IP Securty 1. Overview 2. Architecture 3. Authentication Header 4. Encapsulating Security Payload 5....
-
Upload
brandon-riley -
Category
Documents
-
view
220 -
download
0
Transcript of IP Securty 1. Overview 2. Architecture 3. Authentication Header 4. Encapsulating Security Payload 5....
IP SecurtyIP Securty1. Overview2. Architecture3. Authentication Header4. Encapsulating Security Payload5. Combining security Associations6. Internet Key Exchange.
Web Security: 1. Web Security Considerations, 2. Secure Sockets Layer 3. Transport Layer Security, 4. Electronic Payment
IP SecurityIP Securityhave a range of application
specific security mechanisms◦eg. S/MIME, PGP, Kerberos, SSL/HTTPS
however there are security concerns that cut across protocol layers
would like security implemented by the network for all applications
IPSecIPSecgeneral IP Security mechanismsprovides
◦authentication◦confidentiality◦key management
applicable to use over LANs, across public & private WANs, & for the Internet
IPSec UsesIPSec Uses
Benefits of IPSecBenefits of IPSecin a firewall/router provides strong
security to all traffic crossing the perimeter
in a firewall/router is resistant to bypass
is below transport layer, hence transparent to applications
can be transparent to end userscan provide security for individual
userssecures routing architecture
IP Security ArchitectureIP Security Architecturespecification is quite complexdefined in numerous RFC’s
◦incl. RFC 2401/2402/2406/2408◦many others, grouped by category
mandatory in IPv6, optional in IPv4have two security header
extensions:◦Authentication Header (AH)◦Encapsulating Security Payload (ESP)
IPSec ServicesIPSec ServicesAccess controlConnectionless integrityData origin authenticationRejection of replayed packets
◦a form of partial sequence integrityConfidentiality (encryption)Limited traffic flow confidentiality
Security AssociationsSecurity Associationsa one-way relationship between
sender & receiver that affords security for traffic flow
defined by 3 parameters:◦Security Parameters Index (SPI)◦IP Destination Address◦Security Protocol Identifier
has a number of other parameters◦seq no, AH & EH info, lifetime etc
have a database of Security Associations
Authentication Header Authentication Header (AH)(AH)provides support for data integrity
& authentication of IP packets◦end system/router can authenticate
user/app◦prevents address spoofing attacks by
tracking sequence numbersbased on use of a MAC
◦HMAC-MD5-96 or HMAC-SHA-1-96parties must share a secret key
Authentication HeaderAuthentication Header
Transport & Tunnel ModesTransport & Tunnel Modes
Encapsulating Security Payload Encapsulating Security Payload (ESP)(ESP)provides message content
confidentiality & limited traffic flow confidentiality
can optionally provide the same authentication services as AH
supports range of ciphers, modes, padding◦ incl. DES, Triple-DES, RC5, IDEA, CAST etc◦ CBC & other modes◦ padding needed to fill blocksize, fields, for
traffic flow
Encapsulating Security Encapsulating Security PayloadPayload
Transport vs Tunnel Mode Transport vs Tunnel Mode ESPESPtransport mode is used to encrypt
& optionally authenticate IP data◦data protected but header left in clear◦can do traffic analysis but is efficient◦good for ESP host to host traffic
tunnel mode encrypts entire IP packet◦add new header for next hop◦good for VPNs, gateway to gateway
security
Combining Security Combining Security AssociationsAssociationsSA’s can implement either AH or ESPto implement both need to combine
SA’s◦form a security association bundle◦may terminate at different or same
endpoints◦combined by
transport adjacency iterated tunneling
issue of authentication & encryption order
Combining Security Combining Security AssociationsAssociations
Key ManagementKey Managementhandles key generation & distributiontypically need 2 pairs of keys
◦2 per direction for AH & ESPmanual key management
◦sysadmin manually configures every system
automated key management◦automated system for on demand
creation of keys for SA’s in large systems◦has Oakley & ISAKMP elements
OakleyOakleya key exchange protocolbased on Diffie-Hellman key
exchangeadds features to address
weaknesses◦cookies, groups (global params),
nonces, DH key exchange with authentication
can use arithmetic in prime fields or elliptic curve fields
ISAKMPISAKMPInternet Security Association and
Key Management Protocolprovides framework for key
managementdefines procedures and packet
formats to establish, negotiate, modify, & delete SAs
independent of key exchange protocol, encryption alg, & authentication method
ISAKMPISAKMP
ISAKMP Payloads & ISAKMP Payloads & ExchangesExchangeshave a number of ISAKMP
payload types:◦Security, Proposal, Transform, Key,
Identification, Certificate, Certificate, Hash, Signature, Nonce, Notification, Delete
ISAKMP has framework for 5 types of message exchanges:◦base, identity protection,
authentication only, aggressive, informational
Web SecurityWeb Security
Web now widely used by business, government, individuals
but Internet & Web are vulnerablehave a variety of threats
◦ integrity◦ confidentiality◦ denial of service◦ authentication
need added security mechanisms
SSL (Secure Socket Layer)SSL (Secure Socket Layer)
transport layer security serviceoriginally developed by Netscapeversion 3 designed with public inputsubsequently became Internet standard
known as TLS (Transport Layer Security)uses TCP to provide a reliable end-to-
end serviceSSL has two layers of protocols
Where SSL FitsWhere SSL Fits
HTTP SMTP POP3
80 25 110
HTTPS SSMTP SPOP3
443 465 995
Secure Sockets Layer
Transport
Network
Link
Uses Public Key SchemeUses Public Key Scheme
Each client-server pair uses◦2 public keys
one for client (browser) created when browser is installed on client machine
one for server (http server) created when server is installed on server hardware
◦2 private keys one for client browser one for server (http server)
SSL ArchitectureSSL Architecture
SSL ArchitectureSSL ArchitectureSSL session
◦an association between client & server◦created by the Handshake Protocol◦define a set of cryptographic
parameters◦may be shared by multiple SSL
connectionsSSL connection
◦a transient, peer-to-peer, communications link
◦associated with 1 SSL session
SSL Record ProtocolSSL Record Protocolconfidentiality
◦ using symmetric encryption with a shared secret key defined by Handshake Protocol
◦ IDEA, RC2-40, DES-40, DES, 3DES, Fortezza, RC4-40, RC4-128
◦ message is compressed before encryptionmessage integrity
◦ using a MAC (Message Authentication Code) created using a shared secret key and a short message
SSL Change Cipher Spec SSL Change Cipher Spec ProtocolProtocolone of 3 SSL specific protocols
which use the SSL Record protocol
a single messagecauses pending state to become
currenthence updating the cipher suite
in use
SSL Alert ProtocolSSL Alert Protocolconveys SSL-related alerts to peer entityseverity
warning or fatal
specific alert unexpected message, bad record mac,
decompression failure, handshake failure, illegal parameter
close notify, no certificate, bad certificate, unsupported certificate, certificate revoked, certificate expired, certificate unknown
compressed & encrypted like all SSL data
SSL Handshake ProtocolSSL Handshake Protocolallows server & client to:
◦ authenticate each other◦ to negotiate encryption & MAC algorithms◦ to negotiate cryptographic keys to be used
comprises a series of messages in phases◦ Establish Security Capabilities◦ Server Authentication and Key Exchange◦ Client Authentication and Key Exchange◦ Finish
SSL Handshake ProtocolSSL Handshake Protocol
TLS (Transport Layer TLS (Transport Layer Security)Security)IETF standard RFC 2246 similar to
SSLv3with minor differences
◦ in record format version number◦ uses HMAC for MAC◦ a pseudo-random function expands secrets◦ has additional alert codes◦ some changes in supported ciphers◦ changes in certificate negotiations◦ changes in use of padding
Secure Electronic Transactions Secure Electronic Transactions (SET)(SET)open encryption & security
specificationto protect Internet credit card
transactionsdeveloped in 1996 by Mastercard, Visa
etcnot a payment system, rather a set of
security protocols & formats◦secure communications amongst parties◦trust from use of X.509v3 certificates◦privacy by restricted info to those who
need it
SET ComponentsSET Components
SET TransactionSET Transaction1. customer opens account2. customer receives a certificate3. merchants have their own certificates4. customer places an order5. merchant is verified6. order and payment are sent7. merchant requests payment authorization8. merchant confirms order9. merchant provides goods or service10. merchant requests payment
Dual SignatureDual Signaturecustomer creates dual messages
◦order information (OI) for merchant◦payment information (PI) for bank
neither party needs details of other
but must know they are linkeduse a dual signature for this
◦signed concatenated hashes of OI & PI
Purchase Request – Purchase Request – CustomerCustomer
Purchase Request – Purchase Request – MerchantMerchant
Purchase Request – Purchase Request – MerchantMerchant1. verifies cardholder certificates using CA
sigs2. verifies dual signature using customer's
public signature key to ensure order has not been tampered with in transit & that it was signed using cardholder's private signature key
3. processes order and forwards the payment information to the payment gateway for authorization (described later)
4. sends a purchase response to cardholder
Payment Gateway Payment Gateway AuthorizationAuthorization1. verifies all certificates2. decrypts digital envelope of authorization block to
obtain symmetric key & then decrypts authorization block
3. verifies merchant's signature on authorization block
4. decrypts digital envelope of payment block to obtain symmetric key & then decrypts payment block
5. verifies dual signature on payment block6. verifies that transaction ID received from
merchant matches that in PI received (indirectly) from customer
7. requests & receives an authorization from issuer8. sends authorization response back to merchant
Payment CapturePayment Capturemerchant sends payment
gateway a payment capture request
gateway checks requestthen causes funds to be
transferred to merchants accountnotifies merchant using capture
response