Presentation is loading. Please wait.

Presentation is loading. Please wait.

IPSec Isaac Ghansah.

Published byJewel Taylor Modified over 9 years ago

Similar presentations

Presentation on theme: "IPSec Isaac Ghansah."— Presentation transcript:

1 IPSec Isaac Ghansah

2 TCP/IP Example

3 IP Security Issues Eavesdropping Modification of packets in transit
Identity spoofing (forged source IP addresses) Denial of service Many solutions are application-specific TLS for Web, S/MIME for , SSH for remote login IPSec aims to provide a framework of open standards for secure communications over IP Protect every protocol running on top of IPv4 and IPv6

4 IPSec: Network Layer Security
IPSec = AH + ESP + IPcomp + IKE Protection for IP traffic AH provides integrity and origin authentication ESP also confidentiality Compression Sets up keys and algorithms for AH and ESP AH and ESP rely on an existing security association Idea: parties must share a set of secret keys and agree on each other’s IP addresses and crypto algorithms Internet Key Exchange (IKE) Goal: establish security association for AH and ESP If IKE is broken, AH and ESP provide no protection!

5 IPSec Security Services
Authentication and integrity for packet sources Ensures connectionless integrity (for a single packet) and partial sequence integrity (prevent packet replay) Confidentiality (encapsulation) for packet contents Also partial protection against traffic analysis Authentication and encapsulation can be used separately or together Either provided in one of two modes These services are transparent to applications above transport (TCP/UDP) layer

6 IPSec Modes Transport mode Tunnel mode
Used to deliver services from host to host or from host to gateway Usually within the same network, but can also be end-to-end across networks Tunnel mode Used to deliver services from gateway to gateway or from host to gateway Usually gateways owned by the same organization With an insecure network in the middle Rarely use tunnel mode between hosts in the same network

7 IPSec in Transport Mode
End-to-end security between two hosts Typically, client to gateway (e.g., PC to remote host) Requires IPSec support at each host

8 IPSec in Tunnel Mode Gateway-to-gateway security
Internal traffic behind gateways not protected Typical application: virtual private network (VPN) Only requires IPSec support at gateways

9 Tunnel Mode Illustration
Implements IPSec Implements IPSec IPSec protects communication on the insecure part of the network

10 Transport Mode vs. Tunnel Mode
Transport mode secures packet payload and leaves IP header unchanged Tunnel mode encapsulates both IP header and payload into IPSec packets IP header (real dest) IPSec header TCP/UDP header + data IP header (gateway) IPSec header IP header (real dest) TCP/UDP header + data

11 Security Association (SA)
One-way sender-recipient relationship SA determines how packets are processed Cryptographic algorithms, keys, IVs, lifetimes, sequence numbers, mode (transport or tunnel) – read Kaufman! SA is uniquely identified by SPI (Security Parameters Index)… Each IPSec keeps a database of SAs SPI is sent with packet, tells recipient which SA to use …destination IP address, and …protocol identifier (AH or ESP)

12 SA Components Each IPSec connection is viewed as one-way so two SAs required for a two-way conversation Hence need for Security Parameter Index Security association (SA) defines Protocol used (AH, ESP) Mode (transport, tunnel) Encryption or hashing algorithm to be used Negotiated keys and key lifetimes Lifetime of this SA … plus other info

13 Security Association Issues
How is SA established? How do parties negotiate a common set of cryptographic algorithms and keys to use? More than one SA can apply to a packet! E.g., end-to-end authentication (AH) and additional encryption (ESP) on the public part of the network

14 AH: Authentication Header
Sender authentication Integrity for packet contents and IP header Sender and receiver must share a secret key This key is used in HMAC computation The key is set up by IKE key establishment protocol and recorded in the Security Association (SA) SA also records protocol being used (AH) and mode (transport or tunnel) plus hashing algorithm used MD5 or SHA-1 supported as hashing algorithms

15 IP Headers Immutable Predictable Mutable
Version Header Length TOS Packet length Packet Id Flags Immutable Predictable Mutable Fragment offset TTL Protocol number Checksum Source IP address Destination IP address Options We especially want to protect the source and destination addresses and the protocol from alteration HMAC 96 means final hash is truncated to 96 bits. Note that HMAC requires a shared secret set up by IKE AH sets mutable fields to zero and predictable fields to final value and then uses this header plus packet contents as input to HMAC

16 AH in Transport Mode Before AH is applied

17 AH in Tunnel Mode Before AH is applied

18 Authentication Header Format
Provides integrity and origin authentication Authenticates portions of the IP header Anti-replay service (to counter denial of service) No confidentiality Next header (TCP) Payload length Reserved Identifies security association (shared keys and algorithms) Security parameters index (SPI) Sequence number Anti-replay ICV: Integrity Check Value (HMAC of IP header, AH, TCP payload) Authenticates source, verifies integrity of payload

19 Prevention of Replay Attacks
When SA is established, sender initializes 32-bit counter to 0, increments by 1 for each packet If wraps around 232-1, new SA must be established Recipient maintains a sliding 64-bit window If a packet with high sequence number is received, do not advance window until packet is authenticated

20 Forms of AH-Based Authentication
Transport mode protects the integrity and authenticates the source using HMAC with either MD5 or SHA-1 Tunnel mode protects the integrity of the packet contents and authenticates the sender through the untrusted part of the network

21 ESP: Encapsulating Security Payload
Adds new header and trailer fields to packet Transport mode Confidentiality of packet between two hosts Complete hole through firewalls Used sparingly Tunnel mode Confidentiality of packet between two gateways or a host and a gateway Implements VPN tunnels Again the location of the IPSec software helps determine what mode to use

22 ESP Security Guarantees
Confidentiality and integrity for packet payload Symmetric cipher negotiated as part of security assoc Optionally provides authentication (similar to AH) Can work in transport… …or tunnel mode encrypted Original IP header ESP header TCP/UDP segment ESP trailer ESP auth authenticated New IP header ESP header Original IP header TCP/UDP segment ESP trailer ESP auth

23 ESP Packet Identifies security association (shared
keys and algorithms) Anti-replay TCP segment (transport mode) or entire IP packet (tunnel mode) Pad to block size for cipher, also hide actual payload length Type of payload HMAC-based Integrity Check Value (similar to AH)

24 Virtual Private Networks (VPN)
ESP is often used to implement a VPN Packets go from internal network to a gateway with TCP / IP headers for address in another network Entire packet hidden by encryption Including original headers so destination addresses are hidden Receiving gateway decrypts packet and forwards original IP packet to receiving address in the network that it protects This is known as a VPN tunnel Secure communication between parts of the same organization over public untrusted Internet

25 ESP Together With AH AH and ESP are often combined
End-to-end AH in transport mode Authenticate packet sources Gateway-to-gateway ESP in tunnel mode Hide packet contents and addresses on the insecure part of the network Significant cryptographic overhead Even with AH

26 Reading Assignment Kaufman. Chapter 17.

Download ppt "IPSec Isaac Ghansah."

Similar presentations

IP Security have considered some application specific security mechanisms –eg. S/MIME, PGP, Kerberos, SSL/HTTPS however there are security concerns that.

IP Security have considered some application specific security mechanisms –eg. S/MIME, PGP, Kerberos, SSL/HTTPS however there are security concerns that.
CS470, A.SelcukIPsec – AH & ESP1 CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.

CS470, A.SelcukIPsec – AH & ESP1 CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.
Internet Security CSCE 813 IPsec

Internet Security CSCE 813 IPsec
IPSec: Authentication Header, Encapsulating Security Payload Protocols CSCI 5931 Web Security Edward Murphy.

IPSec: Authentication Header, Encapsulating Security Payload Protocols CSCI 5931 Web Security Edward Murphy.
IP Security. n Have a range of application specific security mechanisms u eg. S/MIME, PGP, Kerberos, SSL/HTTPS n However there are security concerns that.

IP Security. n Have a range of application specific security mechanisms u eg. S/MIME, PGP, Kerberos, SSL/HTTPS n However there are security concerns that.
Cryptography and Network Security Chapter 16 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Chapter 16 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.
IP SECURITY – Chapter 16 IP SECURITY – Chapter 16 Security Mechanisms: email – S/MIME, PGP client/server - Kerberos web access - Secure Sockets Layer network.

IP SECURITY – Chapter 16 IP SECURITY – Chapter 16 Security Mechanisms: – S/MIME, PGP client/server - Kerberos web access - Secure Sockets Layer network.
ECE 454/CS 594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall.

ECE 454/CS 594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall.
1 Lecture 15: IPsec AH and ESP IPsec introduction: uses and modes IPsec concepts –security association –security policy database IPsec headers –authentication.

1 Lecture 15: IPsec AH and ESP IPsec introduction: uses and modes IPsec concepts –security association –security policy database IPsec headers –authentication.
IP Security IPSec 2 * Essential Network Security Book Slides. IT352 | Network Security |Najwa AlGhamdi 1.

IP Security IPSec 2 * Essential Network Security Book Slides. IT352 | Network Security |Najwa AlGhamdi 1.
IP Security. Overview In 1994, Internet Architecture Board (IAB) issued a report titled “Security in the Internet Architecture”. This report identified.

IP Security. Overview In 1994, Internet Architecture Board (IAB) issued a report titled “Security in the Internet Architecture”. This report identified.
CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.

CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.
1 Pertemuan 11 IPSec dan SSL Matakuliah: H0242 / Keamanan Jaringan Tahun: 2006 Versi: 1.

1 Pertemuan 11 IPSec dan SSL Matakuliah: H0242 / Keamanan Jaringan Tahun: 2006 Versi: 1.
1 IPsec Youngjip Kim 2004. 05. 24. 2 Objective Providing interoperable, high quality, cryptographically-based security for IPv4 and IPv6 Services  Access.

1 IPsec Youngjip Kim Objective Providing interoperable, high quality, cryptographically-based security for IPv4 and IPv6 Services  Access.
Chapter 6 IP Security. Outline Internetworking and Internet Protocols (Appendix 6A) IP Security Overview IP Security Architecture Authentication Header.

Chapter 6 IP Security. Outline Internetworking and Internet Protocols (Appendix 6A) IP Security Overview IP Security Architecture Authentication Header.
IP Security. IPSEC Objectives n Band-aid for IPv4 u Spoofing a problem u Not designed with security or authentication in mind n IP layer mechanism for.

IP Security. IPSEC Objectives n Band-aid for IPv4 u Spoofing a problem u Not designed with security or authentication in mind n IP layer mechanism for.
K. Salah1 Security Protocols in the Internet IPSec.

K. Salah1 Security Protocols in the Internet IPSec.
1 Chapter 8 Copyright 2003 Prentice-Hall Cryptographic Systems: SSL/TLS, VPNs, and Kerberos.

1 Chapter 8 Copyright 2003 Prentice-Hall Cryptographic Systems: SSL/TLS, VPNs, and Kerberos.
IP Security: Security Across the Protocol Stack

IP Security: Security Across the Protocol Stack
Cosc 4765 SSL/TLS and VPN. SSL and TLS We can apply this generally, but also from a prospective of web services. Multi-layered: –S-http (secure http),

Cosc 4765 SSL/TLS and VPN. SSL and TLS We can apply this generally, but also from a prospective of web services. Multi-layered: –S-http (secure http),

Similar presentations

Ads by Google