Agenda Some attacks against the IP Brief introduction to IPSec - - PowerPoint PPT Presentation
IP Security Cunsheng Ding HKUST, Kong Kong, China C. Ding - COMP4631 - L21 1 Agenda Some attacks against the IP Brief introduction to IPSec Building Block: Security Association Building Block: Security Association Database
Cunsheng Ding HKUST, Kong Kong, China
1
2
telnet,ftp,http, smtp,set TCP, UDP IP Network technology protocols Application Transport/session Internet Interface
smtp = simple mail transfer protocol
3
SMTP FTP
SSL/TLS
HTTP
IP TCP
SMTP
FTP
TCP
HTTP
ESP AH IP
Network approach Transport approach
S/MIME S-HTTP
IP TCP
Application approach
SMTP FTP HTTP
IP TCP SET PGP
Presentation approach Advantaqes and disadvantage of each?
4
n A number of attacks against IP are possible.
n Typically, these exploit the fact that IP does not
perform a robust mechanism for sender authentication.
n IP Spoofing
n This is where one host claims to have the IP address of
another.
n IP Session Hijacking
n It is an attack whereby a user's session is taken over,
being in the control of the attacker.
n If the user was in the middle of email, the attacker is
looking at the email, and then can execute any commands he wishes as the attacked user.
Conclusion: Security mechanism at the network layer would help.
5
6
Internet Engineering Task Force Standardization
– Define security architecture – Standardize IP Security Protocol and Internet Key Management Protocol
– IPsec protocols (two sub-protocols AH & ESP) – Internet Key Exchange (IKE)
7
protocols
– Mandatory-to-implement
– Easy to add new algorithms
8
IPSec provides the following:
– Data origin authentication – Connectionless data integrity – Data content confidentiality – Anti-replay protection – Limited traffic flow confidentiality
9
10
n It is a one-way relationship between a
sender and a receiver.
n It associates security services and keys
with the traffic to be protected.
n It is identified by:
n Security Parameter Index (SPI) à retrieve
correct SA parameters from Security Association Database (SAD)
n IPSec protocol identifier (AH or ESP) n Destination address (firewall, router)
11
two end points (or IPsec modules):
– Hosts – Network security gateways (e.g., routers, application gateways) – Hosts and security gateways
initialization vector
– e.g., Confidentiality using ESP with DES in CBC mode with IV initialization vector
Encapsulating Security Payload (ESP).
12
# ipsecadm new esp -spi 1000 -src HostA \
# ipsecadm new esp -spi 1001 -src HostB \
RemarK: src = source, dst = destination, keysize = 160 bits spi is a binary string at most 32 bits, used to create and delete SA, the spi values between 0 and 100 are reserved.
13
and time frame the same key is used
– Manual creation: no lifetime – Dynamic creation: may have a lifetime
14
15
– What traffic to be protected – How to protect – With whom the protection is shared
implementation, SPD is used to determine security mechanism to be applied
– Discard: do not let packet in or out – Bypass: do not apply or expect security services – Protect: apply/expect security services on packets
16
17
n Encapsulating Security Payload (ESP)
n Proof of data origin, data integrity, anti-
replay protection
n Data confidentiality and limited traffic flow
confidentiality
n Authentication Header (AH)
n Proof of data origin, data integrity, anti-
replay protection
n No data confidentiality n May provide non-repudiation & anti-replay (it
depends on the algorithm used.)
18
n Usage: protect upper layer protocols
n IPSec header is inserted between the IP header
and the upper-layer protocol header
n Communication endpoints must be cryptographic
endpoints (for end-to-end authentication), i.e., the endpoints generate/process IP header (AH, ESP).
n Only data is protected.
IP IPsec Payload
protected
19
Both endpoints are cryptographic endpoints, i.e. they generate / process an IPSec header (AH or ESP)
20
n Usage: protect entire IP datagram
n Entire IP packet to be protected is
encapsulated in another IP datagram and an IPsec header is inserted between the outer and inner IP headers Payload IP IPsec IP
protected
Original IP header New IP header
21
Tunnel mode is used when at least one cryptographic endpoint is not a communication endpoint of the secured IP packets. Outer IP Header – Destination for the router. Inner IP Header – Ultimate Destination
22
n Encryption:
n Triple DES in CBC mode (MUST) n AES in CBC mode (SHOULD+) n AES in CTR (counter) mode (SHOULD)
n Authentication:
n HMAC-MD5-96 (MAY)
n 96 truncated bites from 120
n HMAC-SHA-1-96 (MUST)
n 96 truncated bites from 160
n AES-XCBC-96 (SHOULD+)
n 96 truncated bites from 128
23
24
n IPSec needs secret keys:
n for transmitting and receiving both AH and ESP
n It supports two types of key management:
n Manual: A system administrator manually
configures each system with its own keys and with the keys of other communicating systems.
n Automated: An automated system enable the on-
demand creation of keys for SAs and facilitates the use of keys in a large distributed system with an evolving configuration.
25
n The management protocol is called “Internet
Key Exchange (IKE)”.
n It has two versions.
n IKE 1998, IKEv2 2005
n It is the most complicated sub-protocol of
IPSec.
n Details are omitted in this course, but we will
present its outline here.
26
Key Management
Key exchange protocol
27
28
IPsec module 1 IPsec module 2
SPD SAD SAD SPD
IKE IKE IPsec IPsec SA
SAD: Security Association Database IKE: Internet Key Exchange SPD: Security Policy Database
29
30
31
n Using IPSec all distributed applications
can be secured,
n Remote logon, n client/server, n e-mail, n file transfer, n Web access n etc.
32
n The benefits of IPSec include:
n IPSec can be transparent to end users. n There is no need to train users on security
mechanisms
n IPSec can provide security for individual
aplication
n By configuration, IPSec is applied to only one
specified application.
33