Agenda CCSDS Network Layer Security IPSec+IKE Profile for CCSDS

Slides:



Advertisements
Similar presentations
Spring 2012: CS419 Computer Security Vinod Ganapathy SSL, etc.
Advertisements

CS470, A.SelcukIPsec – AH & ESP1 CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.
Internet Security CSCE 813 IPsec
IPSec In Depth. Encapsulated Security Payload (ESP) Must encrypt and/or authenticate in each packet Encryption occurs before authentication Authentication.
IPSec: Authentication Header, Encapsulating Security Payload Protocols CSCI 5931 Web Security Edward Murphy.
IP Security. n Have a range of application specific security mechanisms u eg. S/MIME, PGP, Kerberos, SSL/HTTPS n However there are security concerns that.
1 Lecture 15: IPsec AH and ESP IPsec introduction: uses and modes IPsec concepts –security association –security policy database IPsec headers –authentication.
IP Security. n Have a range of application specific security mechanisms u eg. S/MIME, PGP, Kerberos, SSL/HTTPS n However there are security concerns that.
THE USE OF IP ESP TO PROVIDE A MIX OF SECURITY SERVICES IN IP DATAGRAM SREEJITH SREEDHARAN CS843 PROJECT PRESENTATION 04/28/03.
Chapter 6 IP Security. Outline Internetworking and Internet Protocols (Appendix 6A) IP Security Overview IP Security Architecture Authentication Header.
IP Security. IPSEC Objectives n Band-aid for IPv4 u Spoofing a problem u Not designed with security or authentication in mind n IP layer mechanism for.
IP Security. n Have a range of application specific security mechanisms u eg. S/MIME, PGP, Kerberos, SSL/HTTPS n However there are security concerns that.
IP Security. n Have a range of application specific security mechanisms u eg. S/MIME, PGP, Kerberos, SSL/HTTPS n However there are security concerns that.
IP Security: Security Across the Protocol Stack
1 Network Layer Security Howie Weiss (NASA/JPL/Cobham Analytic Solutions) Mike Pajevski (NASA/JPL) October 2010.
1 Network Layer Security: Run over non-IP Protocol? Howie Weiss (NASA/JPL/Parsons) San Antonio, TX October 2013.
Karlstad University IP security Ge Zhang
IPsec Introduction 18.2 Security associations 18.3 Internet Security Association and Key Management Protocol (ISAKMP) 18.4 Internet Key Exchange.
IPSec ● IP Security ● Layer 3 security architecture ● Enables VPN ● Delivers authentication, integrity and secrecy ● Implemented in Linux, Cisco, Windows.
IP Security: Security Across the Protocol Stack. IP Security There are some application specific security mechanisms –eg. S/MIME, PGP, Kerberos, SSL/HTTPS.
IP security Ge Zhang Packet-switched network is not Secure! The protocols were designed in the late 70s to early 80s –Very small network.
Agenda CCSDS Network Layer Security IPSec+IKE Profile for CCSDS
1 Network Layer Security: Status Update Howie Weiss (NASA/JPL/Parsons) Bordeaux, France April 2013.
Encapsulated Security Payload Header ● RFC 2406 ● Services – Confidentiality ● Plus – Connectionless integrity – Data origin authentication – Replay protection.
1 Lecture 13 IPsec Internet Protocol Security CIS CIS 5357 Network Security.
Internet Security CSCE 813 IPsec. CSCE813 - Farkas2 TCP/IP Protocol Stack Application Layer Transport Layer Network Layer Data Link Layer.
Authentication Header ● RFC 2402 ● Services – Connectionless integrity – Data origin authentication – Replay protection – As much header authentication.
IPSec  general IP Security mechanisms  provides  authentication  confidentiality  key management  Applications include Secure connectivity over.
IPSec – IP Security Protocol By Archis Raje. What is IPSec IP Security – set of extensions developed by IETF to provide privacy and authentication to.
IPSec is a suite of protocols defined by the Internet Engineering Task Force (IETF) to provide security services at the network layer. standard protocol.
1 IPSec: An Overview Dr. Rocky K. C. Chang 4 February, 2002.
Lecture 10 Page 1 CS 236 Online Encryption and Network Security Cryptography is widely used to protect networks Relies on encryption algorithms and protocols.
11 SECURING NETWORK TRAFFIC WITH IPSEC Chapter 6.
Presentaion on ipsecurity Presentaion given by arun saraswat To lavkush sharma sir arun saraswat1.
第六章 IP 安全. Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
Computer and Network Security
VPNs & IPsec Dr. X Slides adopted by Prof. William Enck, NCSU.
VPNs and IPSec Review VPN concepts Encryption IPSec Lab.
Network Layer Security Howie Weiss (NASA/JPL/Cobham Analytic Solutions) Mike Pajevski (NASA/JPL) May 2010.
UNIT 7- IP Security 1.IP SEC 2.IP Security Architecture
IPSecurity.
Network Layer Security Update
CSE 4905 IPsec.
Encryption and Network Security
Chapter 16 – IP Security If a secret piece of news is divulged by a spy before the time is ripe, he must be put to death, together with the man to whom.
Chapter 18 IP Security  IP Security (IPSec)
Somesh Jha University of Wisconsin
Application Layer Security Mike Pajevski (NASA/JPL) April 2009
Internet and Intranet Fundamentals
CSE 4905 IPsec II.
IT443 – Network Security Administration Instructor: Bo Sheng
CCSDS IPsec Compatibility Testing
UNIT.4 IP Security.
IPSec IPSec is communication security provided at the network layer.
BINF 711 Amr El Mougy Sherif Ismail
CSE565: Computer Security Lecture 23 IP Security
Cryptography and Network Security
IP Security and VPN Most of the slides are derived from the slides (Chapter-8) by the authors of «Computer Networking: A Top Down Approach», and from the.
VPNs and IPSec Review VPN concepts Encryption IPSec Lab.
Slides have been taken from:
Network Security (contd.)
Sheila Frankel Systems and Network Security Group, ITL
Virtual Private Networks (VPNs)
Virtual Private Networks (VPNs)
B. R. Chandavarkar CSE Dept., NITK Surathkal
Chapter 6 IP Security.
Lecture 36.
CSE 5/7349 – February 15th 2006 IPSec.
Lecture 36.
Cryptography and Network Security
Presentation transcript:

Network Layer Security Howie Weiss (NASA/JPL/Cobham Analytic Solutions) Berlin Germany May 2011

Agenda CCSDS Network Layer Security IPSec+IKE Profile for CCSDS What is included? What is excluded? How is it used?

What is Network Layer Security? Space extensions to FTP SCPS-FP FTP Features FTP Other Apps Space extensions to the Socket Interface SCPS-TP “TCP Tranquility” options TCP Options TCP UDP Space-optimized IPSec variant SCPS-SP IPSec IKE Common Network- Layer Interface Space-optimized IP variant SCPS-NP IP Space Link Subnet: CCSDS Data Link

IPSec: one protocol, many options Tunnel mode vs. transport mode Default cipher suite (encryption + auth + mode) Authenticated encryption? Null encryption (authentication-only)? ESP w/null encrypt or AH? What would be allowed? Anti-replay option Keying and rekeying Pre-placed keys? IKE auto rekey Automatic when keys expire – regardless of mission state? Rekey “now” button?

Issues to be resolved` Transport or tunnel mode or both? ESP-only? AH-only? ESP + AH? Authentication-only w/o encryption allowed? (null encryption) Authenticated Encryption or Encryption w/o auth allowed? Keying and rekeying questions Automated vs. manual IKEv1 or IKEv2 SA lifetimes Policy Management Define default cipher suite(s) Compression

Transport vs. Tunnel Mode Transport Mode: Single IP header End-to-End mode (writter-2-reader) Not generally used commercially Tunnel Mode: Dual IP headers – entire IP packet is encapsulated Gateway-to-Gateway mode Allows IPSec to be outboard in security gateways E.g., commercial VPNs Recommendation for CCSDS: Tunnel Mode

IPSec is TWO Protocols AH: IP Authentication Header (RFC 4302) connectionless integrity data origin authentication. optional replay protection No confidentiality ESP: Encapsulating Security Payload (RFC 4303) confidentiality, data origin authentication, connectionless integrity, anti-replay protection (w/automated key management), limited traffic flow confidentiality. Provides encryption-only service for confidentiality Provides integrity-only service Provides confidentiality + integrity service

AH Authenticated (108 bytes) AH Packet Format AH (IP protocol 51) total length 152 bytes IPv4 Header 20 bytes AH 24 bytes ICMP 8 bytes Data 80 bytes AH Authenticated (108 bytes) Next Header =IPIP 1 byte Length (this header) Pad 2 bytes AH SPI 4 bytes Seq # ICV 12 bytes

ESP Authenticated (132 bytes) ESP w/Null Encryption ESP (IP protocol 50) total length 152 bytes IPv4 Header 20 bytes ESP Null Encrypted Payload 132 bytes ESP SPI 4 bytes Seq # IPv4 Header 20 bytes ICMP (8 bytes hdr + 80 bytes data) 88 bytes Pad varies per RFC 2406 - in this example 2 bytes Len 1 byte Next Hdr Authentication Data varies: 8, 12,or 16 byte 12 bytes ESP Header ESP Trailer ESP Auth ESP Authenticated (132 bytes)

ESP Authenticated (140 bytes) ESP w/AES-GCM ESP (IP protocol 50) total length 160 bytes IPv4 Header 20 bytes ESP AES128 Encrypted Payload 140 bytes Encrypted (128 bytes) ESP SPI 4 bytes Seq # IV 8 bytes IPv4 Header 20 bytes ICMP (8 bytes hdr + 80 bytes data) 88 bytes Pad varies per RFC 2406 - in this example 2 bytes Len 1 byte Next Hdr Authentication Data varies: 8, 12,or 16 bytes 12 bytes ESP Header ESP Trailer ESP Auth ESP Authenticated (140 bytes)

ESP w/AES-GCM + AH AH (IP protocol 51) IPv4 Header AH (ref AH format) total length 184 bytes IPv4 Header 20 bytes AH (ref AH format) 24 bytes ESP AES128 Encrypted Payload 140 bytes AH Authenticated (148 bytes) Encrypted (128 bytes) ESP SPI 4 bytes Seq # IV 8 bytes IPv4 Header 20 bytes ICMP (8 bytes hdr + 80 bytes data) 88 bytes Pad varies per RFC 2406 - in this example 2 bytes Len 1 byte Next Hdr Authentication Data varies: 8, 12, 16 bytes 12 bytes ESP Header ESP Trailer ESP Auth ESP Authenticated (140 bytes)

ESP and/or AH ? AH does not support confidentiality ESP supports both confidentiality and integrity Supports null encryption AH was designed because of export control issues regarding encryption algorithms AH and ESP can be nested but why? Too much overhead Recommendation for CCSDS: ESP-only

Security Services Allowed Authentication-only mode CCSDS Recommendation: allow Needed for commanding w/o need for confidentiality Authenticated Encryption mode CCSDS Recommendation: allow (must) Encryption w/o authentication is shown to be a dangerous practice Non-authenticated Encryption mode CCSDS Recommendation: unsafe, not recommended Operational overhead and mission risk analysis may have need for this but it should not be done without analysis

Keying Conformant IPSec must support BOTH automated and manual keying Automated keying: Internet Key Exchange Manual keying: ad-hoc (each implementation determines how) Issues regarding automated keying: Rekey at “bad” time in the mission timeline E.g., critical burn maneuver E.g., critical upload/download Requires little human intervention Issues regarding manual keying: “simple” but requires human resources Physical distribution and protection required

Internet Key Exchange (IKE) IKE v1 (RFC 2409) Complicated, robust protocol Commercially widely used IKE v2 (RFC 4306) Simpler than IKEv2 (maybe safer…) Commercially not widely used, yet. Requires on-board flight code More flight code to certify But do it once and reuse, reuse, reuse

rekey IKE Operation IKE rekeys when thresholds are met, for example: Number of bytes transmitted Elapsed time For space, IKE Rekey-Upon-Command is needed E.g., button-push to rekey E.g., button-push to inhibit rekey For space, timers will have to be tweaked vs. commercial (terrestrial) implementations Recommendation for CCSDS: IKEv2 w/rekey commanding “button” rekey

Manual Keying Sometimes simple is enough…. Need ability to preload keys (e.g., 512 keys, 1024 keys) onboard Maybe have a key upload ability? Command to change keys Preload and manage Security Associations (SA) Recommendation for CCSDS: Require manual key w/management 110010110010011100110110

Policy Management IPSec supports policies, e.g.: Security services on a connection Access controls for connection No standards for loading, updating, supporting IPSec policies SNMP-based approaches: RFC 4807: IPSec Security Policy Database Configuration MIB IPSec Security Policy IPSec Action MIB (IETF draft) IPSec Security Policy IKE Action MIB (IETF draft) Microsoft IPSec Policy Agent Service KeyNote, ipsecconf, proprietary, etc What do we want to do?

Cipher Suite Follow CCSDS Algorithms document 128-bit key size AES AES-GCM for authenticated encryption AES-CMAC, AES-GMAC, HMAC for authentication/integrity

Compression Overhead vs. Bandwidth! IPSec adds overhead Everyone complains about not having enough bandwidth IP Payload Compression Protocol (IPComp) (RFC 3173) Commercially supported Compresses IP datagrams BEFORE security processing on outbound Decompresses IP datagrams AFTER security processing on inbound Recommendation for CCSDS: Optional use of IPComp

Summary IPSec: ESP-only Null encryption allowed Authenticated encryption Non-authenticated encryption unsafe IKEv2 w/rekey button Manual keying w/management Policy management needed - ? Cipher suites follow algorithms blue book Compression (IPComp)

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.