2003-2004 - information management 1 groep t leuven – information department 1/26 ipsec ip...
TRANSCRIPT
2003-2004 - Information management1Groep T Leuven – Information department1/26
IPSec
IP Security (IPSec)
2003-2004 - Information management2Groep T Leuven – Information department2/26
IP Security (IPSec)• IPSec overview• Authentication Header (AH)• Encapsulating Security Payload (ESP)• Internet Key Exchange (IKE)• Main Mode negotiation• Quick Mode negotiation• Retransmit behavior
2003-2004 - Information management3Groep T Leuven – Information department3/26
Overall Architecture (RFC 1825)
• Framework for security protocols to provide:– Data integrity– Data authentication– Data confidentiality– Security association management– Key management
2003-2004 - Information management4Groep T Leuven – Information department4/26
Authentication Header (RFC 1826)
• Data integrity—no twiddling of bits• Origin authentication—definitely came from router• Uses keyed-hash mechanism• Does not provide confidentiality
IP Header plus Data
AH
AuthenticationData (00ABCDEF)
AuthenticationData (00ABCDEF)
IP Header plus Data
Router IP HDRIP HDR DataData Router
2003-2004 - Information management5Groep T Leuven – Information department5/26
Encapsulating Security Payload (RFC 1827)
• Confidentiality• Data origin authentication• Data integrity• Replay protection (optional)
All Data-EncryptedRouter Router
2003-2004 - Information management6Groep T Leuven – Information department6/26
Security Association (SA)
Router
Firewall
Insecure Channel
• Agreement between two entities on method to communicate securely
• Unidirectional—two way communication consists of two SAs
2003-2004 - Information management7Groep T Leuven – Information department7/26
IKE Policy Negotiation
Encryption Algorithm, Hash Algorithm, and Method of Authentication
3DES, MD5, and RSA Signatures, or
IDEA, SHA, and DSS Signatures,or
Blowfish, SHA, and RSA Encryption
3DES, MD5, and RSA Signatures, or
IDEA, SHA, and DSS Signatures,or
Blowfish, SHA, and RSA EncryptionIDEA, SHA, and DSS SignaturesIDEA, SHA, and DSS Signatures
ISAKMP Policy TunnelISAKMP Policy Tunnel
2003-2004 - Information management8Groep T Leuven – Information department8/26
IPSec Model
• Device authentication
– Crypto devices obtain digital certificates from CAs
• Authorization
– Packet selection via ACLs
– Security Association (SA) established via ISAKMP/OAKLAY
• Privacy and integrity
– IPSec-based encryption and digital signature
Certificate Authority
Digital CertificateDigital CertificateSASA
Authenticated Encrypted Tunnel
Encrypted
Clear TextInternal Network
Internal Network
Digital CertificateDigital Certificate
IKE S
ession
2003-2004 - Information management9Groep T Leuven – Information department9/26
IPsec Protocols and Formats
Headers
KeyExchange
Modes
Encryption Hashing
Headers
KeyExchange
Modes
Encryption Hashing
AuthenticationHeaderEncapsulatingSecurity Payload
ISAKMP/Oakley
Diffie-Hellman
Transport
Tunnel
AuthenticationHeaderEncapsulatingSecurity Payload
ISAKMP/Oakley
Diffie-Hellman
Transport
Tunnel
• Integrity, authentication
• Adds confidentiality
• Negotiates security parameters• Uses digital certificates
• Generates shared secret keys
• IP payload only, Layer 4 is obscured• Both end systems need IPsec
• Entire datagram• No changes to intermediate systems
• DES, 3DES, RC4, IDEA, AES ...
• HMAC MD5, HMAC SHA1
• Integrity, authentication
• Adds confidentiality
• Negotiates security parameters• Uses digital certificates
• Generates shared secret keys
• IP payload only, Layer 4 is obscured• Both end systems need IPsec
• Entire datagram• No changes to intermediate systems
• DES, 3DES, RC4, IDEA, AES ...
• HMAC MD5, HMAC SHA1
2003-2004 - Information management10Groep T Leuven – Information department10/26
IPSec Modes
IP HDRIP HDR
Encrypted
IP HDRIP HDR DATADATA
IPSec HDRIPSec HDR DATADATA
IP HDRIP HDR DATADATA
IPSec HDRIPSec HDR IP HDRIP HDRNew IP HDRNew IP HDR
Encrypted
DATADATA
Tunnel Mode
Transport Mode
2003-2004 - Information management11Groep T Leuven – Information department11/26
Tunnel and Transport Modes
• Transport mode for end-to-end session
• Tunnel mode for everything else
HR Server
Joe’s PC
Transport Mode
Tunnel ModeTunnel Mode
2003-2004 - Information management12Groep T Leuven – Information department12/26
Ipsec—Standards Based
Internet
CampusFirewall
VLANsIPsec
IPsec
IPsec
Dial
2003-2004 - Information management13Groep T Leuven – Information department13/26
IPSec Overview
Router to Router
Router to FirewallPC to Router
PC to Server
• Proposed Internet standard for IP-layer cryptography with IPv4 and IPv6
2003-2004 - Information management14Groep T Leuven – Information department14/26
IPSec Process• Initiating the IPSec session
– Phase one—exchanging keys– Phase two—setting up security
associations• Encrypting/decrypting packets• Rebuilding security associations• Timing out security associations
2003-2004 - Information management15Groep T Leuven – Information department15/26
Initiating the IPSec Session Phase One — ISAKMP
• Internet Security Association Key Management Protocol (ISAKMP)
• Both sides need to agree on the ISAKMP security parameters (ISAKMP SADB)– ISAKMP parameters
•Encryption algorithm•Hash algorithm•Authentication method•Diffie-Hellman modulus•Group lifetime
2003-2004 - Information management16Groep T Leuven – Information department16/26
Initiating the IPSec Session Phase Two
• Both sides need to agree on the IPSec security parameters (IPSec SADB)
• IPSec parameters– IPSec peer
•Endpoint of IPSec tunnel– IPSec proxy
•Traffic to be encrypted/decrypted– IPSec transform
•Encryption and hashing– IPSec lifetime
•Phase two SA regeneration time
2003-2004 - Information management17Groep T Leuven – Information department17/26
Encrypting and Decrypting Packets• Phase one and phase two completes• Security Associations (SA) are created at
both IPSec endpoints • Using the negotiated SADB information
– Outbound packets are encrypted– Inbound packets are decrypted
2003-2004 - Information management18Groep T Leuven – Information department18/26
Rebuilding Security Associations• To ensure that keys are not compromised
they are periodically refreshed• Security associations will be rebuilt when:
– The lifetime expires, or– Data volume has been exceeded, or– Another SA is attempted with identical
parameters
2003-2004 - Information management19Groep T Leuven – Information department19/26
Security Associations• Combination of mutually agreed security services,
protection mechanisms, and cryptographic keys• ISAKMP SA• IPSec SAs
– One for inbound traffic– One for outbound traffic
• Security Parameters Index (SPI)– Helps identify an SA
• Creating SAs– Main Mode for ISAKMP SA– Quick Mode for IPSec SAs
2003-2004 - Information management20Groep T Leuven – Information department20/26
IPSec Headers
• Authentication Header (AH)– Provides data origin authentication, data
integrity, and replay protection for the entire IP datagram
• Encapsulating Security Payload (ESP)– Provides data origin authentication, data
integrity, replay protection, and data confidentiality for the ESP-encapsulated portion of the packet
2003-2004 - Information management21Groep T Leuven – Information department21/26
IPSec Modes
• Transport mode– Typically used for IPSec peers doing end-to-
end security– Provides protection for upper-layer protocol
data units (PDUs)• Tunnel mode
– Typically used by network routers to protect IP datagrams
– Provides protection for entire IP datagrams
2003-2004 - Information management22Groep T Leuven – Information department22/26
AH Transport Mode
IP Upper layer PDU
IP AH
Authenticated
Upper layer PDU
2003-2004 - Information management23Groep T Leuven – Information department23/26
AH Tunnel Mode
AH
Authenticated
IP
IP
IP (new)
Upper layer PDU
Upper layer PDU
2003-2004 - Information management24Groep T Leuven – Information department24/26
ESP Transport Mode
IP ESP ESPAuthData
Encrypted
Authenticated
IP Upper layer PDU
Upper layer PDU
2003-2004 - Information management25Groep T Leuven – Information department25/26
ESP with AH Transport Mode
IP ESP ESPESPAuth
Encrypted
Authenticated with AH
IP
AH
Upper layer PDU
Upper layer PDU
Authenticated with ESP