Computer Science CSC 474Dr. Peng Ning1 CSC 474 Information Systems Security Topic 4.2: IPsec.

Slides:



Advertisements
Similar presentations
IP Security have considered some application specific security mechanisms –eg. S/MIME, PGP, Kerberos, SSL/HTTPS however there are security concerns that.
Advertisements

IPSec.
Computer Science CSC 474Dr. Peng Ning1 CSC 474 Information Systems Security Topic 4.1 Firewalls.
Computer Science CSC 474Dr. Peng Ning1 CSC 474 Information Systems Security Topic 4.6 Kerberos.
Computer Science CSC 474Dr. Peng Ning1 CSC 474 Information Systems Security Topic 4.5 Transport Layer Security.
Cryptography and Network Security
CS470, A.SelcukIPsec – AH & ESP1 CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.
Internet Security CSCE 813 IPsec
IPSec: Authentication Header, Encapsulating Security Payload Protocols CSCI 5931 Web Security Edward Murphy.
IP Security. n Have a range of application specific security mechanisms u eg. S/MIME, PGP, Kerberos, SSL/HTTPS n However there are security concerns that.
Network Layer Security: IPSec
IP SECURITY – Chapter 16 IP SECURITY – Chapter 16 Security Mechanisms: – S/MIME, PGP client/server - Kerberos web access - Secure Sockets Layer network.
ECE 454/CS 594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall.
1 Lecture 15: IPsec AH and ESP IPsec introduction: uses and modes IPsec concepts –security association –security policy database IPsec headers –authentication.
Henric Johnson1 Chapter 6 IP Security. Henric Johnson2 Outline Internetworking and Internet Protocols IP Security Overview IP Security Architecture Authentication.
IP Security. Overview In 1994, Internet Architecture Board (IAB) issued a report titled “Security in the Internet Architecture”. This report identified.
CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.
1 IP Security Outline of the session –IP Security Overview –IP Security Architecture –Key Management Based on slides by Dr. Lawrie Brown of the Australian.
IP Security. n Have a range of application specific security mechanisms u eg. S/MIME, PGP, Kerberos, SSL/HTTPS n However there are security concerns that.
Encapsulation Security Payload Protocol Lan Vu. OUTLINE 1.Introduction and terms 2.ESP Overview 3.ESP Packet Format 4.ESP Fields 5.ESP Modes 6.ESP packet.
THE USE OF IP ESP TO PROVIDE A MIX OF SECURITY SERVICES IN IP DATAGRAM SREEJITH SREEDHARAN CS843 PROJECT PRESENTATION 04/28/03.
1 IPsec Youngjip Kim Objective Providing interoperable, high quality, cryptographically-based security for IPv4 and IPv6 Services  Access.
IP Security. IPSEC Objectives n Band-aid for IPv4 u Spoofing a problem u Not designed with security or authentication in mind n IP layer mechanism for.
K. Salah1 Security Protocols in the Internet IPSec.
IP Security. n Have a range of application specific security mechanisms u eg. S/MIME, PGP, Kerberos, SSL/HTTPS n However there are security concerns that.
IP Security. n Have a range of application specific security mechanisms u eg. S/MIME, PGP, Kerberos, SSL/HTTPS n However there are security concerns that.
Protocol Basics. IPSec Provides two modes of protection –Tunnel Mode –Transport Mode Authentication and Integrity Confidentiality Replay Protection.
IP Security: Security Across the Protocol Stack
Cosc 4765 SSL/TLS and VPN. SSL and TLS We can apply this generally, but also from a prospective of web services. Multi-layered: –S-http (secure http),
CSCE 715: Network Systems Security
SMUCSE 5349/49 IP Sec. SMUCSE 5349/7349 Basics Network-level: all IP datagrams covered Mandatory for next-generation IP (v6), optional for current-generation.
IPSec IPSec provides the capability to secure communications across a LAN, across private and public wide area networks (WANs) and across the Internet.
8-1 Chapter 8 Security Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012 part 4: Securing IP.
Karlstad University IP security Ge Zhang
IPsec Introduction 18.2 Security associations 18.3 Internet Security Association and Key Management Protocol (ISAKMP) 18.4 Internet Key Exchange.
IPSec ● IP Security ● Layer 3 security architecture ● Enables VPN ● Delivers authentication, integrity and secrecy ● Implemented in Linux, Cisco, Windows.
IP Security: Security Across the Protocol Stack. IP Security There are some application specific security mechanisms –eg. S/MIME, PGP, Kerberos, SSL/HTTPS.
1 CMPT 471 Networking II Authentication and Encryption © Janice Regan,
IP security Ge Zhang Packet-switched network is not Secure! The protocols were designed in the late 70s to early 80s –Very small network.
IPSec and TLS Lesson Introduction ●IPSec and the Internet key exchange protocol ●Transport layer security protocol.
Encapsulated Security Payload Header ● RFC 2406 ● Services – Confidentiality ● Plus – Connectionless integrity – Data origin authentication – Replay protection.
1 Lecture 13 IPsec Internet Protocol Security CIS CIS 5357 Network Security.
Internet Security CSCE 813 IPsec. CSCE813 - Farkas2 TCP/IP Protocol Stack Application Layer Transport Layer Network Layer Data Link Layer.
Authentication Header ● RFC 2402 ● Services – Connectionless integrity – Data origin authentication – Replay protection – As much header authentication.
Security IPsec 1 * Essential Network Security Book Slides. IT352 | Network Security |Najwa AlGhamdi 1.
1 IPSec: Security at the IP Layer Rocky K. C. Chang 15 March 2007.
IPSec  general IP Security mechanisms  provides  authentication  confidentiality  key management  Applications include Secure connectivity over.
IPSec – IP Security Protocol By Archis Raje. What is IPSec IP Security – set of extensions developed by IETF to provide privacy and authentication to.
IPSec is a suite of protocols defined by the Internet Engineering Task Force (IETF) to provide security services at the network layer. standard protocol.
1 IPSec: An Overview Dr. Rocky K. C. Chang 4 February, 2002.
CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.
Network Layer Security Network Systems Security Mort Anvari.
K. Salah1 Security Protocols in the Internet IPSec.
8-1Network Security Virtual Private Networks (VPNs) motivation:  institutions often want private networks for security.  costly: separate routers, links,
IP Security (IPSec) Authentication Header (AH) Dr Milan Marković.
Lecture 10 Page 1 CS 236 Online Encryption and Network Security Cryptography is widely used to protect networks Relies on encryption algorithms and protocols.
VPNs & IPsec Dr. X Slides adopted by Prof. William Enck, NCSU.
IPSecurity.
CSE 4905 IPsec.
Encryption and Network Security
Chapter 18 IP Security  IP Security (IPSec)
Internet and Intranet Fundamentals
IT443 – Network Security Administration Instructor: Bo Sheng
IPSec IPSec is communication security provided at the network layer.
IP Security and VPN Most of the slides are derived from the slides (Chapter-8) by the authors of «Computer Networking: A Top Down Approach», and from the.
Virtual Private Networks (VPNs)
Virtual Private Networks (VPNs)
IP Security Using IPSec in Windows 2000 and XP, Part 1 Chris Weber
CSE 5/7349 – February 15th 2006 IPSec.
Presentation transcript:

Computer Science CSC 474Dr. Peng Ning1 CSC 474 Information Systems Security Topic 4.2: IPsec

Computer Science CSC 474Dr. Peng Ning2 Outline IPsec Objectives IPsec architecture & concepts IPsec authentication header IPsec encapsulating security payload

Computer Science CSC 474Dr. Peng Ning3 IPsec Objectives Why do we need IPsec? –IP V4 has no authentication IP spoofing Payload could be changed without detection. –IP V4 has no confidentiality mechanism Eavesdropping –Denial of service (DOS) attacks Cannot hold the attacker accountable due to the lack of authentication.

Computer Science CSC 474Dr. Peng Ning4 IPsec Objectives (contd) IP layer security mechanism for IPv4 and IPv6 –Not all applications need to be security aware –Can be transparent to users –Provide authentication and confidentiality mechanisms.

Computer Science CSC 474Dr. Peng Ning5 IPsec Architecture IPsec module 1IPsec module 2 SPD IKE SAD IPsec SPD IKE SAD IPsec SA SPD: Security Policy Database; IKE: Internet Key Exchange; SA: Security Association; SAD: Security Association Database.

Computer Science CSC 474Dr. Peng Ning6 IPsec Architecture (Contd) Two Protocols (Mechanisms) –Authentication Header (AH) –Encapsulating Security Payload (ESP) IKE Protocol –Internet Key Management

Computer Science CSC 474Dr. Peng Ning7 IPsec Architecture (Contd) Can be implemented in –Host or gateway Can work in two Modes –Tunnel mode –Transport mode

Computer Science CSC 474Dr. Peng Ning8 Hosts & Gateways Hosts can implement IPsec to connect to: –Other hosts in transport or tunnel mode –Or Gateways in tunnel mode Gateways to gateways –Tunnel mode

Computer Science CSC 474Dr. Peng Ning9 AB Encrypted Tunnel Gateway New IP Header AH or ESP Header TCPDataOrig IP Header Encrypted Unencrypted Tunnel Mode

Computer Science CSC 474Dr. Peng Ning10 Outer IP header Inner IP header IPsec header Higher layer protocol ESP AH Real IP destination Destination IPsec entity Tunnel Mode (Contd) ESP applies only to the tunneled packet AH can be applied to portions of the outer header

Computer Science CSC 474Dr. Peng Ning11 AB New IP Header AH or ESP Header TCPData Encrypted/Authenticated Transport Mode

Computer Science CSC 474Dr. Peng Ning12 IP header IP options IPsec header Higher layer protocol ESP AH Real IP destination Transport Mode (Contd) ESP protects higher layer payload only AH can protect IP headers as well as higher layer payload

Computer Science CSC 474Dr. Peng Ning13 Security Association (SA) An association between a sender and a receiver –Consists of a set of security related parameters –E.g., sequence number, encryption key One way relationship Determine IPsec processing for senders Determine IPsec decoding for destination SAs are not fixed! Generated and customized per traffic flows

Computer Science CSC 474Dr. Peng Ning14 Security Parameters Index (SPI) A bit string assigned to an SA. Carried in AH and ESP headers to enable the receiving system to select the SA under which the packet will be processed. 32 bits SPI + Dest IP address + IPsec Protocol –Uniquely identifies each SA in SA Database (SAD)

Computer Science CSC 474Dr. Peng Ning15 SA Database (SAD) Holds parameters for each SA –Sequence number counter –Lifetime of this SA –AH and ESP information –Tunnel or transport mode Every host or gateway participating in IPsec has their own SA database

Computer Science CSC 474Dr. Peng Ning16 SA Bundle More than 1 SA can apply to a packet Example: ESP does not authenticate new IP header. How to authenticate? –Use SA to apply ESP w/out authentication to original packet –Use 2 nd SA to apply AH

Computer Science CSC 474Dr. Peng Ning17 Security Policy Database (SPD) Decide –What traffic to protect? –Has incoming traffic been properly secured? Policy entries define which SA or SA Bundles to use on IP traffic Each host or gateway has their own SPD Index into SPD by Selector fields –Selectors: IP and upper-layer protocol field values. –Examples: Dest IP, Source IP, Transport Protocol, IPSec Protocol, Source & Dest Ports, …

Computer Science CSC 474Dr. Peng Ning18 SPD Entry Actions Discard –Do not let in or out Bypass –Outbound: do not apply IPSec –Inbound: do not expect IPSec Protect – will point to an SA or SA bundle –Outbound: apply security –Inbound: security must have been applied

Computer Science CSC 474Dr. Peng Ning19 SPD Protect Action If the SA does not exist… –Outbound processing Trigger key management protocols to generate SA dynamically, or Request manual specification, or Other methods –Inbound processing Drop packet

Computer Science CSC 474Dr. Peng Ning20 Is it for IPsec? If so, which policy entry to select? … SPD (Policy) … SA Database IP Packet Outbound packet (on A) AB SPI & IPsec Packet Send to B Determine the SA and its SPI IPSec processing Outbound Processing

Computer Science CSC 474Dr. Peng Ning21 Use SPI to index the SAD … SA Database Original IP Packet SPI & Packet Inbound packet (on B) AB From A Inbound Processing … SPD (Policy) Was packet properly secured? un-process

Computer Science CSC 474Dr. Peng Ning22 Authentication Header (AH) Data integrity –Entire packet has not been tampered with Authentication –Can trust IP address source –Use MAC to authenticate Anti-replay feature Integrity check value

Computer Science CSC 474Dr. Peng Ning23 Integrity Check Value - ICV Message authentication code (MAC) calculated over –IP header fields that do not change or are predictable –IP header fields that are unpredictable are set to zero. –IPsec AH header with the ICV field set to zero. –Upper-level data Code may be truncated to first 96 bits

Computer Science CSC 474Dr. Peng Ning24 … SAD SPI Sequence Number ICV Next Header (TCP/UDP) Payload Length 6-2=4 Reserved IPsec Authentication Header

Computer Science CSC 474Dr. Peng Ning25 Encapsulated Security Protocol (ESP) Confidentiality for upper layer protocol Partial traffic flow confidentiality (Tunnel mode only) Data origin authentication and connectionless integrity (optional)

Computer Science CSC 474Dr. Peng Ning26 Outbound Packet Processing Form ESP payload Pad as necessary Encrypt result [payload, padding, pad length, next header] Apply authentication

Computer Science CSC 474Dr. Peng Ning27 Outbound Packet Processing... Sequence number generation –Increment then use –With anti-replay enabled, check for rollover and send only if no rollover –With anti-replay disabled, still needs to increment and use but no rollover checking ICV calculation –ICV includes whole ESP packet except for authentication data field. –Implicit padding of 0s between next header and authentication data is used to satisfy block size requirement for ICV algorithm –Not include the IP header.

Computer Science CSC 474Dr. Peng Ning28 SPI Sequence Number Original IP Header Integrity Check Value Authentication coverage Encrypted Payload (TCP Header and Data) Variable Length Pad Length Padding (0-255 bytes) Next Header ESP Transport Example

Computer Science CSC 474Dr. Peng Ning29 0 Sliding Window size >= 32 reject Check bitmap, verify if new verify Inbound Packet Processing Sequence number checking –Anti-replay is used only if authentication is selected –Sequence number should be the first ESP check on a packet upon looking up an SA –Duplicates are rejected!

Computer Science CSC 474Dr. Peng Ning30 Anti-replay Feature Optional Information to enforce held in SA entry Sequence number counter - 32 bit for outgoing IPsec packets Anti-replay window –32-bit –Bit-map for detecting replayed packets

Computer Science CSC 474Dr. Peng Ning31 Anti-replay Sliding Window Window should not be advanced until the packet has been authenticated Without authentication, malicious packets with large sequence numbers can advance window unnecessarily –Valid packets would be dropped!

Computer Science CSC 474Dr. Peng Ning32 Inbound Packet Processing... Packet decryption –Decrypt quantity [ESP payload,padding,pad length,next header] per SA specification –Processing (stripping) padding per encryption algorithm; In case of default padding scheme, the padding field SHOULD be inspected –Reconstruct the original IP datagram Authentication verification (option)

Computer Science CSC 474Dr. Peng Ning33 Orig IP hdr TCPData ESP trailer ESP Auth ESP hdr TCPData ESP trailer ESP Auth Orig IP hdr ESP hdr Orig ext hdr IPv4 IPv6 ESP Processing - Header Location... Transport mode IPv4 and IPv6

Computer Science CSC 474Dr. Peng Ning34 ESP Processing - Header Location... Tunnel mode IPv4 and IPv6 New IP hdr Orig IP hdr TCPData ESP trailer ESP Auth ESP hdr New ext hdr New IP hdr TCPData ESP trailer ESP Auth Orig IP hdr ESP hdr Orig ext hdr IPv4 IPv6