1 CMPT 471 Networking II Authentication and Encryption © Janice Regan, 2006-2013.

Slides:



Advertisements
Similar presentations
Virtual Private Networks (VPNs)
Advertisements

CS470, A.SelcukIPsec – AH & ESP1 CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.
Internet Security CSCE 813 IPsec
Working Connection Computer and Network Security - SSL, IPsec, Firewalls – (Chapter 17, 18, 19, and 23)
IPSec In Depth. Encapsulated Security Payload (ESP) Must encrypt and/or authenticate in each packet Encryption occurs before authentication Authentication.
IPSec: Authentication Header, Encapsulating Security Payload Protocols CSCI 5931 Web Security Edward Murphy.
IP Security. n Have a range of application specific security mechanisms u eg. S/MIME, PGP, Kerberos, SSL/HTTPS n However there are security concerns that.
Security at the Network Layer: IPSec
Information System Security AABFS-Jordan Summer 2006 IP Security Supervisor :Dr. Lo'ai Ali Tawalbeh Done by: Wa’el Musa Hadi.
Chapter 13 IPsec. IPsec (IP Security)  A collection of protocols used to create VPNs  A network layer security protocol providing cryptographic security.
ECE 454/CS 594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall.
1 Lecture 15: IPsec AH and ESP IPsec introduction: uses and modes IPsec concepts –security association –security policy database IPsec headers –authentication.
IPSec Isaac Ghansah.
IP Security. Overview In 1994, Internet Architecture Board (IAB) issued a report titled “Security in the Internet Architecture”. This report identified.
CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.
Encapsulation Security Payload Protocol Lan Vu. OUTLINE 1.Introduction and terms 2.ESP Overview 3.ESP Packet Format 4.ESP Fields 5.ESP Modes 6.ESP packet.
Chapter 29 Internet Security
Chapter 6 IP Security. Outline Internetworking and Internet Protocols (Appendix 6A) IP Security Overview IP Security Architecture Authentication Header.
IP Security. IPSEC Objectives n Band-aid for IPv4 u Spoofing a problem u Not designed with security or authentication in mind n IP layer mechanism for.
K. Salah1 Security Protocols in the Internet IPSec.
Network Security. Contents Security Requirements and Attacks Confidentiality with Conventional Encryption Message Authentication and Hash Functions Public-Key.
Network Security Sorina Persa Group 3250 Group 3250.
Protocol Basics. IPSec Provides two modes of protection –Tunnel Mode –Transport Mode Authentication and Integrity Confidentiality Replay Protection.
1 Chapter 8 Copyright 2003 Prentice-Hall Cryptographic Systems: SSL/TLS, VPNs, and Kerberos.
IP Security: Security Across the Protocol Stack
Cosc 4765 SSL/TLS and VPN. SSL and TLS We can apply this generally, but also from a prospective of web services. Multi-layered: –S-http (secure http),
©The McGraw-Hill Companies, Inc., 2000© Adapted for use at JMU by Mohamed Aboutabl, 2003Mohamed Aboutabl1 1 Chapter 29 Internet Security.
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
CSCE 715: Network Systems Security
8-1 Chapter 8 Security Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012 part 4: Securing IP.
1 Security Protocols in the Internet Source: Chapter 31 Data Communications & Networking Forouzan Third Edition.
Karlstad University IP security Ge Zhang
Network Security David Lazăr.
IPsec IPsec (IP security) Security for transmission over IP networks –The Internet –Internal corporate IP networks –IP packets sent over public switched.
1 CMPT 471 Networking II Authentication and Encryption 1 © Janice Regan,
IPsec Introduction 18.2 Security associations 18.3 Internet Security Association and Key Management Protocol (ISAKMP) 18.4 Internet Key Exchange.
IPSec ● IP Security ● Layer 3 security architecture ● Enables VPN ● Delivers authentication, integrity and secrecy ● Implemented in Linux, Cisco, Windows.
1 Virtual Private Networks (VPNs) and IP Security (IPSec) G53ACC Chris Greenhalgh.
Network Security7-1 Today r Reminder Ch7 HW due Wed r Finish Chapter 7 (Security) r Start Chapter 8 (Network Management)
William Stallings Data and Computer Communications Chapter 18 Network Security.
IP Security: Security Across the Protocol Stack. IP Security There are some application specific security mechanisms –eg. S/MIME, PGP, Kerberos, SSL/HTTPS.
IP security Ge Zhang Packet-switched network is not Secure! The protocols were designed in the late 70s to early 80s –Very small network.
IPSec and TLS Lesson Introduction ●IPSec and the Internet key exchange protocol ●Transport layer security protocol.
Group 9 Chapter 8.3 – 8.6. Public Key Algorithms  Symmetric Key Algorithms face an inherent problem  Keys must be distributed to all parties but kept.
Encapsulated Security Payload Header ● RFC 2406 ● Services – Confidentiality ● Plus – Connectionless integrity – Data origin authentication – Replay protection.
Virtual Private Network Chapter 4. Lecturer : Trần Thị Ngọc Hoa2 Objectives  VPN Overview  Tunneling Protocol  Deployment models  Lab Demo.
Internet Security CSCE 813 IPsec. CSCE813 - Farkas2 TCP/IP Protocol Stack Application Layer Transport Layer Network Layer Data Link Layer.
1 IPSec: Security at the IP Layer Rocky K. C. Chang 15 March 2007.
Cryptography and Network Security (CS435) Part Thirteen (IP Security)
IPSec  general IP Security mechanisms  provides  authentication  confidentiality  key management  Applications include Secure connectivity over.
IPSec – IP Security Protocol By Archis Raje. What is IPSec IP Security – set of extensions developed by IETF to provide privacy and authentication to.
IPSec is a suite of protocols defined by the Internet Engineering Task Force (IETF) to provide security services at the network layer. standard protocol.
1 IPSec: An Overview Dr. Rocky K. C. Chang 4 February, 2002.
CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.
Network Layer Security Network Systems Security Mort Anvari.
K. Salah1 Security Protocols in the Internet IPSec.
IP Security (IPSec) Matt Hermanson. What is IPSec? It is an extension to the Internet Protocol (IP) suite that creates an encrypted and secure conversation.
8-1Network Security Virtual Private Networks (VPNs) motivation:  institutions often want private networks for security.  costly: separate routers, links,
@Yuan Xue CS 285 Network Security IP Security Yuan Xue Fall 2013.
VPNs & IPsec Dr. X Slides adopted by Prof. William Enck, NCSU.
IPSec Detailed Description and VPN
CSE 4905 IPsec.
Chapter 18 IP Security  IP Security (IPSec)
Network Security.
CSCE 815 Network Security Lecture 13
Slides have been taken from:
Virtual Private Networks (VPNs)
Virtual Private Networks (VPNs)
Chapter 6 IP Security.
Presentation transcript:

1 CMPT 471 Networking II Authentication and Encryption © Janice Regan,

2

3 IPsec usage  Host to host  May use transport mode  May use tunnel mode  Security Gateway to Security Gateway  Must use tunneling  Host to/from security gateway  For traffic destined to security gateway (for example SNMP message) the gateway is operating as a host and transport mode may be used  Otherwise, if the gateway is operating as a gateway tunneling mode must be used

© Janice Regan,  IPv4 packet: Transport mode Authentication  IPv4 packet: Tunnel mode Authentication IPv4 AH Authentication authenticated Partially authenticated IPv4 header TCP header TCP data Authentication header IPv4 tunnel header authenticated Partially authenticated IPv4 header TCP header TCP data Authentication header

© Janice Regan, AH authentication algorithms HMAC with MD5RFC 2403 HMAC with SHA-1RFC 2404

© Janice Regan, Transport Mode Tunnel Mode IPsec: ESP New IP header TCP header TCP data IP header ESP header ESP trailer ESP auth encrypted authenticated Not encrypted or authenticated TCP header TCP data IP header ESP header ESP trailer ESP auth

© Janice Regan, ESP authentication algorithms HMAC with MD5RFC 2403 HMAC with SHA-1RFC 2404 Null Authentication

© Janice Regan, ESP encryption algorithms DES in CBC modeRFC 2405 Null Encryption

© Janice Regan, Security Associations (1)  An SA describes one simplex connection.  If you are using both AH and ESP you need one SA for each.  For two way communication you need one SA for each direction  Three parameters used to uniquely define a security association (SA).  destination address  security protocol (AH or ESP)  Security parameters index (SPI)

© Janice Regan, Security Association (2)  SAs are stored in a database The SAD (Security Associations Database) also includes the following information:  Mode of communication (transport or tunnel)  Sequence Number Counter  Anti-Replay Window: to determine whether an inbound AH or ESP packet is a replay.  AH Authentication algorithm type, keys, etc. OR ESP Encryption algorithm and / or authentication, algorithm types, keys etc.  Lifetime of this Security Association

© Janice Regan, Encryption  Source uses an encryption key and a particular encryption algorithm to encrypt the data  The data is inserted into a packet and sent to the receiver  The receiver uses a decryption key to decrypt the data. If the keys match the decrypted data is readable otherwise it is not.  The keys may be secret or private keys, or public keys  Private key encryption is often used for long messages public key encryption for short messages. Short messages may include sending private keys in preparation for transmission of longer messages.

© Janice Regan, Secret or private keys  Private or secret keys are known only by the sender and receiver. The decryption key is the same as or derivable from the encryption key.  Secret key encryption may also be called symmetric encryption because the same key can be used in both directions  High security, difficult to decrypt without the key.

© Janice Regan, Secret or private keys  Requires many keys (one for each pair of users)  Uses an efficient encryption algorithm  Popular example DES, data encryption standard  How do you distribute keys?  Use public key encryption  A central distribution centre

© Janice Regan, Public keys (1)  Each user has a public key and a private key  Fewer keys needed (pair for each user, not each pairing of users).  Public key is used to encrypt the message, private key is used to decrypt the message. Private key is not easily derivable from the public key  Sender encrypts using the receiver’s public key  Only receiver can decrypt using its own private key  RSA is an example of this approach.

© Janice Regan, Public keys (2)  Encryption/Decryption process is more computationally intensive than private key encryption  Must verify (authenticate) announced public key of a user  Verification may be done by a central authority (pairs users and keys and issues certificates)

© Janice Regan, Digital Signature  Used for authentication, integrity and non repudiation (anti replay)  Use private key encryption to sign (encrypt the document or digest) the packet.  Use public key to verify signature (decrypt the document). Since only the sender knows its private key this provides authentication

© Janice Regan, Digital Signature  A message signed using a senders private key (known only by that user) indicates that the message comes from that user  Changes to the message between the sender and the receiver require knowledge of the private key, or they will in all likelihood render the message unreadable at the destination  Signature alone does not provide confidentiality, anyone can decrypt using the senders public key

© Janice Regan, Digital Signature  Used for authentication, integrity and non repudiation  Can sign entire document or digest of the document.  Algorithms such as SHA1 and MD5 are used to make digests of the document  Can sign the digest rather than the whole document

© Janice Regan, Digital Signature  To sign the digest rather than the whole document  The sender uses a hash function to produce a digest of the document with a fixed size  Usually use MD5 (message digest 5) or SHA-1 (secure hash algorithm 1)  The sender encrypts the digest with her private key  The sender sends the document including the encrypted digest

© Janice Regan, Digital Signature  To sign the digest rather than the whole document  The receiver creates a digest of the document using the same algorithm as the sender  The receiver decrypts the digest appended to the document using the senders public key  The receiver compares the calculated digest to the decrypted digest from the received message. They must match for the signature to be valid

© Janice Regan, With VPN  New encapsulation  Shared keys (all users behind VPN use same key)  Dangerous (one user can hijack traffic, can have man in the middle attack)