370 likes | 737 Views
IT 포럼 코리아 2001. IPSEC 표준화 동향. 이 계 상 정보통신공학과 동의대학교 http://www.dongeui.ac.kr/~ksl. 목 차. 50 차 IETF Minneapolis 회의 주요 내용 IPSEC WG IPSP WG IPSRA WG Mobile IPv6 Security issue. IP Security 관련 IETF WGs. IPSEC WG 1993 년 발족 IP security protocols and algorithms 표준화 IPSP WG
E N D
IT 포럼 코리아 2001 IPSEC 표준화 동향 이 계 상 정보통신공학과 동의대학교 http://www.dongeui.ac.kr/~ksl
목 차 • 50차 IETF Minneapolis 회의 주요 내용 • IPSEC WG • IPSP WG • IPSRA WG • Mobile IPv6 Security issue
IP Security 관련 IETF WGs • IPSEC WG • 1993년 발족 • IP security protocols and algorithms 표준화 • IPSP WG • 2000.3월, 1st WG meeting • Policy issue • IPSRA WG • 2000.3월, 1st WG meeting • Remote access issue • 50차 IETF 회의 (미국 미니애폴리스) • 2001.3.18 - 23
IPsec MIB 문서 • 다음 세 문서를 곧 WG last call 함 • Draft-ietf-ipsec-isakmp-di-mon-mib-03.txt • Draft-ietf-ipsec-ike-monitor-mib-02.txt • Draft-ietf-ipsec-monitor-mib-04.txt
Announcement • Next IPsec Bakeoff (Workshop) • Espoo, Finland (near Helsinki) • 2001.8.13 – 19 (런던 IETF 회의 바로 다음주)
IPV6 and IPsec - ICMPv6 이슈 • ICMPv6 messages • Destination Unreachable • Packet Too Big • Time Exceeded • Parameter Problem • Echo Request/ Reply • Redirect • Router Solicit/ Advert • Neighbor Solicit/ Advert • Router Renumbering
ICMPv6 Problem 예 • 호스트 A가 호스트 B와 보안 통신 희망 • 모든 트래픽 보안 • IKE message UDP ICMPv6 msg (neighbor solicit for ARP) IKE ??? • IKE를 통한 자동 SA 사용 못함 A B
ICMPv6와 IKE • ICMPv6 message와 IKE 사용 관계 • Destination Unreachable may (Use of IKE?) • Packet Too Big may • Time Exceeded may • Parameter Problem may • Echo Request/ Reply may • Redirect should not • Router Solicit/ Advert must not • Neighbor Solicit/ Advert must not • Router Renumbering may
Solution • ICMPv6 메시지 보호용으로, 수동 IPsec SA를 사용하는 제안 논의 • 수동 설정에 따른 오버헤드 감소 방법도 같이 제안 • 문서 • draft-arkko-icmpv6-ike-effects-00.txt • draft-arkko-manual-icmpv6-sas-00.txt • More discussion on the list
Secure MPLS • MPLS: Sub-IPArea, mpls WG • 두 문서 • Draft-tsenevir-smpls-doi-00.txt • Draft-tsenevir-smpls-01.txt • SMPLS-AH • SMPLS-ESP • Ok to run IKE over RSVP ? • Requirements ?
IPsec and NAT • 두 문서 • IPsec NAT-Traversal draft-stenberg-ipsec-nat-traversal-02.txt • IPsec ESP Encapsulation in UDP for NAT Traversal draft-huttunen-ipsec-esp-in-udp-01.txt • 위 두 문서를 결합하여 논의함 • 곧 새로운 문서 post 예정
Son of IKE • To fix bugs, not to add any features • Need to be implementation preserving • A proposal is to combine the three documents into a new draft • Unnessarily long, duplicate, … • More discussion
Past Meetings • BOF • 1999.3 • 1st WG meeting • 47th IETF, Adelaide, Australia, 2000.3 • 2nd WG meeting • 48th IETF, Pittsburgh, USA, 2000.8 • 3rd WG meeting • 49th IETF, San Diego, USA, 2000.12 • 4th WG meeting • 50th IETF, Minneapolis, USA, 2001.3
Drafts • No RFC • 5 WG drafts • A Roadmap for IPsec Policy Management • IPSP Requirements • IPsec Configuration Policy Model • IPsec Policy Configuration MIB • IPSec Policy Information Base
주요 논의 문서 • Policy Management Roadmap • Requirement draft • Draft-ietf-ipsp-requirement-00.txt • No change, no comments since last meeting • Configuration policy model • Draft-ietf-config-policy-model-02.txt • Policy Framework WG의 PCIM extension draft와 부합 여부 보고 • 이들 세 문서를 곧 last call 예정
주요 논의 문서 (계속) • IPsec configuration MIB • Draft-ipsp-ipsec-config-mib-00.txt • IPsec policy information Base (PIB) • Draft-ipsp-ipsecpib-02.txt • Next Step • PF_Policy draft, SG discovery protocol 설계, Security policy specification language
Past Meetings • 1st BOF • 2nd BOF • Washington, 1999.11 • 1st WG meeting • 47th IETF, Adelaide, Australia, 2000.3 • 2nd WG meeting • 48th IETF, Pittsburgh, USA, 2000.8 • 3rdWG meeting • San Diego, 2000.12 • 4th WG meeting • 50th IETF, Minneapolis, USA, 2001.3
Drafts • No RFC • 4WG drafts • Requirements draft • DHCP Configuration draft • Two Authentication drafts
주요 문서 현황 • Requirement draft • Currently 03 version • No comment since last meeting • L2TP ext WG에 comment 요청 • To informational RFC • DHCP 09 draft • IETF last call (for proposed standard RFC)
Remote User Authentication • Two proposals • Pre-IKE Credential Provisioning Protocol • PIC draft : draft-ietf-ipsra-pic-01.txt • Client Certificate and Key Retrieval for IKE • getcert draft : draft-ietf-ipsra-getcert-00.txt • Recent Straw Poll • 6:7 • 참여 수가 너무 적어 결정 못 내림 • 메일링 리스트에서 계속 논의 (new straw poll)
PIC draft • One of approaches of integrating legacy authentication mechanisms into IKE • Switched from XAuth to EAP for legacy authentication • EAP (Extensible Authentication Protocol, RFC 2284) • EAP tunneled within ISAKMP • No modification to IKE
PIC Architecture Authentication Server (AS) Legacy Authentication Server (LAS) Client/User Optional Link Security Gateway (SGW)
PIC Protocol • Three main stages in PIC protocol (Btw Client and AS) • establish one-way trust relationship. A secure channel from the client to the AS is created (Server authenticated) • Legacy authentication is performed over this channel. Use EAP tunneled within ISKMP (User authenticated) • The AS sends the client a (typically short-term) credential which can be used in subsequent IKE exchanges • The credential can be thought as • a certificate, • a private key generated or stored by the AS and accompanied by a corresponding certificate, or • symmetric secret key
PIC Protocol Exchanges HDR, SA, KE, Ni 서버인증 HDR, SA, KE, Nr, IDir, [ CERT,] SIG_R, HASH, <EAP> [, <EAP>…] HDR*, HASH, EAP, [EAP …] [CREDENTIAL-REQUEST] 사용자인증 HDR*, HASH, EAP, [EAP …] [CREDENTIAL] SIG-R is derived from HASH-R HASH-R = prf(SKEYID_a, g^xr | g^xi |CKY-R | CKY-I | Sar_b | IDir_b)
Getcert draft • The architecture is similar to PIC’s • integrate legacy authentication into IKE • use the separated AS • The differences is in the details: • use TLS and HTTP • However, recently changed to EAP
Mobile IPv6 Operation Mobile Node R R Internet Home Agent R Correspondent Node
Binding messages Mobile Node R Binding Update R Internet Binding Acknowledgement Home Agent R Correspondent Node
Triangle Routing Mobile Node R R Internet Home Agent R Correspondent Node
Route Optimization Mobile Node R R Binding Update Internet Binding Ack Home Agent R Correspondent Node
Route Optimization (cont.) Mobile Node R R Internet Home Agent R Correspondent Node
Authentication of Binding msg • IPsec을 이용하려 했으나 • AH, ESP • Mobile 환경에서는 IPsec 프로토콜을 적용하기어려운 것으로 밝혀짐 • IPsec policy는 트래픽 스트림의 모든 패킷에 적용 • IKE의 public key 기반 및 heavy processing • 새로운 Authentication 프로토콜 대안 적시 개발 필요 • 이동 통신 사업자의 All-IP 망 구축
Purpose-Built Key (PBK) • Operation Correspondent node Mobile node i) Create a public/ private key pair (PBK) ii) Endpoint ID = hash (public part of PBK) iii) Send EID Initial Packet (EID) ~~~ iv) Node moves v) Send pubic key Pubic key vi) Send binding message signed by private key Binding message along with EID
Purpose-Built Key (cont.) • Pros and Cons • Lighter-weight method of authorizing binding messages • Jeff Schiller (Security Area Co-chair), Scott Brader, Allison Mankin (Transport Area Co-chair) • However, less security than IPsec • Man-in-the-middle attack 가능 • Not user authentication, but machine authentication • IPv6 proponents fear that mobile WG adopt PBK approach