IPSec and TLS Lesson Introduction ●IPSec and the Internet key exchange protocol ●Transport layer security protocol.

Slides:



Advertisements
Similar presentations
Internet Protocol Security (IP Sec)
Advertisements

Spring 2012: CS419 Computer Security Vinod Ganapathy SSL, etc.
Internet Security CSCE 813 IPsec
TLS Introduction 14.2 TLS Record Protocol 14.3 TLS Handshake Protocol 14.4 Summary.
Working Connection Computer and Network Security - SSL, IPsec, Firewalls – (Chapter 17, 18, 19, and 23)
BASIC CRYPTOGRAPHY CONCEPT. Secure Socket Layer (SSL)  SSL was first used by Netscape.  To ensure security of data sent through HTTP, LDAP or POP3.
IPSec In Depth. Encapsulated Security Payload (ESP) Must encrypt and/or authenticate in each packet Encryption occurs before authentication Authentication.
IPSec: Authentication Header, Encapsulating Security Payload Protocols CSCI 5931 Web Security Edward Murphy.
IP Security. n Have a range of application specific security mechanisms u eg. S/MIME, PGP, Kerberos, SSL/HTTPS n However there are security concerns that.
Security at the Network Layer: IPSec
1 IPSec—An Overview Somesh Jha Somesh Jha University of Wisconsin University of Wisconsin.
Chapter 5 Network Security Protocols in Practice Part I
Chapter 13 IPsec. IPsec (IP Security)  A collection of protocols used to create VPNs  A network layer security protocol providing cryptographic security.
ECE 454/CS 594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall.
1 Lecture 15: IPsec AH and ESP IPsec introduction: uses and modes IPsec concepts –security association –security policy database IPsec headers –authentication.
Henric Johnson1 Ola Flygt Växjö University, Sweden IP Security.
IP Security IPSec 2 * Essential Network Security Book Slides. IT352 | Network Security |Najwa AlGhamdi 1.
IP Security. Overview In 1994, Internet Architecture Board (IAB) issued a report titled “Security in the Internet Architecture”. This report identified.
TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 30 Internet Security.
1 IP Security Outline of the session –IP Security Overview –IP Security Architecture –Key Management Based on slides by Dr. Lawrie Brown of the Australian.
Configuration of a Site-to-Site IPsec Virtual Private Network Anuradha Kallury CS 580 Special Project August 23, 2005.
1 Pertemuan 11 IPSec dan SSL Matakuliah: H0242 / Keamanan Jaringan Tahun: 2006 Versi: 1.
1 IPsec Youngjip Kim Objective Providing interoperable, high quality, cryptographically-based security for IPv4 and IPv6 Services  Access.
IP Security. IPSEC Objectives n Band-aid for IPv4 u Spoofing a problem u Not designed with security or authentication in mind n IP layer mechanism for.
CMSC 414 Computer (and Network) Security Lecture 25 Jonathan Katz.
What is in Presentation What is IPsec Why is IPsec Important IPsec Protocols IPsec Architecture How to Implement IPsec in linux.
32.1 Chapter 32 Security in the Internet: IPSec, SSL/TLS, PGP, VPN, and Firewalls Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction.
IP Security: Security Across the Protocol Stack
1 Section 10.9 Internet Security Association and Key Management Protocol ISAKMP.
Cosc 4765 SSL/TLS and VPN. SSL and TLS We can apply this generally, but also from a prospective of web services. Multi-layered: –S-http (secure http),
IP Security Lawrence Taub IPSEC IP security — security built into the IP layer Provides host-to-host (or router-to-router) encryption and.
SSL and IPSec CS461/ECE422 Spring Reading Chapter 22 of text Look at relevant IETF standards.
ECE 454/CS 594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall.
SMUCSE 5349/49 IP Sec. SMUCSE 5349/7349 Basics Network-level: all IP datagrams covered Mandatory for next-generation IP (v6), optional for current-generation.
Information management 1 Groep T Leuven – Information department 1/26 IPSec IP Security (IPSec)
1 Security Protocols in the Internet Source: Chapter 31 Data Communications & Networking Forouzan Third Edition.
Karlstad University IP security Ge Zhang
IPsec IPsec (IP security) Security for transmission over IP networks –The Internet –Internal corporate IP networks –IP packets sent over public switched.
IPsec Introduction 18.2 Security associations 18.3 Internet Security Association and Key Management Protocol (ISAKMP) 18.4 Internet Key Exchange.
IP Security.  In CERTs 2001 annual report it listed 52,000 security incidents  the most serious involving:  IP spoofing intruders creating packets.
IPSec ● IP Security ● Layer 3 security architecture ● Enables VPN ● Delivers authentication, integrity and secrecy ● Implemented in Linux, Cisco, Windows.
IP Security: Security Across the Protocol Stack. IP Security There are some application specific security mechanisms –eg. S/MIME, PGP, Kerberos, SSL/HTTPS.
IP security Ge Zhang Packet-switched network is not Secure! The protocols were designed in the late 70s to early 80s –Very small network.
Encapsulated Security Payload Header ● RFC 2406 ● Services – Confidentiality ● Plus – Connectionless integrity – Data origin authentication – Replay protection.
1 Lecture 13 IPsec Internet Protocol Security CIS CIS 5357 Network Security.
Internet Security CSCE 813 IPsec. CSCE813 - Farkas2 TCP/IP Protocol Stack Application Layer Transport Layer Network Layer Data Link Layer.
Authentication Header ● RFC 2402 ● Services – Connectionless integrity – Data origin authentication – Replay protection – As much header authentication.
IPSec  general IP Security mechanisms  provides  authentication  confidentiality  key management  Applications include Secure connectivity over.
IPSec – IP Security Protocol By Archis Raje. What is IPSec IP Security – set of extensions developed by IETF to provide privacy and authentication to.
IPSec is a suite of protocols defined by the Internet Engineering Task Force (IETF) to provide security services at the network layer. standard protocol.
1 IPSec: An Overview Dr. Rocky K. C. Chang 4 February, 2002.
CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.
Network Layer Security Network Systems Security Mort Anvari.
K. Salah1 Security Protocols in the Internet IPSec.
Security Data Transmission and Authentication Lesson 9.
IP Security (IPSec) Matt Hermanson. What is IPSec? It is an extension to the Internet Protocol (IP) suite that creates an encrypted and secure conversation.
Cryptography CSS 329 Lecture 13:SSL.
8-1Network Security Virtual Private Networks (VPNs) motivation:  institutions often want private networks for security.  costly: separate routers, links,
@Yuan Xue CS 285 Network Security IP Security Yuan Xue Fall 2013.
VPNs & IPsec Dr. X Slides adopted by Prof. William Enck, NCSU.
CSE 4905 IPsec.
Somesh Jha University of Wisconsin
IT443 – Network Security Administration Instructor: Bo Sheng
UNIT.4 IP Security.
IPSec IPSec is communication security provided at the network layer.
BINF 711 Amr El Mougy Sherif Ismail
CSE 5/7349 – February 15th 2006 IPSec.
Presentation transcript:

IPSec and TLS Lesson Introduction ●IPSec and the Internet key exchange protocol ●Transport layer security protocol

Goals of IPSec IP spoofing is a common technique in cyber attacks ●Bots spoof the an IP address of a victim web site ●Then send DNS queries to DNS servers ●The DNS servers respond, sending large amounts of data to the victim ●Result: a denial-of-service attack

Goals of IPSec ●Verify sources of IP packets ●Provide Authentication that is lacking in IPv4 ●Protect integrity and/or confidentiality of packets ●Prevent replaying of old packets ●Provide security automatically for upper layer protocols and applications

Spoofing Quiz IP Spoofing is useful for... Mark the answer(s) that are correct. Bidirectional communication Unidirectional communication

IPSec Modes

Tunnel Mode

IPSec Quiz IPsec can assure that. Fill in the blank with the letter of the correct answer. A.a router advertisement comes from an authorized router B.a routing update is not forged C.a redirect message comes from the router to which the initial packet was sent D.all of the above

IPSec Architecture

Encapsulated Security Payload (ESP) ●Encrypt and authenticate each packet ●Encryption is applied to packet payload ●Authentication is applied to data in the IPSec header as well as the data contained as payload, after encryption is applied

ESP Modes Quiz ESP can be securely used in... Mark all answer(s) that are correct. encryption only mode authentication only mode encryption and authentication mode

ESP in Transport Mode

ESP Tunnel Mode

Authentication Header (AH) ●Authentication is applied to the entire packet, with the mutable fields in the IP header “zeroed out” ●If both ESP and AH are applied to a packet, AH follows ESP

Authentication Header in Transport Mode

Authentication Header in Tunnel Mode

ESP and AH Quiz Label each statement T for True or F For False: ESP can provide both confidentiality and integrity protection If the authentication option of ESP is chosen, message integrity code is computed before encryption To protect the confidentiality and integrity of the whole original IP packet, we can use ESP with authentication option in tunnel mode. In AH, the integrity hash covers the IP header

Internet Key Exchange ●Exchange and negotiate security policies ●Establish parameters ●Security Associations ●Key exchange

Security Association ●One-way relationship between a sender and a receiver, defined by IPSec parameters ●One SA for inbound traffic, another SA for outbound ●Security Association Database (SADB) ●Security Parameter Index (SPI) ●A unique index for each entry in the SADB ●Identifies the SA associated with a packet ●Security Policy Database (SPD) ●Store policies used to establish SAs

SPD and SADB Fit Together

SAD and SPD Quiz Mark all the answer(s) that are true. SPD and SAD are maintained in separate tables SAD is searched linearly SPD is a hash table

SPD and SADB Example:

Outbound Processing

Inbound Processing

Anti-Replay ●Sequence number checking: ●Anti-replay is used only if authentication is selected ●Window should not be advanced until the packet has been authenticated ●Duplicates are rejected!

IPSec Quiz The security association, SA, specifies a two-way security arrangements between the sender and receiver. SPI is used to help receiver identify the SA to un-process the IPSec packet. If the sequence number in the IPSec header is greater than the largest number of the current anti-replay window the packet is rejected. If the sequence number in the IPSec header is smaller than the smallest number of the current anti-replay window the packet is rejected. Label each statement T for True or F For False:

Internet Key Exchange ●Used when an outbound packet requires IPSec but does not yet have an SA ●Two phases: ●Establish an IKE SA ●Use the IKE SA to negotiate IPSec SAs ●IKE SA used to define encryption & authentication of IKE traffic ●Multiple IPSec SAs can be established with one IKE SA ●IKE SA bidirectional

IKE Phase I – Create IKE SA ●Negotiate protection suite, crypto algorithms ●Establish shared secret ●E.g., use Diffie-Hellman ●Authenticate the shared secret, IKE SA ●E.g., using pre-shared secret key, public-key encryption or digital signatures

IKE Phase 1 Example

Diffie-Hellman Quiz Is the above statement true or false? The Diffie-Hellman key exchange is restricted to two party communication only.

Diffie-Hellman and Pre-shared Secret ●PRF is a Pseudo-Random Function ●SKEYID root secret =PRF(preshared-key,N I |N R ) ●SKEYID_d for IPSec SA =PRF(SKEYID,K|C I |C R |0) K is the shared secret key computed using Diffie-Hellman ●SKEYID_a for IKE message data authentication & integrity = PRF(SKEYID,SKEYID_d|K|C I |C R |1) ●SKEYID_e use to encrypt IKE messages = PRF(SKEYID,SKEYID_a|K|C I |C R |2)

Authentication of the Key Exchange ●To authenticate each other’s identity and data that they just exchanged, the initiator and responder each generates a hash digest that only the other could know Hash-I=PRF(SKEYID,Y I |Y R |C I |C R |Crypto Offer|ID I ) Hash-R=PRF(SKEYID,Y R |Y I |C I |C R |Crypto Offer|ID R )

IKE-Phase 2 Keys ●Default: no PFS (perfect forward secrecy) ●Keys for IPSec SA derived from IKE shared secret ●With PFS: new nonce values, and new Diffie-Hellman key exchange, etc.

IKE-Phase 2 Keys with PFS Each time an IPSec SA is established... ●Its keys are created based on the pre-shared key and new, exchanged information Unless the pre-shared key is compromised, the keys for the current IPSec SA are secure.

IPSec Summary

IKE Quiz An IKE SA needs to established before IPSec SAs can be negotiated The identity of the responder and receiver and the messages they have exchanged need to be authenticated With perfect forward secrecy, the IPSec SA keys are based on the IKE shared secret established in Phase I. Label each statement T for True or F For False:

Secure Socket Layer (SSL) and Transport Layer Security (TLS)

TLS Concepts

SSL Record Protocol

The Handshake Protocol

The Parameters: ●Version: the highest TLS version understood by the client ●Random: a 32-bit timestamp and 28 bytes generated by a secure random number generator ●Session ID: a variable-length session identifier ●CipherSuite: a list containing the combinations of cryptographic algorithms supported by the client ●Compression Method: a list of compression methods supported by the client The Handshake Protocol

IPSec and TLS Lesson Summary ●IPSec can operate in tunnel or transport mode ●Confidentiality and authenticity protection provided through ESP and AH ●The one-way security association stores security parameters. ●SSL/TLS has two layers: record protocol, and handshake, change cipher spec and alert protocols

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.