IPSEC Modes of Operation. Breno de MedeirosFlorida State University Fall 2005 IPSEC  To establish a secure IPSEC connection two nodes must execute a.

Slides:



Advertisements
Similar presentations
IP Security have considered some application specific security mechanisms –eg. S/MIME, PGP, Kerberos, SSL/HTTPS however there are security concerns that.
Advertisements

Internet Protocol Security (IP Sec)
CS470, A.SelcukIPsec – AH & ESP1 CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.
Internet Security CSCE 813 IPsec
Working Connection Computer and Network Security - SSL, IPsec, Firewalls – (Chapter 17, 18, 19, and 23)
IPSec: Authentication Header, Encapsulating Security Payload Protocols CSCI 5931 Web Security Edward Murphy.
Network Security. Reasons to attack Steal information Modify information Deny service (DoS)
NAT TRAVERSAL FOR IPSEC Research Seminar on Datacommunications Software HIIT
Information System Security AABFS-Jordan Summer 2006 IP Security Supervisor :Dr. Lo'ai Ali Tawalbeh Done by: Wa’el Musa Hadi.
Chapter 5 Network Security Protocols in Practice Part I
Chapter 13 IPsec. IPsec (IP Security)  A collection of protocols used to create VPNs  A network layer security protocol providing cryptographic security.
ECE 454/CS 594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall.
1 Lecture 15: IPsec AH and ESP IPsec introduction: uses and modes IPsec concepts –security association –security policy database IPsec headers –authentication.
Henric Johnson1 Ola Flygt Växjö University, Sweden IP Security.
IPSec Isaac Ghansah.
IP Security IPSec 2 * Essential Network Security Book Slides. IT352 | Network Security |Najwa AlGhamdi 1.
IP Security. Overview In 1994, Internet Architecture Board (IAB) issued a report titled “Security in the Internet Architecture”. This report identified.
CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.
Crypto – chapter 16 - noack Introduction to network stcurity Chapter 16 - Stallings.
IPsec – IKE CS 470 Introduction to Applied Cryptography
1 IPsec Youngjip Kim Objective Providing interoperable, high quality, cryptographically-based security for IPv4 and IPv6 Services  Access.
CMSC 414 Computer and Network Security Lecture 22 Jonathan Katz.
IP Security. IPSEC Objectives n Band-aid for IPv4 u Spoofing a problem u Not designed with security or authentication in mind n IP layer mechanism for.
K. Salah1 Security Protocols in the Internet IPSec.
CMSC 414 Computer (and Network) Security Lecture 25 Jonathan Katz.
1 Chapter 8 Copyright 2003 Prentice-Hall Cryptographic Systems: SSL/TLS, VPNs, and Kerberos.
IP Security: Security Across the Protocol Stack
Advanced Unix 25 Oct 2005 An Introduction to IPsec.
CSCE 715: Network Systems Security
Lecture 14 ISAKMP / IKE Internet Security Association and Key Management Protocol / Internet Key Exchange CIS CIS 5357 Network Security.
ECE 454/CS 594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall.
COEN 350 IPSec, SSL, SSH,. IPSec RFC 1636 identified key areas where the internet needs to be made more secure. Spoofing: Creating packets with false.
Information management 1 Groep T Leuven – Information department 1/26 IPSec IP Security (IPSec)
TCP/IP Protocols Contains Five Layers
1 Lecture 16: IPsec IKE history of IKE Photurus IKE phases –phase 1 aggressive mode main mode –phase 2.
8-1 Chapter 8 Security Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012 part 4: Securing IP.
1 Security Protocols in the Internet Source: Chapter 31 Data Communications & Networking Forouzan Third Edition.
Karlstad University IP security Ge Zhang
IPsec Introduction 18.2 Security associations 18.3 Internet Security Association and Key Management Protocol (ISAKMP) 18.4 Internet Key Exchange.
IP Security.  In CERTs 2001 annual report it listed 52,000 security incidents  the most serious involving:  IP spoofing intruders creating packets.
IPSec ● IP Security ● Layer 3 security architecture ● Enables VPN ● Delivers authentication, integrity and secrecy ● Implemented in Linux, Cisco, Windows.
IP Security: Security Across the Protocol Stack. IP Security There are some application specific security mechanisms –eg. S/MIME, PGP, Kerberos, SSL/HTTPS.
IP security Ge Zhang Packet-switched network is not Secure! The protocols were designed in the late 70s to early 80s –Very small network.
IPSec and TLS Lesson Introduction ●IPSec and the Internet key exchange protocol ●Transport layer security protocol.
Securing Data Transmission and Authentication. Securing Traffic with IPSec IPSec allows us to protect our network from within IPSec secures the IP protocol.
Encapsulated Security Payload Header ● RFC 2406 ● Services – Confidentiality ● Plus – Connectionless integrity – Data origin authentication – Replay protection.
1 Lecture 13 IPsec Internet Protocol Security CIS CIS 5357 Network Security.
V IRTUAL P RIVATE N ETWORKS K ARTHIK M OHANASUNDARAM W RIGHT S TATE U NIVERSITY.
Internet Security CSCE 813 IPsec. CSCE813 - Farkas2 TCP/IP Protocol Stack Application Layer Transport Layer Network Layer Data Link Layer.
Authentication Header ● RFC 2402 ● Services – Connectionless integrity – Data origin authentication – Replay protection – As much header authentication.
Cryptography and Network Security (CS435) Part Thirteen (IP Security)
IPSec – IP Security Protocol By Archis Raje. What is IPSec IP Security – set of extensions developed by IETF to provide privacy and authentication to.
IPSec is a suite of protocols defined by the Internet Engineering Task Force (IETF) to provide security services at the network layer. standard protocol.
CMSC 414 Computer and Network Security Lecture 27 Jonathan Katz.
1 IPSec: An Overview Dr. Rocky K. C. Chang 4 February, 2002.
CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.
Network Layer Security Network Systems Security Mort Anvari.
K. Salah1 Security Protocols in the Internet IPSec.
Computer Science and Engineering Computer System Security CSE 5339/7339 Session 27 November 23, 2004.
8-1Network Security Virtual Private Networks (VPNs) motivation:  institutions often want private networks for security.  costly: separate routers, links,
IP Security (IPSec) Authentication Header (AH) Dr Milan Marković.
Lecture 10 Page 1 CS 236 Online Encryption and Network Security Cryptography is widely used to protect networks Relies on encryption algorithms and protocols.
@Yuan Xue CS 285 Network Security IP Security Yuan Xue Fall 2013.
VPNs & IPsec Dr. X Slides adopted by Prof. William Enck, NCSU.
CSE 4905 IPsec.
Internet and Intranet Fundamentals
CSE 4905 IPsec II.
IT443 – Network Security Administration Instructor: Bo Sheng
Virtual Private Networks (VPNs)
Presentation transcript:

IPSEC Modes of Operation

Breno de MedeirosFlorida State University Fall 2005 IPSEC  To establish a secure IPSEC connection two nodes must execute a key agreement protocol.  The sub-protocol of IPSEC that handles key negotiations is called IKE (Internet Key Exchange).  First, assume two nodes have agreed on keys (via IKE) and see how they proceed to protect their communication via IPSEC.

Breno de MedeirosFlorida State University Fall 2005 Security Associations  An IPsec protected connection is called a security association.  IPsec is a level-3 protocol (runs on top of IP), and below TCP/UDP  Security associations may either be end-to-end or link-to-link.  Two modes of encapsulating IPsec data into an IP packet define two modes of operation:  Transport mode and tunnel mode.

Breno de MedeirosFlorida State University Fall 2005 Security Parameter Index (SPI)  The IPsec protocol maintains two databases:  Security association database. Indexed by SPI’s, contains the information needed to encapsulate packets for one association: cryptographic algorithms, keys, sequence numbers, etc.  Security policy database: Allows for implementation of packet filtering policies. Defines whether or not to accept non-protected packets, what to require, etc.

Breno de MedeirosFlorida State University Fall 2005 Transport mode IPheaderpayload IPheaderIPsec headerpayload Transport mode was designed to save bandwidth in end-to-end associations. The payload is typically encrypted and authenticated. The IPheader is in the clear, and may or may not be authenticated.

Breno de MedeirosFlorida State University Fall 2005 Transporting AliceBob IP packet p 1 Sender=Alice Recipient=Bob IP packet p 2 (IPsec transport) Sender=Alice Recipient=Bob IP packet p 1

Breno de MedeirosFlorida State University Fall 2005 Tunnel Mode IPheaderpayload new IP hdrIPsec hdrIPheaderpayload Tunnel mode protects both the payload and IP header of the original packet. If encryption is used between gateways in tunnel mode, then it reduces information for traffic analysis.

Breno de MedeirosFlorida State University Fall 2005 Tunneling IP packet p 1 Sender=Alice Recipient=Bob Alice Gateway G 1 Gateway G 2 IP packet p 2 (IPsec tunnel) Sender=G 1 Recipient=G 2 IP packet p 1 Bob

Breno de MedeirosFlorida State University Fall 2005 Adding IPSec to IPv4 version: 4bits header length: 4bits (unit = 4-octet) type of service: 1 octet packet length: 2 octets packet identification: 2 octets flags: 3 bits fragment offset: 13 bits hops remaining (TTL): 1 octet protocol: 1 octet header checksum: 2 octets source address: 4 octets destination address: 4 octets options: variable Regular IP protocol values: TCP=6; UDP=17; IP= 4 IPsec protocol values: ESP=50 and AH=51 The communication protocols are specified in the IPsec header

Breno de MedeirosFlorida State University Fall 2005 Adding IPsec to IPv6 version| type of service | flow label: 4 octets payload length: 2 octets next header: 1 octet (specifies protocol) TTL: 1 octet source address: 16 octets destination address: 16 octets

Breno de MedeirosFlorida State University Fall 2005 Authentication Header (AH) next hdr: 1 octet (communication protocol) payload length: (AH header length): 1 octet unused: 2 octets SPI (Security Parameter Index): 4 octets sequence number: 4 octets authentication data: variable The Authentication Header authenticates data -- the protocol field is unencrypted, so it is available for firewall rule-based decisions. AH authenticates not only the IP payload but all “immutable” IP header components, such as source and destination addresses. This creates incompatibilities with NAT boxes in end-to-end associations.

Breno de MedeirosFlorida State University Fall 2005 ESP (Encapsulating Security Payload)  ESP allows for encryption, as well as authentication.  Both are optional, defined by the SPI and policies.  ESP does not protect the IP header, only the payload  But, in tunnel mode everything is encapsulated  If ESP encryption is enabled, then everything after the ESP header is encrypted  Communication protocol, ports (NATs and firewalls need this information).

Breno de MedeirosFlorida State University Fall 2005 ESP encapsulation SPI (Security parameter Index): 4 octets sequence number: 4 octets IV (initialization vector): variable data: variable padding: variable padding length: 1 octet (unit length: octets) next header/protocol type authentication data

IKE Internet Key Exchange

Breno de MedeirosFlorida State University Fall 2005 IKE Phases  In a design similar to Kerberos, IKE performs a phase 1 mutual authentication based on public keys and phase 2 re-authentication based on shared secrets (from phase 1).  This allows multiple SAs to re-use the same handshake.  Phase 1 has two modes:  Aggressive mode (3 messages)  Main mode (6 messages)

Breno de MedeirosFlorida State University Fall 2005 IKE Phase 1: Aggress. Mode Alice Bob g a mod p, “Alice”, supported crypto g b mod p, choice crypto, proof(“I’m Bob”) proof(“I’m Alice”) In aggressive mode, Alice chooses some Elgamal context (p, g). Bob may not support it, and reject the connection. If that happens, Alice should try and connect to Bob using main mode. Aggressive mode provides mutual authentication, and a shared secret g ab mod p, which can be used to derive keys for the symmetric crypto protocols.

Breno de MedeirosFlorida State University Fall 2005 IKE Phase 1: Main Mode Alice Bob g a mod p supported crypto suites chosen crypto suite g b mod p K{“Alice”, proof I’m Alice} K{“Bob”, proof I’m Bob} K= g ab mod p

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.