CIS 6930/4930 Computer and Network Security. Topic 8.1 IPsec

Similar documents
IP Security. Have a range of application specific security mechanisms

CSC 6575: Internet Security Fall 2017

IPSec. Slides by Vitaly Shmatikov UT Austin. slide 1

The IPsec protocols. Overview

CSCE 715: Network Systems Security

IPSec. Overview. Overview. Levente Buttyán

IP Security IK2218/EP2120

Cryptography and Network Security. Sixth Edition by William Stallings

Lecture 33. Firewalls. Firewall Locations in the Network. Castle and Moat Analogy. Firewall Types. Firewall: Illustration. Security April 15, 2005

Chapter 6/8. IP Security

Lecture 13 Page 1. Lecture 13 Page 3

CSE509: (Intro to) Systems Security

Lecture 12 Page 1. Lecture 12 Page 3

IP Security. Cunsheng Ding HKUST, Kong Kong, China

IPSec implementation for SCTP

Chapter 6. IP Security. Dr. BHARGAVI H. GOSWAMI Department of Computer Science Christ University

Computer Security 3e. Dieter Gollmann. Security.di.unimi.it/sicurezza1415/ Chapter 16: 1

Firewalls, Tunnels, and Network Intrusion Detection

The Internet community has developed application-specific security mechanisms in a number of application areas, including electronic mail (S/MIME,

INTERNET PROTOCOL SECURITY (IPSEC) GUIDE.

Computer Security 3e. Dieter Gollmann. Security.di.unimi.it/sicurezza1516/ Chapter 16: 1

Lecture 9: Network Level Security IPSec

Internet Security. - IPSec, SSL/TLS, SRTP - 29th. Oct Lee, Choongho

Virtual Private Networks (VPN)

Network Security: IPsec. Tuomas Aura

VPN and IPsec. Network Administration Using Linux. Virtual Private Network and IPSec 04/2009

Virtual Private Network

IP Security Part 1 04/02/06. Hofstra University Network Security Course, CSC290A

Network Security - ISA 656 IPsec IPsec Key Management (IKE)

Chapter 5: Network Layer Security

Lehrstuhl für Netzarchitekturen und Netzdienste Fakultät für Informatik Technische Universität München. ilab. Lab 8 SSL/TLS and IPSec

COSC4377. Chapter 8 roadmap

Chapter 11 The IPSec Security Architecture for the Internet Protocol

Distributed Systems. 27. Firewalls and Virtual Private Networks Paul Krzyzanowski. Rutgers University. Fall 2013

Cryptography and Network Security Chapter 16. Fourth Edition by William Stallings

Application Layer. Presentation Layer. Session Layer. Transport Layer. Network Layer. Data Link Layer. Physical Layer

The IPSec Security Architecture for the Internet Protocol

Int ernet w orking. Internet Security. Literature: Forouzan: TCP/IP Protocol Suite : Ch 28

CSC 4900 Computer Networks: Security Protocols (2)

IPsec and SSL/TLS. Applied Cryptography. Andreas Hülsing (Slides mostly by Ruben Niederhagen) Dec. 1st, /43

Network Security: IPsec. Tuomas Aura T Network security Aalto University, Nov-Dec 2014

Network Security (NetSec) IN2101 WS 16/17

Network Security IN2101

IPsec Working Group. draft-ietf-ipsec-rfc2402bis-05.txt September 2003 Expires March IP Authentication Header draft-ietf-ipsec-rfc2402bis-05.

CSC Network Security

Network Working Group Request for Comments: November 1998

Network Working Group. Obsoletes: 2402 December 2005 Category: Standards Track

Internet Protocol and Transmission Control Protocol

CIS 6930/4930 Computer and Network Security. Final exam review

Diet-ESP: A flexible and compressed format for IPsec/ESP

IPsec Working Group. Expires January 2003 July IP Authentication Header draft-ietf-ipsec-rfc2402bis-01.txt. Status of This Memo

Chapter 32 Security in the Internet: IPSec, SSL/TLS, PGP,

Use of IPSec in Mobile IP

INFS 766 Internet Security Protocols. Lectures 7 and 8 IPSEC. Prof. Ravi Sandhu IPSEC ROADMAP

Outline. 0 Topic 4.1: Securing Real-Time Communications 0 Topic 4.2: Transport Layer Security 0 Topic 4.3: IPsec and IKE

AIT 682: Network and Systems Security

8. Network Layer Contents

Junos Security. Chapter 8: IPsec VPNs Juniper Networks, Inc. All rights reserved. Worldwide Education Services

Cryptography and Network Security

Princess Nora Bint Abdulrahman University College of computer and information sciences Networks department Networks Security (NET 536)

Cryptography and secure channel. May 17, Networks and Security. Thibault Debatty. Outline. Cryptography. Public-key encryption

Network Encryption 3 4/20/17

IPsec (AH, ESP), IKE. Guevara Noubir CSG254: Network Security

Internet security and privacy

Chapter 10: Cipher Techniques

Time Synchronization Security using IPsec and MACsec

SFO17-406: IPsec Full Offload Support in OpenDataPlane. Bill Fischofer

Protocols, Technologies and Standards Secure network protocols for the OSI stack P2.1 WLAN Security WPA, WPA2, IEEE i, IEEE 802.1X P2.

Network Working Group Request for Comments: Nokia Research Center F. Dupont GET/ENST Bretagne June 2004

IPSec Site-to-Site VPN (SVTI)

IPsec NAT Transparency

CIT 480: Securing Computer Systems

SECURITY IMPROVEMENT FOR MOBILE IP COMMUNICATION

KENIC-AFRINIC IPv6 Workshop 17th 20th June 2008

IPv6. IPv6 Rationale. IPv6 (Review) IPv6 (Review) IPv6 Extension Headers. IPv6 Header Chaining PROTOCOL ADDRESSING AUTOCONFIGURATION DEPLOYMENT

IP Security Discussion Raise with IPv6. Security Architecture for IP (IPsec) Which Layer for Security? Agenda. L97 - IPsec.

Information Security & Privacy

RFC 430x IPsec Support

AN EXTENSION OF MULTI LAYER IPSEC FOR SUPPORTING DYNAMIC QOS AND SECURITY REQUIREMENTS

CHAPTER 18 INTERNET PROTOCOLS ANSWERS TO QUESTIONS

IBM i Version 7.2. Security Virtual Private Networking IBM

Category: Standards Track Microsoft V. Volpe Cisco Systems L. DiBurro Nortel Networks M. Stenberg January 2005

Network Interconnection

VPNs and VPN Technologies

INF3510 Information Security University of Oslo Spring Lecture 9 Communication Security. Audun Jøsang

Sample excerpt. Virtual Private Networks. Contents

IPsec "# # IPsecIP. IPsec " %!" "! replay attack! IPsec. Transport Mode. ! Tunnel Mode. ! IPsec. "gateways! IPsec

Networking Security SPRING 2018: GANG WANG

Computer Security. 12. Firewalls & VPNs. Paul Krzyzanowski. Rutgers University. Spring 2018

Secure channel, VPN and IPsec. stole some slides from Merike Kaeo

DPX8000 Series Deep Service Switching Gateway User Configuration Guide Firewall Service Board Module v1.0

show crypto group summary, page 1 show crypto ikev2-ikesa security-associations summary spi, page 2

IPv6 Transition: Why a new security mechanisms model is necessary

Manual Key Configuration for Two SonicWALLs

Network Security - ISA 656 Review

The First Puzzle Piece: The Authentication Header

S Series Switches. MACsec Technology White Paper. Issue 1.0. Date HUAWEI TECHNOLOGIES CO., LTD.

IPsec NAT Transparency

Configuring Security for VPNs with IPsec

IPv6 Protocol. Does it solve all the security problems of IPv4? Franjo Majstor EMEA Consulting Engineer Cisco Systems, Inc.

Transcription:

CIS 6930/4930 Computer and Network Security Topic 8.1 IPsec 1

IPsec Objectives Why do we need IPsec? IP V4 has no authentication IP spoofing Payload could be changed without detection. IP V4 has no confidentiality mechanism Eavesdropping Denial of service (DOS) attacks Cannot hold the attacker accountable due to the lack of authentication. 2

IPsec Objectives (Cont d) IP layer security mechanism for IPv4 and IPv6 Not all applications need to be security aware Can be transparent to users Provide authentication and confidentiality mechanisms. 3

IPsec Architecture IPsec module 1 IPsec module 2 SPD SPD IKE IKE SAD IPsec SA IPsec SAD SPD: Security Policy Database; IKE: Internet Key Exchange; SA: Security Association; SAD: Security Association Database. 4

IPsec Architecture (Cont d) Two Protocols (Mechanisms) Authentication Header (AH) Encapsulating Security Payload (ESP) IKE Protocol Internet Key Management 5

IPsec Architecture (Cont d) Can be implemented in Host or gateway Can work in two Modes Tunnel mode Transport mode 6

Hosts & Gateways Hosts can implement IPsec to connect to: Other hosts in transport or tunnel mode Or Gateways in tunnel mode Gateways to gateways Tunnel mode 7

Tunnel Mode Encrypted Tunnel Gateway Gateway A Encrypted B New IP Header AH or ESP Header Orig IP Header TCP Data 8

Tunnel Mode (Cont d) Outer IP header IPsec header Inner IP header Higher layer protocol Destination IPsec entity ESP AH Real IP destination ESP applies only to the tunneled packet AH can be applied to portions of the outer header 9

Transport Mode A Encrypted/Authenticated B New IP Header AH or ESP Header TCP Data 10

Transport Mode (Cont d) IP header IP options IPsec header Higher layer protocol Real IP destination ESP AH ESP protects higher layer payload only AH can protect IP headers as well as higher layer payload 11

Security Association (SA) An association between a sender and a receiver Consists of a set of security related parameters E.g., sequence number, encryption key Determine IPsec processing for senders Determine IPsec decoding for destination SAs are not fixed! Generated and customized per traffic flows 12

Security Parameters Index (SPI) A bit string assigned to an SA. Carried in AH and ESP headers to enable the receiving system to select the SA under which the packet will be processed. 32 bits SPI + Dest IP address + IPsec Protocol Uniquely identifies each SA in SA Database (SAD) 13

SA Database (SAD) Holds parameters for each SA Sequence number counter Lifetime of this SA AH and ESP information Tunnel or transport mode Every host or gateway participating in IPsec has their own SA database 14

SA Bundle More than 1 SA can apply to a packet Example: ESP does not authenticate new IP header. How to authenticate? Use SA to apply ESP w/out authentication to original packet Use 2 nd SA to apply AH 15

Security Policy Database (SPD) Policy entries define which SA or SA Bundles to use on IP traffic Each host or gateway has their own SPD Index into SPD by Selector fields Selectors: IP and upper-layer protocol field values. Examples: Dest IP, Source IP, Transport Protocol, IPSec Protocol, Source & Dest Ports, 16

SPD Entry Actions Discard Do not let in or out Bypass Outbound: do not apply IPSec Inbound: do not expect IPSec Protect will point to an SA or SA bundle Outbound: apply security Inbound: security must have been applied 17

SPD Protect Action If the SA does not exist Outbound processing Trigger key management protocols to generate SA dynamically, or Request manual specification, or Other methods Inbound processing Drop packet 18

Outbound Processing Outbound packet (on A) IP Packet Is it for IPsec? If so, which policy entry to select? SPD (Policy) SA Database A B Determine the SA and its SPI IPSec processing SPI & IPsec Packet Send to B 19

Inbound Processing Inbound packet (on B) From A A B SPI & Packet SA Database SPD (Policy) Use SPI to index the SAD Was packet properly secured? un-process Original IP Packet 20

Authentication Header (AH) Data integrity Entire packet has not been tampered with Authentication Can trust IP address source Use MAC to authenticate Anti-replay feature Integrity check value 21

Integrity Check Value - ICV Message authentication code (MAC) calculated over IP header fields that do not change or are predictable IP header fields that are unpredictable are set to zero. IPsec AH header with the ICV field set to zero. Upper-level data Code may be truncated to first 96 bits 22

IPsec Authentication Header SAD Next Header (TCP/UDP) Payload Length 6-2=4 Reserved SPI Sequence Number ICV 23

Encapsulated Security Protocol (ESP) Confidentiality for upper layer protocol Partial traffic flow confidentiality (Tunnel mode only) Data origin authentication 24

Outbound Packet Processing Form ESP payload Pad as necessary Encrypt result [payload, padding, pad length, next header] Apply authentication 25

Outbound Packet Processing... Sequence number generation Increment then use With anti-replay enabled, check for rollover and send only if no rollover With anti-replay disabled, still needs to increment and use but no rollover checking ICV calculation ICV includes whole ESP packet except for authentication data field. Implicit padding of 0 s between next header and authentication data is used to satisfy block size requirement for ICV algorithm Not include the IP header. 26

Authentication coverage Encrypted ESP Transport Example Original IP Header SPI Sequence Number Payload (TCP Header and Data) Variable Length Padding (0-255 bytes) Pad Length Next Header Integrity Check Value 27

Inbound Packet Processing Sequence number checking Anti-replay is used only if authentication is selected Sequence number should be the first ESP check on a packet upon looking up an SA Duplicates are rejected! Check bitmap, verify if new reject Sliding Window 0 size >= 32 verify 28

Anti-replay Feature Optional Sequence number counter - 32 bit for outgoing IPsec packets Anti-replay window 32-bit Bit-map for detecting replayed packets 29

Anti-replay Sliding Window Window should not be advanced until the packet has been authenticated Without authentication, malicious packets with large sequence numbers can advance window unnecessarily Valid packets would be dropped! 30

Inbound Packet Processing... Packet decryption Decrypt quantity [ESP payload,padding,pad length,next header] per SA specification Processing (stripping) padding per encryption algorithm; In case of default padding scheme, the padding field SHOULD be inspected Reconstruct the original IP datagram Authentication verification (option) 31

ESP Processing - Header Location... Transport mode IPv4 and IPv6 IPv4 Orig IP hdr ESP hdr TCP Data ESP trailer ESP Auth IPv6 Orig IP hdr Orig ext hdr ESP hdr TCP Data ESP trailer ESP Auth 32

ESP Processing - Header Location... Tunnel mode IPv4 and IPv6 IPv4 New IP hdr ESP hdr Orig IP hdr TCP Data ESP trailer ESP Auth IPv6 New IP hdr New ext hdr ESP hdr Orig IP hdr Orig ext hdr TCP Data ESP trailer ESP Auth 33

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback