680 likes | 698 Views
Learn about the architecture, benefits, and components of IP Security Protocol (IPSec) for secure network communication. Explore applications like secure office connectivity and electronic commerce security.
E N D
Chapter 6 IP Security
Outline • Internetworking and Internet Protocols (Appendix 6A) • IP Security Overview • IP Security Architecture • Authentication Header • Encapsulating Security Payload • Combinations of Security Associations • Key Management
IP Security Overview IPSec is not a single protocol. Instead, IPSec provides a set of security algorithms plus a general framework that allows a pair of communicating entities to use whichever algorithms provide security appropriate for the communication. IPsec (Internet Protocol Security) is a Suite of standards for security at the Network-Layer of network communication rather then at the Application-Layer. - Communicate over unsecured networks
IP Security Overview • Applications of IPSec • Secure branch office connectivity over the Internet • Secure remote access over the Internet • Establsihing extranet and intranet connectivity with partners • Enhancing electronic commerce security • Generic modules that can be replaced • Crypto algorithms • Protocols • Key exchange
The IETF IPsec group • The group • 2 Chairs (CISCO, MIT) • 2 Directors (MIT, NORTEL) • 1 Advisor (MIT) • Till San Francisco Meeting , CA, March 16-21, 2003 • After it, Till Dallas Meeting, TX, March 19-24, 2006 it was PKI4IPSEC • A sister working group IPSRA(IPsec remote access) • 2 Chairs (RADGUARD, IMC) • 1 Advisor (from the IPsec group) • New WGs : • IPSECKEY - IPSEC KEYing information resource record WG • Routing Protocol Security Requirements WG (still existing) • Multicast Security WG c • Profiling Use of PKI in IPSEC WG (PKI4IPSEC) • Public Key Infrastructure (X.509) WG (still existing)
IP Security Overview • Benefits of IPSec • Transparent to applications (below transport layer, TCP, UDP) • Provide security for individual users • IPSec can assure that: • A router or neighbor advertisement comes from an authorized router • A redirect message comes from the router to which the initial packet was sent • A routing update is not forged
IP Security Architecture • IPSec documents: • RFC 2401: An overview of security architecture • RFC 2402: IP Authentication Header to IPv4 and IPv6 • RFC 2406: IP Encapsulating Security Payload (ESP) to IPv4 and IPv6 • RFC 2408: Internet Security Association and Key Management Protocol (ISAKMP)
IPSec Document Overview AH : Authentication Header ESP : Encapsulating Security Payload DOI : Domain of Interpretation
IPSec Services • Access Control • Connectionless integrity • Data origin authentication • Rejection of replayed packets • Confidentiality (encryption) • Limited traffic flow confidentiallity
IP TCP Original data header header IP packet IP IPsec TCP Transport mode data header header header protected packet IP IPsec IP TCP Tunnel mode data header header header header protected packet IPSec Services • IPsec defines two encapsulation modes for an IP packet • Tunnel • Transport
Original IP header TCP header data IP packet Transport mode IP header IPsec header TCP header data protected packet Transport mode • Intercept Network layer packets Encrypt / Authenticate these packets preserving most of the original IP header Network A B
Original IP TCP data IP packet header header Tunnel mode IP IPsec IP TCP data protected packet header header header header Tunnel mode • Intercept Network layer packets Encrypt / Authenticate these packets, while encapsulating the whole original IP packet
Tunnel Mode • Tunnel Mode is the mode for VPN • Tunnel mode has a network overhead: • headers overhead • may cause fragmentation • Tunnel is not for everything (Client to Client should work in Transport mode) VPN : Virtual Private Network
IPSec components • SA Database • where all keys and contracts are being kept • IPSec base protocol • Policy Database (SPD) • Policy Engine • Internet Key Exchange (IKE) • Logger
SPS SPS Transform Transform SPS SPS Transform Library SPS SMS IPSec 동작구조 Application Programs telnet ftp mail Security Management Network CA/Key Management Network set SA SAD Auditing Logging Host Sensor SA Request/ Reply CA Server Certificate IKE Server Auditing IPsec Engine SA Negotiation Auditing Policy Set/Get Key Management System Policy Request/ Reply Enc/Dec Key Store/ Recovery SPDB Policy Setting Network Interface get SA Secure Packet send/receive SMS : Security Management System SPS : Security Policy System SAD : Security Association Batabase
Security Associations (SAs) • What is a SA: • contract between two communication entities • SAs are one way (i.e. simplex) • stored in a database (SAD) • works in congestion with the SPD • Set up manually or through the IKE (Internet Key Exchange) spec. • Properties of an IPsec SA (partial): • Algorithm (authentication , confidentiality) • Keys (auth , conf) • Lifetime • Transforms • SPI (AH and ESP 시 SA와의 연관을 위한 구분자) SPI : Security Parameter Index
Security Associations (SAs) • SPD (Security Policy Database) : 패킷들에 대한 보안 정책을 적용하는 데이터베이스 • SPD는 모든 트래픽의 처리시 참조. 이때 취해질 수 있는 정책은 폐기(discard), 통과(bypass IPSec) 또는 IPSec 적용(apply IPSec) • SAD (Security Association Database) : 양단간의 비밀 데이터 교환을 위해 미리 설정되어야 할 보안 요소들에 대한 데이터베이스
SA Selectors • Traffic 과 SA의 매핑 (stored in SAD) • Outbound (transmit)packets are not encrypted , can identify the SA by the tuple : <Dest IP, Port, Protocol> • Inbound (receive)packets are encrypted and the port is hidden, the protocol is the ipsec encapsulating header (AH or ESP).can identify the SA by the tuple: <Dest IP, SPI, Protocol{AH, ESP}>
SAs (management) • SA is being deleted for various reasons • Lifetime • Exceeded number of certain byte-count limit • Exceeded certain time • The other end requests to delete it • SA management (Addition/Deletion/Search)is very important for consistency, perform adaptive cryptographic engine, …
IPSec Transforms • IPSec defines two base protocols • AH (Authentication Header) • ESP (Encapsulating Security Protocol)
IPsec AH (Authentication Header) • Provides authentication for as much of the IP header as possible, as well as for upper layer protocol data. Payload IP HDR TCP HDR DATA TCP HDR DATA Payload IP HDR AH HDR TCP HDR DATA TCP HDR DATA Authentication
Next Header Length Reserved Security Parameter Index (SPI) 32 bits Sequence Number 32 bits Authentication Data 96 bits IPsec AH header IP Header(usually 20 bytes) Protocol = AH AH Header 24 bytes Payload Data Next header: TCP, UDP etc. Sequence number: Start at 1, never recycle (optional)
IPsec ESP header • ESP – Encapsulating Security Payload • Used to encrypt/authenticate a payload Payload IP HDR Payload ESP IP HDR ESP HDR ESP Auth Trailer Encryption Authentication
IPsec ESP header IP Header Protocol = ESP SPI(32 bits) ESP Header 8 bytes + Crypto block size Sequence Number(32 bits) Authentication coverage IV(variable block size) Payload Data (variable) Encrypted Payload, Padding and Trailer Confidentiality coverage Padding (0-255) Pad Len Next Hdr Authentication Data (96 bits) Keyed MD5-HMAC or SHA-1-HMAC ESP Auth 8 bytes
IPSec ESP header • Confidentiality (Encryption) is optional.When not used, the NULL algorithmdefined in RFC-2410 is used. • Authentication is optional. When not selected, the authentication trailer must be omitted. • Either encryption or authentication (or both) must be enabled (NULL-NULL is an invalid option)
IPsec AH+ESP header • Maximum coverage of Authentication and Encryption • When using this policy, double Authenticationmay be dumb…(however people do use it ) • Common case: Payload AH ESP ESP IP HDR TCP HDR DATA TCP HDR DATA HDR HDR Trailer Encrypted Authentication
IP Fragmentation • Tunnel mode at Router • IPSec is applied to a complete IP packet (max 64K size) • this means a fragment could not be decrypted or authenticated until the whole IP packet is assembled.
Reply prevention • Algorithm: • Check seq# before authenticating • Update window and seq# after authenticating • Drop replayed packets. • Recommended window size is 32(/64)however its an independent internal choice (can be probed externally using ping by a trusted party )
Reply prevention-- window • If the packet no. is bigger than current window, then test MAC • If the packet no. is within current window, then test MAC • If the packet no. is smaller than current window, then drop
IPsec and IPv6 • IPsec is a mandatory implementation in IPv6 • Header format natively fits to the IPV6 header • Address space reduces the need for Tunneled packets.
Encryption and Authentication Algorithms • Encryption: • Three-key triple DES • RC5 • IDEA • Three-key triple IDEA • CAST • Blowfish • Authentication: • HMAC-MD5-96 • HMAC-SHA-1-96
Combinations of Security Associations Remote Host Firewall