Network Security Essentials Chapter 8 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.

Slides:



Advertisements
Similar presentations
IP Security have considered some application specific security mechanisms –eg. S/MIME, PGP, Kerberos, SSL/HTTPS however there are security concerns that.
Advertisements

NS-H /11041 IP Security. NS-H /11042 TCP/IP Example.
Cryptography and Network Security
Spring 2012: CS419 Computer Security Vinod Ganapathy SSL, etc.
Internet Security CSCE 813 IPsec
IP Security. n Have a range of application specific security mechanisms u eg. S/MIME, PGP, Kerberos, SSL/HTTPS n However there are security concerns that.
Information System Security AABFS-Jordan Summer 2006 IP Security Supervisor :Dr. Lo'ai Ali Tawalbeh Done by: Wa’el Musa Hadi.
Network Layer Security: IPSec
Cryptography and Network Security Chapter 16 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.
IP SECURITY – Chapter 16 IP SECURITY – Chapter 16 Security Mechanisms: – S/MIME, PGP client/server - Kerberos web access - Secure Sockets Layer network.
Henric Johnson1 Ola Flygt Växjö University, Sweden IP Security.
IP Security IPSec 2 * Essential Network Security Book Slides. IT352 | Network Security |Najwa AlGhamdi 1.
IP Security. Overview In 1994, Internet Architecture Board (IAB) issued a report titled “Security in the Internet Architecture”. This report identified.
CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.
Crypto – chapter 16 - noack Introduction to network stcurity Chapter 16 - Stallings.
1 IP Security Outline of the session –IP Security Overview –IP Security Architecture –Key Management Based on slides by Dr. Lawrie Brown of the Australian.
IP Security. n Have a range of application specific security mechanisms u eg. S/MIME, PGP, Kerberos, SSL/HTTPS n However there are security concerns that.
Cryptography and Network Security
1 Pertemuan 11 IPSec dan SSL Matakuliah: H0242 / Keamanan Jaringan Tahun: 2006 Versi: 1.
1 IPsec Youngjip Kim Objective Providing interoperable, high quality, cryptographically-based security for IPv4 and IPv6 Services  Access.
Chapter 6 IP Security. Outline Internetworking and Internet Protocols (Appendix 6A) IP Security Overview IP Security Architecture Authentication Header.
Lecture 22 Internet Security Protocols and Standards modified from slides of Lawrie Brown.
IP Security. IPSEC Objectives n Band-aid for IPv4 u Spoofing a problem u Not designed with security or authentication in mind n IP layer mechanism for.
IP Security. n Have a range of application specific security mechanisms u eg. S/MIME, PGP, Kerberos, SSL/HTTPS n However there are security concerns that.
IP Security. n Have a range of application specific security mechanisms u eg. S/MIME, PGP, Kerberos, SSL/HTTPS n However there are security concerns that.
IP Security: Security Across the Protocol Stack
1 Section 10.9 Internet Security Association and Key Management Protocol ISAKMP.
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
CSCE 715: Network Systems Security
IPSec IPSec provides the capability to secure communications across a LAN, across private and public wide area networks (WANs) and across the Internet.
Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 21 – Internet Security.
Karlstad University IP security Ge Zhang
IPsec Introduction 18.2 Security associations 18.3 Internet Security Association and Key Management Protocol (ISAKMP) 18.4 Internet Key Exchange.
IP Security.  In CERTs 2001 annual report it listed 52,000 security incidents  the most serious involving:  IP spoofing intruders creating packets.
Chapter 6 IP Security. We have considered some application specific security mechanisms in last chapter eg. S/MIME, PGP, Kerberos however there are security.
IPSec ● IP Security ● Layer 3 security architecture ● Enables VPN ● Delivers authentication, integrity and secrecy ● Implemented in Linux, Cisco, Windows.
IP Security: Security Across the Protocol Stack. IP Security There are some application specific security mechanisms –eg. S/MIME, PGP, Kerberos, SSL/HTTPS.
Data Security and Encryption (CSE348) 1. Lecture # 25 2.
IP Securty 1. Overview 2. Architecture 3. Authentication Header 4. Encapsulating Security Payload 5. Combining security Associations 6. Internet Key Exchange.
Chapter 8 IP Security MSc. NGUYEN CAO DAT Dr. TRAN VAN HOAI.
IP security Ge Zhang Packet-switched network is not Secure! The protocols were designed in the late 70s to early 80s –Very small network.
1 IPv6 Security & QoS Babu Ram Dawadi. 2 Outline IP Security Overview IP Security Architecture Authentication Header Encapsulating Security Payload Combinations.
1 Lecture 13 IPsec Internet Protocol Security CIS CIS 5357 Network Security.
Internet Security CSCE 813 IPsec. CSCE813 - Farkas2 TCP/IP Protocol Stack Application Layer Transport Layer Network Layer Data Link Layer.
Security IPsec 1 * Essential Network Security Book Slides. IT352 | Network Security |Najwa AlGhamdi 1.
Cryptography and Network Security (CS435) Part Thirteen (IP Security)
IPSec  general IP Security mechanisms  provides  authentication  confidentiality  key management  Applications include Secure connectivity over.
IPSec – IP Security Protocol By Archis Raje. What is IPSec IP Security – set of extensions developed by IETF to provide privacy and authentication to.
IPSec is a suite of protocols defined by the Internet Engineering Task Force (IETF) to provide security services at the network layer. standard protocol.
1 IPSec: An Overview Dr. Rocky K. C. Chang 4 February, 2002.
CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.
Network Layer Security Network Systems Security Mort Anvari.
第六章 IP 安全. Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
UNIT 7- IP Security 1.IP SEC 2.IP Security Architecture
IPSecurity.
Chapter 16 – IP Security If a secret piece of news is divulged by a spy before the time is ripe, he must be put to death, together with the man to whom.
IP Security Ch16 of Cryptography and Network Security - Third Edition
CSE565: Computer Security Lecture 23 IP Security
Cryptography and Network Security
No.9: IP Security Network Information Security 网络信息安全
Cryptography and Network Security Chapter 16
Cryptography and Network Security
Cryptography and Network Security Chapter 19
CSCE 815 Network Security Lecture 13
Cryptography and Network Security Chapter 16
Cryptography and Network Security Chapter 16
Cryptography and Network Security
Presentation transcript:

Network Security Essentials Chapter 8 Fourth Edition by William Stallings Lecture slides by Lawrie Brown

Chapter 8 – IP Security If a secret piece of news is divulged by a spy before the time is ripe, he must be put to death, together with the man to whom the secret was told. —The Art of War, Sun Tzu

IP Security  have a range of application specific security mechanisms eg. S/MIME, PGP, Kerberos, SSL/HTTPS eg. S/MIME, PGP, Kerberos, SSL/HTTPS  however there are security concerns that cut across protocol layers  would like security implemented by the network for all applications

IP Security  general IP Security mechanisms  provides authentication authentication confidentiality confidentiality key management key management  applicable to use over LANs, across public & private WANs, & for the Internet  need identified in 1994 report need authentication, encryption in IPv4 & IPv6 need authentication, encryption in IPv4 & IPv6

IP Security Uses

Benefits of IPSec  in a firewall/router provides strong security to all traffic crossing the perimeter  in a firewall/router is resistant to bypass  is below transport layer, hence transparent to applications  can be transparent to end users  can provide security for individual users  secures routing architecture

IP Security Architecture  specification is quite complex, with groups: Architecture Architecture RFC4301 Security Architecture for Internet ProtocolRFC4301 Security Architecture for Internet Protocol Authentication Header (AH) Authentication Header (AH) RFC4302 IP Authentication HeaderRFC4302 IP Authentication Header Encapsulating Security Payload (ESP) Encapsulating Security Payload (ESP) RFC4303 IP Encapsulating Security Payload (ESP)RFC4303 IP Encapsulating Security Payload (ESP) Internet Key Exchange (IKE) Internet Key Exchange (IKE) RFC4306 Internet Key Exchange (IKEv2) ProtocolRFC4306 Internet Key Exchange (IKEv2) Protocol Cryptographic algorithms Cryptographic algorithms Other Other

IPSec Services  Access control  Connectionless integrity  Data origin authentication  Rejection of replayed packets a form of partial sequence integrity a form of partial sequence integrity  Confidentiality (encryption)  Limited traffic flow confidentiality

Transport and Tunnel Modes  Transport Mode to encrypt & optionally authenticate IP data to encrypt & optionally authenticate IP data can do traffic analysis but is efficient can do traffic analysis but is efficient good for ESP host to host traffic good for ESP host to host traffic  Tunnel Mode encrypts entire IP packet encrypts entire IP packet add new header for next hop add new header for next hop no routers on way can examine inner IP header no routers on way can examine inner IP header good for VPNs, gateway to gateway security good for VPNs, gateway to gateway security

Transport and Tunnel Modes

Transport and Tunnel Mode Protocols

Security Associations  a one-way relationship between sender & receiver that affords security for traffic flow  defined by 3 parameters: Security Parameters Index (SPI) Security Parameters Index (SPI) IP Destination Address IP Destination Address Security Protocol Identifier Security Protocol Identifier  has a number of other parameters seq no, AH & EH info, lifetime etc seq no, AH & EH info, lifetime etc  have a database of Security Associations

Security Policy Database  relates IP traffic to specific SAs match subset of IP traffic to relevant SA match subset of IP traffic to relevant SA use selectors to filter outgoing traffic to map use selectors to filter outgoing traffic to map based on: local & remote IP addresses, next layer protocol, name, local & remote ports based on: local & remote IP addresses, next layer protocol, name, local & remote ports

Encapsulating Security Payload (ESP)  provides message content confidentiality, data origin authentication, connectionless integrity, an anti-replay service, limited traffic flow confidentiality  services depend on options selected when establish Security Association (SA), net location  can use a variety of encryption & authentication algorithms

Encapsulating Security Payload

Encryption & Authentication Algorithms & Padding  ESP can encrypt payload data, padding, pad length, and next header fields if needed have IV at start of payload data if needed have IV at start of payload data  ESP can have optional ICV for integrity is computed after encryption is performed is computed after encryption is performed  ESP uses padding to expand plaintext to required length to expand plaintext to required length to align pad length and next header fields to align pad length and next header fields to provide partial traffic flow confidentiality to provide partial traffic flow confidentiality

Anti-Replay Service  replay is when attacker resends a copy of an authenticated packet  use sequence number to thwart this attack  sender initializes sequence number to 0 when a new SA is established increment for each packet increment for each packet must not exceed limit of 2 32 – 1 must not exceed limit of 2 32 – 1  receiver then accepts packets with seq no within window of (N –W+1)

Combining Security Associations  SA’s can implement either AH or ESP  to implement both need to combine SA’s form a security association bundle form a security association bundle may terminate at different or same endpoints may terminate at different or same endpoints combined by combined by transport adjacencytransport adjacency iterated tunnelingiterated tunneling  combining authentication & encryption ESP with authentication, bundled inner ESP & outer AH, bundled inner transport & outer ESP ESP with authentication, bundled inner ESP & outer AH, bundled inner transport & outer ESP

Combining Security Associations

IPSec Key Management  handles key generation & distribution  typically need 2 pairs of keys 2 per direction for AH & ESP 2 per direction for AH & ESP  manual key management sysadmin manually configures every system sysadmin manually configures every system  automated key management automated system for on demand creation of keys for SA’s in large systems automated system for on demand creation of keys for SA’s in large systems has Oakley & ISAKMP elements has Oakley & ISAKMP elements

Oakley  a key exchange protocol  based on Diffie-Hellman key exchange  adds features to address weaknesses no info on parties, man-in-middle attack, cost no info on parties, man-in-middle attack, cost so adds cookies, groups (global params), nonces, DH key exchange with authentication so adds cookies, groups (global params), nonces, DH key exchange with authentication  can use arithmetic in prime fields or elliptic curve fields

ISAKMP  Internet Security Association and Key Management Protocol  provides framework for key management  defines procedures and packet formats to establish, negotiate, modify, & delete SAs  independent of key exchange protocol, encryption alg, & authentication method  IKEv2 no longer uses Oakley & ISAKMP terms, but basic functionality is same

IKEV2 Exchanges

ISAKMP

IKE Payloads & Exchanges  have a number of ISAKMP payload types: Security Association, Key Exchange, Identification, Certificate, Certificate Request, Authentication, Nonce, Notify, Delete, Vendor ID, Traffic Selector, Encrypted, Configuration, Extensible Authentication Protocol Security Association, Key Exchange, Identification, Certificate, Certificate Request, Authentication, Nonce, Notify, Delete, Vendor ID, Traffic Selector, Encrypted, Configuration, Extensible Authentication Protocol  payload has complex hierarchical structure  may contain multiple proposals, with multiple protocols & multiple transforms

Cryptographic Suites  variety of cryptographic algorithm types  to promote interoperability have RFC4308 defines VPN cryptographic suites RFC4308 defines VPN cryptographic suites VPN-A matches common corporate VPN security using 3DES & HMACVPN-A matches common corporate VPN security using 3DES & HMAC VPN-B has stronger security for new VPNs implementing IPsecv3 and IKEv2 using AESVPN-B has stronger security for new VPNs implementing IPsecv3 and IKEv2 using AES RFC4869 defines four cryptographic suites compatible with US NSA specs RFC4869 defines four cryptographic suites compatible with US NSA specs provide choices for ESP & IKEprovide choices for ESP & IKE AES-GCM, AES-CBC, HMAC-SHA, ECP, ECDSAAES-GCM, AES-CBC, HMAC-SHA, ECP, ECDSA

Summary  have considered: IPSec security framework IPSec security framework IPSec security policy IPSec security policy ESP ESP combining security associations combining security associations internet key exchange internet key exchange cryptographic suites used cryptographic suites used