1 / 109

IP Security

IP Security. School of Electronics and Information Kyung Hee University Choong Seon HONG cshong@khu.ac.kr http://networking.khu.ac.kr. Summarized Chapter 6 of “Network Security Essentials” by William Stallings +. IP Security Overview. 1994 – RFC1636, Security in the Internet Architecture

driscollr
Download Presentation

IP Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. IP Security School of Electronics and Information Kyung Hee University Choong Seon HONG cshong@khu.ac.kr http://networking.khu.ac.kr Summarized Chapter 6 of “Network Security Essentials” by William Stallings +

  2. IP Security Overview • 1994 – RFC1636, Security in the Internet Architecture • Identified key needs: • secure network infrastructure from unauthorized monitoring • control network traffic • secure end-to-end user traffic using encryption and authentication

  3. IP Security Overview • CERT – most serious attacks are IP spoofing and eavesdropping/packet sniffing • recently DDoS • Next generation IP includes authentication and encryption • IPv6 • IPSec  IPv6 • Available with IPv4

  4. Application of IPSec • Secure branch office connectivity over the Internet • Secure remote access over the Internet • Establishing extranet and intranet connectivity with partners • Enhancing electronic commerce security

  5. Application of IP Security

  6. Benefits of IPSec • Strong security for all traffic when crossing the perimeter (assuming it is implemented in a firewall or router) • IPSec in a firewall is resistant to bypass • Below the transport layer (TCP, UDP) and transparent to applications • Transparent to the end user • Provides security for individual users – offsite workers, VPN

  7. Routing & IPSec • Router advertisement comes from an authorized router • Neighbor advertisement comes from an authorized router • Redirect comes from router to which initial packet was sent • Routing updates are not forged • Prevents disruption and diversion of traffic

  8. Network Security Basic Networking

  9. TCP and UDP Headers

  10. IP Headers 32-bitfield QoS max # allowable hops 128-bit field

  11. TP/IP Concepts

  12. Application Byte Stream TCPSegment TCPHeader User Data IPHeader NetworkHeader User Data User Data IP Datagram User Data Network-level Packet PDUs in TCP/IP

  13. Some TCP/IP Protocols

  14. Assigned Port Numbers

  15. Configuration of TCP/IP

  16. Network Security IP Security – Part 1

  17. IPSec Documents • November - 1998 • RFC 2401 – Overview • RFC 2402 – packet authentication extension • RFC 2406 – packet encryption extension • RFC 2408 – key management capabilities • Implemented as extension headers that follow the main header: • Authentication Header (AH) • Encapsulating Security Payload Header (ESP)

  18. IPSec Documents packet format Domain of Interpretationrelation between documents(identifiers and parameters)

  19. IPSec Services • Provides security services at the IP layer • Enables a system to: • select required security protocols • determine algorithms to use • setup needed keys

  20. IPSec Services – 2 Protocols • Authentication protocol– designated by the authentication header (AH) • Encryption/Authentication protocol– designated by the format of the packet, Encapsulating Security Payload (ESP); it is a mechanism for providing integrity and confidentiality to IP datagrams • AH and ESP are vehicles for access control

  21. IPSec Services

  22. Security Associations Key Concept: • Security Association (SA)– is a one-way relationship between a sender and a receiver that defines the security services that are provided to a user • Requirements are stored in two databases: security policy database (SPD) and security association database (SAD)

  23. Security Associations Uniquely identified by: • Destination IP address– address of the destination endpoint of the SA (end user system or firewall/router) • Security protocol– whether association is AH or ESP. Defines key size, lifetime and crypto algorithms (transforms) • Security parameter index (SPI)– bit string that provides the receiving device with info on how to process the incoming traffic

  24. Security Associations A B IP Secure Tunnel • Destination IP address • Security Protocol • Secret keys • Encapsulation mode • SPI SA SA

  25. Security Associations • SA is unidirectional • It defines the operations that occur in the transmission in one direction only • Bi-directional transport of traffic requires a pair of SAs (e.g., secure tunnel) • Two SAs use the same meta-characteristics but employ different keys

  26. Security Association Database • Each IPSec implementation has a Security Association Database (SAD) • SAD defines the parameters association (SPI) with each SA • SAD stores pairs of SA, since SAs are unidirectional

  27. Security Association Database • Sequence number counter • Sequence counter overflow • Anti-replay window • AH information • ESP information • Lifetime of this SA • IPSec protocol mode – tunnel, transport, wildcard • Path MTU

  28. Security Policy Database • Considerable flexibility in way IPSec services are applied to IP traffic • Can discriminate between traffic that is afforded IPSec protection and traffic allowed to bypass IPSec • The Security Policy Database (SPD) is the means by which IP traffic is related to specific SAs

  29. Security Policy Database • Each entry defines a subset of IP traffic and points to an SA for that traffic • These selectors are used to filter outgoing traffic in order to map it into a particular SA

  30. Security Policy Database • Destination IP address • Source IP address • User ID • Data sensitivity level – secret or unclassified • Transport layer protocol • IPSec protocol – AH or ESP or AH/ESP • Source and destination ports • IPv6 class • IPv6 flow label • IPv4 type of service (TOS)

  31. Security Policy Database Outbound processing for each packet: • Compare fields in the packet to find a matching SPD entry • Determine the SA and its associated SPI • Do the required IPSec processing

  32. Transport and Tunnel Modes • SA supports two modes:Transport – protection for the upper layer protocolsTunnel – protection for the entire IP packet

  33. Transport Mode • Protection extends to the payload of an IP packet • Primarily for upper layer protocols – TCP, UDP, ICMP • Mostly used for end-to-end communication • For AH or ESP the payload is the data following the IP header (IPv4) and IPv6 extensions • Encrypts and/or authenticates the payload, but not the IP header

  34. Tunnel Mode • Protection for the entire packet • Add new outer IP packet with a new outer header • AH or ESP fields are added to the IP packet and entire packet is treated as payload of the outer packet • Packet travels through a tunnel from point to point in the network

  35. Tunnel and Transport Mode

  36. Transport vs Tunnel Mode

  37. Authentication Header

  38. Authentication Header (2) • What is AH ? • A mechanism for providing strong integrity and authentication for IP datagrams • Provide secure communication using shared secret key and key exchange mechanism • Security Service by AH • Authentication • Data origin authentication using authentication data (MD5, SHA-1) • Integrity • Provide connectionless integrity based on individual IP datagram • Anti-replay attack • Protect replay attack using sequence number

  39. Authentication Header (2) • Security Mechanism • Default Implementation : HMAC with MD5 and SHA-1 • Negotiation (HMAC-MD5-96, HMAC-SHA-1-96, No Service, etc)

  40. IPSec Authentication Header

  41. Authentication Header • Next Header (8bits): • type of immediately following header (e.g TCP=6) • Payload length (8 bits): • Length of AH in 32-bit words minus 2 • Security Parameters Index (32 bits): • Identifies (with destination IP address) a security association (SA) • Sequence Number (32 bits): • Monotonically increasing counter up to 232 -1 (to discard replayed packets) • Authentication Data (variable): • variable field that contains the Integrity Check Value (ICV), or MAC

  42. Anti-Replay Service • Replay Attack: Obtain a copy of authenticated packet and later transmit to the intended destination • Mainly disrupts service • Sequence number is designed to prevent this type of attack

  43. Anti-Replay Service • Sender initializes seq num counter to 0 and increments as each packet is sent • Seq num < 232; otherwise new SA • If the limit of 232 – 1 is reached, the sender terminates this SA • IP is connectionless, unreliable service • So, not delivered in order Accordingly • Receiver implements window of W • Right edge of window is highest seq num, N, received so far

  44. Anti-Replay Service • Received packet within window & new, check MAC, if authenticated mark slot • Packet to the right of window, do check/mark & advance window to new seq num which is the new right edge • Packet to the left, or authentication fails, discard packet, & flag event

  45. Anti-Replay Service • Replay attack: getting a copy of an authenticated packet and then transmitting it to the intended destination • Each time a packet is sent on a SA, the sender increments the Sequence Number Counter (of SA) and places the values in the Sequence Number field (of AH) • Remember IP is a connectionless, unreliable service: packets may not all be delivered, and not in order

  46. Anti-Replay Service

  47. Anti-Replay Processing • If received packet is in the Window and new, MAC is checked. If OK, slot is marked • If to the right of the window and new, MAC is checked. If OK, window is moved to the right and slot is marked • If to the left of the window or if MAC not OK or not new, packet is discarded

  48. Anti-Replay Mechanism W = 64N = 104

  49. Integrity Check Value • Contained in the Authentication Data field • Is a truncated version of a code produced by a MAC algorithm (HMAC-MD5-96, HMAC-SHA-1-96), using the first 96 bits (default length of the Authentication Data field) • The MAC is calculated over: • “immutable” or “predictable” IP header fields (TTL is mutable; destination address, with source routing, is predictable) • The AH header other than the Authentication Data field • The upper level protocol data (like a TCP segment)

  50. End-to-end Authentication transport tunnel Two Ways To Use IPSec Authentication Service

More Related