CSCE 815 Network Security Lecture 13

CSCE 815 Network Security CSCE 815 Network Security Lecture 13 Lecture 13CSCE 815 Network Security CSCE 815 Network Security Lecture 13 Lecture 13

IP SecurityIP Security

(IPSec)(IPSec)

March 4, 2003

– 2 – CSCE 815 Sp 03

PGP HomeworkPGP Homework

1.1. 5.4 page 1595.4 page 159

2.2. Find PGP on SUNs (whereis, which, whatis, man-k)Find PGP on SUNs (whereis, which, whatis, man-k)

3.3. Construct a RSA based signing keyConstruct a RSA based signing key

4.4. Construct an encryption keyConstruct an encryption key

5.5. Pick a partner from the class.Pick a partner from the class.

6.6. Send a signed but cleartext message to your Send a signed but cleartext message to your partner.partner.

7.7. Validate the signature of the received message.Validate the signature of the received message.

8.8. Send the key and an encrypted message to the Send the key and an encrypted message to the partner.partner.

9.9. Decrypt the message.Decrypt the message.

– 3 – CSCE 815 Sp 03

Chapter 6 – IP SecurityChapter 6 – IP Security

If a secret piece of news is divulged by a spy before If a secret piece of news is divulged by a spy before the time is ripe, he must be put to death, together the time is ripe, he must be put to death, together with the man to whom the secret was told.with the man to whom the secret was told.

——The Art of WarThe Art of War, Sun Tzu, Sun Tzu

– 4 – CSCE 815 Sp 03

OutlineOutline

Internetworking and Internet Protocols (Appendix 6A)Internetworking and Internet Protocols (Appendix 6A)

IP Security OverviewIP Security Overview

IP Security ArchitectureIP Security Architecture

Authentication HeaderAuthentication Header

Encapsulating Security PayloadEncapsulating Security Payload

Combinations of Security AssociationsCombinations of Security Associations

Key ManagementKey Management

– 5 – CSCE 815 Sp 03

TCP/IP Example (fig 6.13)TCP/IP Example (fig 6.13)

– 6 – CSCE 815 Sp 03

IP SecurityIP Security

have considered some application specific security have considered some application specific security mechanismsmechanisms eg. S/MIME, PGP, Kerberos, SSL/HTTPS

however there are security concerns that cut across however there are security concerns that cut across protocol layersprotocol layers

would like security implemented by the network for all would like security implemented by the network for all applicationsapplications

– 7 – CSCE 815 Sp 03

IPSecIPSec

general IP Security mechanismsgeneral IP Security mechanisms

providesprovides authentication confidentiality key management

applicable to use over LANs, across public & private applicable to use over LANs, across public & private WANs, & for the InternetWANs, & for the Internet

Internet Engineering Task Force (IETF) develops Internet Engineering Task Force (IETF) develops protocol standards for the internetprotocol standards for the internet

– 8 – CSCE 815 Sp 03

IPv4 HeaderIPv4 Header

– 9 – CSCE 815 Sp 03

IP version 4 FieldsIP version 4 Fields

Version (4 bits) the value is 0100 = 4Version (4 bits) the value is 0100 = 4

Internet Hedaer Length (IHL)(4) length of header in 32bit words. Internet Hedaer Length (IHL)(4) length of header in 32bit words. The minimum value is 5.The minimum value is 5.

Type of Service(8)Type of Service(8)

Total Length (16) Total IP packet length in octetsTotal Length (16) Total IP packet length in octets

Identification (16) sequence numberIdentification (16) sequence number

Flags(3) “more”, and “don’t fragment”Flags(3) “more”, and “don’t fragment”

Fragment offset (13) where is belongs in 64bit unitsFragment offset (13) where is belongs in 64bit units

Time to Live (TTL) (8) number of “seconds” for packet to liveTime to Live (TTL) (8) number of “seconds” for packet to live

ChecksumChecksum

Addresses 32 bit source and destination addressesAddresses 32 bit source and destination addresses

OptionsOptions

– 10 – CSCE 815 Sp 03

IPv6 HeaderIPv6 Header

– 11 – CSCE 815 Sp 03

IP version 6 FieldsIP version 6 Fields

Version (4 bits) the value is 0110 (6)Version (4 bits) the value is 0110 (6)

Traffic class (8) priority of this packet for routersTraffic class (8) priority of this packet for routers

Flow Label(20) label packets for special processing by Flow Label(20) label packets for special processing by routersrouters

Payload Length(16)Payload Length(16)

Next Header(8) – usually TCP or UDP or an IPv6 Next Header(8) – usually TCP or UDP or an IPv6 extensionextension

Hop limit (8)Hop limit (8)

Source Address(128=16 octets=4 words)Source Address(128=16 octets=4 words)

Destination address (128=16octets=4 words)Destination address (128=16octets=4 words)

– 12 – CSCE 815 Sp 03


IPSec is not a single protocol. Instead, IPSec IPSec is not a single protocol. Instead, IPSec provides a set of security algorithms plus a provides a set of security algorithms plus a general framework that allows a pair of general framework that allows a pair of communicating entities to use whichever communicating entities to use whichever algorithms provide security appropriate for the algorithms provide security appropriate for the communication.communication.

– 13 – CSCE 815 Sp 03


Applications of IPSecApplications of IPSec Secure branch office connectivity over the Internet Secure remote access over the Internet Establshing extranet and intranet connectivity with

partners Enhancing electronic commerce security

Virtual Private NetworksVirtual Private Networks http://www.howstuffworks.com/vpn.htm

Two protocolsTwo protocols

1.1. Authentication Header (AH) authentication protocolAuthentication Header (AH) authentication protocol

2.2. Encapsulating Security Protocol (ESP) combined Encapsulating Security Protocol (ESP) combined encryption/authentication protocolencryption/authentication protocol

– 14 – CSCE 815 Sp 03

IP Security ScenarioIP Security Scenario

– 15 – CSCE 815 Sp 03

IP Security ArchitectureIP Security Architecture

specification is quite complexspecification is quite complex

defined in numerous RFC’sdefined in numerous RFC’s RFC 2401 – overview of security architecture RFC 2402 – packet authentication extension RFC 2406 – packet encryption RFC 2408 – key management many others, grouped by category

mandatory in IPv6, optional in IPv4mandatory in IPv6, optional in IPv4

Figure 6.2 summarizes additional documentsFigure 6.2 summarizes additional documents

– 16 – CSCE 815 Sp 03

IPSec Document OverviewIPSec Document Overview

– 17 – CSCE 815 Sp 03

Benefits of IPSecBenefits of IPSec

in a firewall/router provides strong security to all traffic in a firewall/router provides strong security to all traffic crossing the perimetercrossing the perimeter

is resistant to bypassis resistant to bypass

is below transport layer, hence transparent to is below transport layer, hence transparent to applicationsapplications

can be transparent to end userscan be transparent to end users

can provide security for individual users if desiredcan provide security for individual users if desired

– 18 – CSCE 815 Sp 03

Routing Applications supportRouting Applications support

IPsec can play a vital role in routing architectureIPsec can play a vital role in routing architecture

Routing protocols such as OSPF run on top of IPSecRouting protocols such as OSPF run on top of IPSec

Benefits provided by IPSec for routing applicationBenefits provided by IPSec for routing application Router advertisement is valid Neighbor advertisement is avlid Verify redirect message come from the same router the

initial packet was sent from Validate routing update messages

– 19 – CSCE 815 Sp 03

IPSec ServicesIPSec Services

Access controlAccess control

Connectionless integrityConnectionless integrity

Data origin authenticationData origin authentication

Rejection of replayed packetsRejection of replayed packets a form of partial sequence integrity

Confidentiality (encryption)Confidentiality (encryption)

Limited traffic flow confidentialityLimited traffic flow confidentiality

Table 6.1 summarizes the services provided by AH and Table 6.1 summarizes the services provided by AH and ESPESP

– 20 – CSCE 815 Sp 03

Security AssociationsSecurity Associations

a one-way relationship between sender & receiver that a one-way relationship between sender & receiver that affords security for traffic flowaffords security for traffic flow

For two-way it requires two separate SAsFor two-way it requires two separate SAs

Uniquely defined by 3 parameters:Uniquely defined by 3 parameters: Security Parameters Index (SPI) this is carried in AH and

ESP headers IP Destination Address Security Protocol Identifier

has a number of other parametershas a number of other parameters Sequence number, AH & EH info, lifetime etc

have a database of Security Associationshave a database of Security Associations

– 21 – CSCE 815 Sp 03

SA ParametersSA Parameters

Sequence number counterSequence number counter

Sequence counter overflow flagSequence counter overflow flag

Anti-replay windowAnti-replay window

AH info: authentication algorithm, keys, key lifetimesAH info: authentication algorithm, keys, key lifetimes

ESP info: encryption and authentication algorithm, ESP info: encryption and authentication algorithm, keys, key lifetimeskeys, key lifetimes

Lifetime of this Security Association (SA)Lifetime of this Security Association (SA)

IPSec protocol mode: tunnel or transportIPSec protocol mode: tunnel or transport

Path MTU maximum transmission unitPath MTU maximum transmission unit

– 22 – CSCE 815 Sp 03

SA SelectorsSA Selectors

IPSec offers flexibility in selecting and applying SAs to IPSec offers flexibility in selecting and applying SAs to IP trafficIP traffic

Security Policy database (SPD)Security Policy database (SPD) SPD entries define a subset of the IP traffic and the SA that

should be applied to this traffic

– 23 – CSCE 815 Sp 03

Authentication Header (AH)Authentication Header (AH)

provides support for data integrity & authentication of provides support for data integrity & authentication of IP packetsIP packets end system/router can authenticate user/app prevents address spoofing attacks by tracking sequence

numbers

based on use of a MACbased on use of a MAC HMAC-MD5-96 or HMAC-SHA-1-96

parties must share a secret keyparties must share a secret key

– 24 – CSCE 815 Sp 03

IPSec ServicesIPSec Services

Access ControlAccess Control

Connectionless integrityConnectionless integrity

Data origin authenticationData origin authentication

Rejection of replayed packetsRejection of replayed packets

Confidentiality (encryption)Confidentiality (encryption)

Limited traffic flow confidentiallityLimited traffic flow confidentiallity

– 25 – CSCE 815 Sp 03

Transport Mode SATransport Mode SA Tunnel Mode SATunnel Mode SA

AHAH Authenticates IP payload and Authenticates IP payload and selected portions of IP header selected portions of IP header and IPv6 extension headersand IPv6 extension headers

Authenticates entire inner Authenticates entire inner IP packet plus selected IP packet plus selected portions of outer IP headerportions of outer IP header

ESPESP Encrypts IP payload and any Encrypts IP payload and any IPv6 extesion headerIPv6 extesion header

Encrypts inner IP packetEncrypts inner IP packet

ESP with ESP with authenticationauthentication

Encrypts IP payload and any Encrypts IP payload and any IPv6 extesion header. IPv6 extesion header. Authenticates IP payload but no Authenticates IP payload but no IP headerIP header

Encrypts inner IP packet. Encrypts inner IP packet. Authenticates inner IP Authenticates inner IP packet.packet.

– 26 – CSCE 815 Sp 03

Before applying AHBefore applying AH

– 27 – CSCE 815 Sp 03

Transport Mode (AH Authentication)Transport Mode (AH Authentication)

– 28 – CSCE 815 Sp 03

Tunnel Mode (AH Authentication)Tunnel Mode (AH Authentication)

– 29 – CSCE 815 Sp 03

Authentication HeaderAuthentication Header

Provides support for data integrity and Provides support for data integrity and authentication (MAC code) of IP packets.authentication (MAC code) of IP packets.

Guards against replay attacks.Guards against replay attacks.

– 30 – CSCE 815 Sp 03

End-to-end versus End-to-Intermediate AuthenticationEnd-to-end versus End-to-Intermediate Authentication

– 31 – CSCE 815 Sp 03

Encapsulating Security PayloadEncapsulating Security Payload

ESP provides confidentiality servicesESP provides confidentiality services

– 32 – CSCE 815 Sp 03

Encryption and Authentication AlgorithmsEncryption and Authentication AlgorithmsEncryption:Encryption:

Three-key triple DES RC5 IDEA Three-key triple IDEA CAST Blowfish

Authentication:Authentication: HMAC-MD5-96 HMAC-SHA-1-96

– 33 – CSCE 815 Sp 03

ESP Encryption and AuthenticationESP Encryption and Authentication

– 34 – CSCE 815 Sp 03

ESP Encryption and AuthenticationESP Encryption and Authentication

– 35 – CSCE 815 Sp 03


– 36 – CSCE 815 Sp 03


– 37 – CSCE 815 Sp 03


– 38 – CSCE 815 Sp 03


– 39 – CSCE 815 Sp 03

Key ManagementKey Management

Two types:Two types: Manual Automated

Oakley Key Determination Protocol Internet Security Association and Key Management Protocol

(ISAKMP)

– 40 – CSCE 815 Sp 03

OakleyOakley

Three authentication methods:Three authentication methods: Digital signatures Public-key encryption Symmetric-key encryption

– 41 – CSCE 815 Sp 03

ISAKMPISAKMP

– 42 – CSCE 815 Sp 03

Recommended ReadingRecommended Reading

Comer, D. Comer, D. Internetworking with TCP/IP, Volume I: Internetworking with TCP/IP, Volume I: Principles, Protocols and ArchitecturePrinciples, Protocols and Architecture. Prentic Hall, . Prentic Hall, 19951995

Stevens, W. Stevens, W. TCP/IP Illustrated, Volume 1: The TCP/IP Illustrated, Volume 1: The ProtocolsProtocols. Addison-Wesley, 1994. Addison-Wesley, 1994

CSCE 815 Network Security Lecture 13

Documents

Transcript of CSCE 815 Network Security Lecture 13