secure communications: the ipsec roledsie10/presentations... · 12 secure communications: the ipsec...
TRANSCRIPT
URL: www.fe.up.pt/dsie10 E-mail:[email protected]
Secure Communications:
The IPsec Role
Jorge Pinto Leite
2
Secure Communications: The IPsec Role
Communications links are widely used for
various purposes
Increasing every day
Sometimes, without any security concern
As an example, 53,3% of the online payment by Internet
during 2009 in Portugal has been done providing the
codes of the personal credit or debit card (INE)
3
Secure Communications: The IPsec Role
This facts shows the need for a security
protocol specially when communicating with
sensitive data
Banks
Health
Professional (employer, between companies,…)
Personal (plan trips, buying tickets or goods, …)
4
Secure Communications: The IPsec Role
When IPv6 started being developed, security
was in the mind of everyone involved
But what about IPv4?
It has a lack of any kind of mechanism to ensure
the privacy and authenticity
When datagrams are routed over unknown
networks, the information could be intercepted
and/or changed
5
Secure Communications: The IPsec Role
As IPv6 deployment is expected to happen in
a large period, a security protocol to protect
the data with the existing protocol, IPv4, was
needed
As an huge IP layered infrastructure was already
implemented
6
Secure Communications: The IPsec Role
IPsec
Internet Protocol Security
Provides security over the TCP stack
Its architecture can be
Integrated
“Bump In The Stack”
“Bump In The Wire”
7
Secure Communications: The IPsec Role
What is the “must do” for a security protocol
that all expect?
Authenticity
Confidentiality
Integrity
8
Secure Communications: The IPsec Role
IPsec provides this by using
Two protocol variants
Authentication Header (AH)
Encapsulating Security Payload (ESP)
Two modes of operation
Transport
Tunnel
It constructs a Security Association (SA)
between the end points (peers)
9
Secure Communications: The IPsec Role
Authentication Header
AH provides connectionless integrity and data
origin authentication for IP datagrams
Also provides protection against replays
This facility is optional and may be selected by the
receiver after a SA is established
It implies that the SA management protocol should be
able to negotiate this feature
10
Secure Communications: The IPsec Role
Authentication Header
The authentication is for the whole IP datagram
except for the ones changed in traffic
The integrity algorithm employed is specified by
the SA
The most recent definition of IPsec (version 3)
specifies that implementations MAY support AH
11
Secure Communications: The IPsec Role
Encapsulating Security Payload
Provides confidentiality, data origin authentication,
connectionless integrity, an anti-replay service
and (limited) traffic flow confidentiality
Depending on the configuration options selected when
the SA is established
The anti-replay option has same operation mode of the
AH protocol
IPsec implementations MUST support ESP
12
Secure Communications: The IPsec Role
Encapsulating Security Payload
The encryption algorithms are specified by the SA
The mandatory-to-implement algorithms to be used are
object of a separated RFC (RFC 4835 is the last update)
to facilitate updating the requirements
Dummy packets can (should?) be inserted at random
intervals to mask the absence of actual traffic
The objective is to look like a continuous stream of data
13
Secure Communications: The IPsec Role
Transport mode
It’s objective is to protect the upper OSI model
layers but leaving unaltered the IP header
Original IP header AH header Payload
authenticated except for the IP header fields changeable during traffic
Original IP header ESP header Payload Trailer ESP ESP authentication
encrypted
authenticated
14
Secure Communications: The IPsec Role
Tunnel mode
It’s objective is to protect the upper OSI layers
including the IP header (meaning, the OSI layer 3 itself)
New IP header AH header Original IP header Payload
authenticated except for the IP header fields changeable during traffic
New IP
header
ESP header Original IP
header
Payload Trailer
ESP
ESP authentication
encrypted
authenticated
15
Secure Communications: The IPsec Role
Transport mode Tunnel mode
Source: http://www.tcpipguide.com/free/t_IPSecModesTransportandTunnel.htm, accessed on the 5th Nov 2009
16
Secure Communications: The IPsec Role
Experimental lab test
192.168.0.5/30
192.168.0.2/30 192.168.0.10/30
192.168.0.6/30
(1)
IPsec was configured in both routers with AH and ESP
(1) Station with Wireshark ® installed with the NIC in promiscuous mode
17
Secure Communications: The IPsec Role
Test message sent from 192.168.0.10/30
was Echo request (ICMP message type 8)
ICMP packet (type 08)
Source and destination IP of the PC’s (0xc0a8000a = 192.168.0.10 and 0xc0a80002 = 192.168.0.2)
18
Secure Communications: The IPsec Role
Transport mode
Source and destination IP remains equal (0xc0a8000a = 192.168.0.10 and 0xc0a80002 = 192.168.0.2)
The protocol field in IPv4 header points to AH (0x33 = 51(10))The protocol of AH header points to ESP (0x32 = 50(10))
19
Secure Communications: The IPsec Role
Tunnel mode
The protocol field in IPv4 header points to AH (0x33 = 51(10))and the “protocol” in AH header points to ESP (0x32 = 50(10))
Source and destination IP changed to the peers external IP’s(0xc0a8006a = 192.168.0.06 and 0xc0a80005 = 192.168.0.5)
20
Secure Communications: The IPsec Role
Advantages
Authentication
Anti-replay
Confidentiality
Traffic flow confidentiality
Disadvantages
Time and processing power consuming
Overhead
Other disadvantages
21
Secure Communications: The IPsec Role
The overhead problem
Original IP datagram size 3C16
IP datagram size after applying IPsec with both
security protocol algorithms 6C16
Overhead 80%
22
Secure Communications: The IPsec Role
Thank you
Any questions?
Jorge Pinto Leite