numbers If authentication desired, compute as for AH protocol: include ESP header, payload; not encapsulating IP header Systems Security September 25, 2012 31

Recipient Assume ESP header found Get SPI, destination address Find associated SA in SAD If no associated SA, discard packet If authentication used Do antireplay verification as for AH Only ESP, payload are considered; not IP header Note authentication data inserted after encipherment, so no deciphering need be done Systems Security September 25, 2012 32

Recipient If confidentiality used Decipher enciphered portion of ESP header Process padding Decipher payload If SA is transport mode, IP header and payload combined into original IP packet If SA is tunnel mode, payload is an encapsulated IP packet and so is treated as original IP packet Systems Security September 25, 2012 33

ESP: Transport Mode figure unknown author online Systems Security September 25, 2012 34

ESP: Tunnel Mode figure unknown author online Systems Security September 25, 2012 35

More ESP Miscellany All implementations must support (encipherment algorithms): DES in CBC mode NULL algorithm (identity; no encipherment) All implementations must support (integrity algorithms): HMAC_MD5 HMAC_SHA-1 NULL algorithm (no MAC computed) Both cannot be NULL at the same time Systems Security September 25, 2012 36

Typical VPN Systems Security September 25, 2012 37

Site to Site VPN Systems Security September 25, 2012 38

Protocol types Passenger - original data being carried (IPX, NetBeui, IP) Encapsulator - wrapper for original data (GRE-Cisco, IPSec, L2F, PPTP, L2TP) Carrier - the network that the information is traveling through (IP) Systems Security September 25, 2012 39

Recap: What did we learn in IPSec IP provides little security IPSec: framework to overlay security AH, ESP provide different guarantees Key exchange Can run in E2E or tunnel (nested too) Below App/transport Offers security to all apps Unlike SSL Critical to many enterprise deployments Systems Security September 25, 2012 40

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback