IPSec. Slides by Vitaly Shmatikov UT Austin. slide 1

Similar documents
IP Security IK2218/EP2120

Lecture 33. Firewalls. Firewall Locations in the Network. Castle and Moat Analogy. Firewall Types. Firewall: Illustration. Security April 15, 2005

IPSec. Overview. Overview. Levente Buttyán

IP Security. Have a range of application specific security mechanisms

CIS 6930/4930 Computer and Network Security. Topic 8.1 IPsec

CSC 6575: Internet Security Fall 2017

CSCE 715: Network Systems Security

The IPsec protocols. Overview

Internet security and privacy

Virtual Private Network

Internet Security. - IPSec, SSL/TLS, SRTP - 29th. Oct Lee, Choongho

Cryptography and Network Security Chapter 16. Fourth Edition by William Stallings

IPsec (AH, ESP), IKE. Guevara Noubir CSG254: Network Security

Lecture 13 Page 1. Lecture 13 Page 3

Cryptography and Network Security

Lecture 12 Page 1. Lecture 12 Page 3

Chapter 6. IP Security. Dr. BHARGAVI H. GOSWAMI Department of Computer Science Christ University

The Internet community has developed application-specific security mechanisms in a number of application areas, including electronic mail (S/MIME,

Protocols, Technologies and Standards Secure network protocols for the OSI stack P2.1 WLAN Security WPA, WPA2, IEEE i, IEEE 802.1X P2.

Int ernet w orking. Internet Security. Literature: Forouzan: TCP/IP Protocol Suite : Ch 28

CSE509: (Intro to) Systems Security

Chapter 6/8. IP Security

Network Security - ISA 656 IPsec IPsec Key Management (IKE)

Cryptography and secure channel. May 17, Networks and Security. Thibault Debatty. Outline. Cryptography. Public-key encryption

Firewalls, Tunnels, and Network Intrusion Detection

Chapter 11 The IPSec Security Architecture for the Internet Protocol

Cryptography and Network Security. Sixth Edition by William Stallings

The IPSec Security Architecture for the Internet Protocol

Chapter 5: Network Layer Security

CIT 480: Securing Computer Systems

IP Security. Cunsheng Ding HKUST, Kong Kong, China

COSC4377. Chapter 8 roadmap

Junos Security. Chapter 8: IPsec VPNs Juniper Networks, Inc. All rights reserved. Worldwide Education Services

CSC 4900 Computer Networks: Security Protocols (2)

INTERNET PROTOCOL SECURITY (IPSEC) GUIDE.

Chapter 32 Security in the Internet: IPSec, SSL/TLS, PGP,

CSE543 Computer and Network Security Module: Network Security

Virtual Private Networks (VPN)

INFS 766 Internet Security Protocols. Lectures 7 and 8 IPSEC. Prof. Ravi Sandhu IPSEC ROADMAP

Computer Security 3e. Dieter Gollmann. Security.di.unimi.it/sicurezza1415/ Chapter 16: 1

Virtual Private Networks

IBM i Version 7.2. Security Virtual Private Networking IBM

Secure channel, VPN and IPsec. stole some slides from Merike Kaeo

8. Network Layer Contents

VPN Overview. VPN Types

Internet Protocol and Transmission Control Protocol

IPsec and SSL/TLS. Applied Cryptography. Andreas Hülsing (Slides mostly by Ruben Niederhagen) Dec. 1st, /43

Set Up a Remote Access Tunnel (Client to Gateway) for VPN Clients on RV016, RV042, RV042G and RV082 VPN Routers

INF3510 Information Security University of Oslo Spring Lecture 9 Communication Security. Audun Jøsang

VPN, IPsec and TLS. stole slides from Merike Kaeo apricot2017 1

Configuration of an IPSec VPN Server on RV130 and RV130W

Introduction to IPsec. Charlie Kaufman

IP Security Part 1 04/02/06. Hofstra University Network Security Course, CSC290A

IPSec Transform Set Configuration Mode Commands

Lehrstuhl für Netzarchitekturen und Netzdienste Fakultät für Informatik Technische Universität München. ilab. Lab 8 SSL/TLS and IPSec

Computer Security 3e. Dieter Gollmann. Security.di.unimi.it/sicurezza1516/ Chapter 16: 1

Virtual Private Networks

Network Encryption 3 4/20/17

The EN-4000 in Virtual Private Networks

VPNs and VPN Technologies

IPSec Transform Set Configuration Mode Commands

IPSec implementation for SCTP

IP Security Discussion Raise with IPv6. Security Architecture for IP (IPsec) Which Layer for Security? Agenda. L97 - IPsec.

Network Security (NetSec) IN2101 WS 16/17

Network Security IN2101

Application Layer. Presentation Layer. Session Layer. Transport Layer. Network Layer. Data Link Layer. Physical Layer

Use of IPSec in Mobile IP

CONTENTS. vii. Chapter 1 TCP/IP Overview 1. Chapter 2 Symmetric-Key Cryptography 33. Acknowledgements

Network Security and Cryptography. December Sample Exam Marking Scheme

Protocol Architecture (2) Suguru Yamaguchi Nara Institute of Science and Technology Department of Information Science

Proposal for a Practical Cipher Communication Protocol that Can Coexist with NAT and Firewalls

IPSec Site-to-Site VPN (SVTI)

Distributed Systems. 27. Firewalls and Virtual Private Networks Paul Krzyzanowski. Rutgers University. Fall 2013

Lecture 9: Network Level Security IPSec

Sample excerpt. Virtual Private Networks. Contents

CS 356 Internet Security Protocols. Fall 2013

The World Wide Web is widely used by businesses, government agencies, and many individuals. But the Internet and the Web are extremely vulnerable to

Global Information Assurance Certification Paper. Copyright SANS Institute Author Retains Full Rights

Site-to-Site VPN. VPN Basics

Transport Level Security

VPN and IPsec. Network Administration Using Linux. Virtual Private Network and IPSec 04/2009

IPSec VPN Setup with IKE Preshared Key and Manual Key on WRVS4400N Router

Security Engineering. Lecture 16 Network Security Fabio Massacci (with the courtesy of W. Stallings)

IKE and Load Balancing

Configuring Security for VPNs with IPsec

L13. Reviews. Rocky K. C. Chang, April 10, 2015

IPsec Working Group. Expires January 2003 July IP Authentication Header draft-ietf-ipsec-rfc2402bis-01.txt. Status of This Memo

VPN Ports and LAN-to-LAN Tunnels

Prof. Shervin Shirmohammadi SITE, University of Ottawa. Security Architecture. Lecture 13: Prof. Shervin Shirmohammadi CEG

Voice over IPSec. Emilia Rosti Dip. Informatica e Comunicazione Univ. Degli Studi di Milano

Secure Networking with NAT Traversal for Enhanced Mobility

IPsec NAT Transparency

Parallelizing IPsec: switching SMP to On is not even half the way

Network Security: IPsec. Tuomas Aura

Module 28 Mobile IP: Discovery, Registration and Tunneling

Princess Nora Bint Abdulrahman University College of computer and information sciences Networks department Networks Security (NET 536)

How to Create a TINA VPN Tunnel between F- Series Firewalls

Transport Layer Security

Network Security Protocols NET 412D

How to Configure an IPsec VPN to an AWS VPN Gateway with BGP

Transcription:

IPSec Slides by Vitaly Shmatikov UT Austin slide 1

TCP/IP Example slide 2

IP Security Issues Eavesdropping Modification of packets in transit Identity spoofing (forged source IP addresses) Denial of service Many solutions are application-specific TLS for Web, S/MIME for email, SSH for remote login IPSec aims to provide a framework of open standards for secure communications over IP Protect every protocol running on top of IPv4 and IPv6 slide 3

IPSec: Network Layer Security IPSec = AH + ESP + IPcomp + IKE Protection for IP traffic AH provides integrity and origin authentication ESP also confidentiality Compression Sets up keys and algorithms for AH and ESP AH and ESP rely on an existing security association Idea: parties must share a set of secret keys and agree on each other s IP addresses and crypto algorithms Internet Key Exchange (IKE) Goal: establish security association for AH and ESP If IKE is broken, AH and ESP provide no protection! slide 4

IPSec Security Services Authentication and integrity for packet sources Ensures connectionless integrity (for a single packet) and partial sequence integrity (prevent packet replay) Confidentiality (encapsulation) for packet contents Also partial protection against traffic analysis Authentication and encapsulation can be used separately or together Either provided in one of two modes These services are transparent to applications above transport (TCP/UDP) layer slide 5

IPSec Modes Transport mode Used to deliver services from host to host or from host to gateway Usually within the same network, but can also be end-to-end across networks Tunnel mode Used to deliver services from gateway to gateway or from host to gateway Usually gateways owned by the same organization With an insecure network in the middle slide 6

IPSec in Transport Mode End-to-end security between two hosts Typically, client to gateway (e.g., PC to remote host) Requires IPSec support at each host slide 7

IPSec in Tunnel Mode Gateway-to-gateway security Internal traffic behind gateways not protected Typical application: virtual private network (VPN) Only requires IPSec support at gateways slide 8

Tunnel Mode Illustration Implements IPSec Implements IPSec IPSec protects communication on the insecure part of the network slide 9

Transport Mode vs. Tunnel Mode Transport mode secures packet payload and leaves IP header unchanged IP header (real dest) IPSec header TCP/UDP header + data Tunnel mode encapsulates both IP header and payload into IPSec packets IP header (gateway) IPSec header IP header (real dest) TCP/UDP header + data slide 10

Security Association (SA) One-way sender-recipient relationship SA determines how packets are processed Cryptographic algorithms, keys, IVs, lifetimes, sequence numbers, mode (transport or tunnel) read Kaufman! SA is uniquely identified by SPI (Security Parameters Index) Each IPSec keeps a database of SAs SPI is sent with packet, tells recipient which SA to use destination IP address, and protocol identifier (AH or ESP) slide 11

SA Components Each IPSec connection is viewed as one-way so two SAs required for a two-way conversation Hence need for Security Parameter Index Security association (SA) defines Protocol used (AH, ESP) Mode (transport, tunnel) Encryption or hashing algorithm to be used Negotiated keys and key lifetimes Lifetime of this SA plus other info slide 12

Security Association Issues How is SA established? How do parties negotiate a common set of cryptographic algorithms and keys to use? More than one SA can apply to a packet! E.g., end-to-end authentication (AH) and additional encryption (ESP) on the public part of the network slide 13

AH: Authentication Header Sender authentication Integrity for packet contents and IP header Sender and receiver must share a secret key This key is used in HMAC computation The key is set up by IKE key establishment protocol and recorded in the Security Association (SA) SA also records protocol being used (AH) and mode (transport or tunnel) plus hashing algorithm used MD5 or SHA-1 supported as hashing algorithms slide 14

IP Headers Version Header Length TOS Packet length Packet Id Flags Mutable Immutable Predictable Fragment offset TTL Protocol number Checksum Source IP address Destination IP address Options AH sets mutable fields to zero and predictable fields to final value and then uses this header plus packet contents as input to HMAC slide 15

AH in Transport Mode Before AH is applied slide 16

AH in Tunnel Mode Before AH is applied slide 17

Authentication Header Format Provides integrity and origin authentication Authenticates portions of the IP header Anti-replay service (to counter denial of service) No confidentiality Next header (TCP) Payload length Reserved Security parameters index (SPI) Sequence number Identifies security association (shared keys and algorithms) Anti-replay ICV: Integrity Check Value (HMAC of IP header, AH, TCP payload) Authenticates source, verifies integrity of payload slide 18

Prevention of Replay Attacks When SA is established, sender initializes 32-bit counter to 0, increments by 1 for each packet If wraps around 2 32-1, new SA must be established Recipient maintains a sliding 64-bit window If a packet with high sequence number is received, do not advance window until packet is authenticated slide 19

Forms of AH-Based Authentication slide 20

ESP: Encapsulating Security Payload Adds new header and trailer fields to packet Transport mode Confidentiality of packet between two hosts Complete hole through firewalls Used sparingly Tunnel mode Confidentiality of packet between two gateways or a host and a gateway Implements VPN tunnels slide 21

ESP Security Guarantees Confidentiality and integrity for packet payload Symmetric cipher negotiated as part of security assoc Optionally provides authentication (similar to AH) Can work in transport encrypted Original IP header ESP header TCP/UDP segment ESP trailer ESP auth or tunnel mode authenticated New IP header Original IP ESP header TCP/UDP segment ESP trailer ESP auth header slide 22

ESP Packet Identifies security association (shared keys and algorithms) Anti-replay TCP segment (transport mode) or entire IP packet (tunnel mode) Pad to block size for cipher, also hide actual payload length Type of payload HMAC-based Integrity Check Value (similar to AH) slide 23

Virtual Private Networks (VPN) ESP is often used to implement a VPN Packets go from internal network to a gateway with TCP / IP headers for address in another network Entire packet hidden by encryption Including original headers so destination addresses are hidden Receiving gateway decrypts packet and forwards original IP packet to receiving address in the network that it protects This is known as a VPN tunnel Secure communication between parts of the same organization over public untrusted Internet slide 24

ESP Together With AH AH and ESP are often combined End-to-end AH in transport mode Authenticate packet sources Gateway-to-gateway ESP in tunnel mode Hide packet contents and addresses on the insecure part of the network Significant cryptographic overhead Even with AH slide 25

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback