Embed Size (px)
DESCRIPTION
453 Network Security. Section 7: IPSec/SSL Dr. E.C. Kulasekere Sri Lanka Institute of Information Technology - 2006. IP Security. S/MIME (Multipurpose Internet Main Extension), PGP, Kerberos are some examples of application specific security mechanisms - PowerPoint PPT Presentation
Citation preview
453 Network Security453 Network Security
Section 7: IPSec/SSLDr. E.C. Kulasekere
Sri Lanka Institute of Information Technology - 2006
IP SecurityIP Security
• S/MIME (Multipurpose Internet Main Extension), PGP, Kerberos are some examples of application specific security mechanisms
• However there are security concerns that cut across protocol layers
• Would like security implemented by the network for all applications, even for security-ignorant applications.
Need for IP SecurityNeed for IP Security
• Here is an example of a secure private TCP/IP network with– Disallowing links to untrusted sites– Encrypting packets that leave the premises– Authenticating packets that enter the
premises
• All of the above varying requirements can be met if you provide IP level security.
• With IP security applications of all kinds will be covered.
IPsecIPsec
• The functional areas general IP Security mechanisms provides– Authentication: This provides source
authentication.– Confidentiality: encryption– key management: transfer of keys securely.
• applicable to use over LANs, across public & private WANs, & for the Internet
IP Security OverviewIP Security Overview• This was introduced to address: IP
Spoofing, eavesdropping, packet sniffing etc.
• Came after IPv4, actually for IPv6. But can also be used with IPv4.
• The principle feature of IPsec is that it supports varied applications and authenticate all traffic at the IP level. This is primarily good for distributed applications.
Applications of IPsecApplications of IPsec
• Secure branch office connectivity over the internet.– A company can build a secure VPN over the
internet.– Hence the internet is used heavily and no
private network is required.– Saving in cost and network management
overhead is the end result.
Applications of IPsecApplications of IPsec
• Secure remote access over the internet.– The office system has to be equipped with
IPsec.– The user dials into the ISP and then gains
access securely to the company network.– This reduces the toll charges for traveling
employees and telecommuters.
• Enhancing e-commerce security– Web and eCommerce applications have built
in security protocols, the use of IPsec will enhance this.
IPSec UsesIPSec Uses
Benefits of IPSecBenefits of IPSec• in a firewall/router provides strong security
to all traffic crossing the perimeter. The traffic within the company or workgroup will not incur additional overhead.
• is resistant to bypass in a firewall.
• is below transport layer, hence transparent to applications
• can be transparent to end users as well.
• can provide security for individual users if desired
Routing Applications of IPsecRouting Applications of IPsec
• In addition to protecting the premises and users it will additionally play a role in routing architectures in internetworking. It can assure that– A router advertisement comes from an
authorized router.– A neighbor advertisement comes from an
authorized router.– A redirect message comes from the router to
which the initial packet was sent.– A routing update is not forged.
IP Security ArchitectureIP Security Architecture
• specification is quite complex
• defined in numerous RFC’s– incl. RFC 2401/2402/2406/2408– many others, grouped by category
• mandatory in IPv6, optional in IPv4. In both cases the security features are implemented as extension headers that follow the main IP header.
Areas Addressed in the IPsec Documentation
Areas Addressed in the IPsec Documentation
• Architecture. General concepts and requirements.
• Encapsulating security payload (ESP): packet format for encryption.
• Authentication header (AH): packet format for authentication.
• Encryption algorithm: different algorithms.
• Key management:
IPSec ServicesIPSec Services
• Access control
• Connectionless integrity
• Data origin authentication
• Rejection of replayed packets– a form of partial sequence integrity
• Confidentiality (encryption)
• Limited traffic flow confidentiality
IPsec Services Provided by AH and ESP Protocols
IPsec Services Provided by AH and ESP Protocols
Security Associations (SA)Security Associations (SA)• This is the key concept common to both
authentication and confidentiality.• An association is a one-way relationship
between the sender and the receiver that affords security services to the traffic carried on it.
• If this is required to have a two way secure communication, then TWO SAs are required.
• Security services are afforded to an SA for the use of AH or ESP, but not both. Since both require different packet formats which cannot be achieved simultaneously
Security AssociationsSecurity Associations• defined by 3 parameters:
– Security Parameters Index (SPI): only of local significance. The SPI is carried in AH and ESP headers to enable the receiving system to select the SA under which a received packet will be processed.
– IP Destination Address: The address of the destination endpoint of the SA eg. End user system firewall or router
– Security Protocol Identifier: This indicates whether the association is an AH or ESP security association.
• has a number of other parameters: seq no, AH & EH info, lifetime etc
• have a database of Security Associations: Security policy database (SPD)
Modes of Use for AH and ESPModes of Use for AH and ESP
• Transport Mode: This mode provides protection primarily for upper layer protocols– ESP in transport mode encrypts and
optionally authenticates the IP payload but not the IP header (used for end-to-end communications)
– AH in transport mode authenticates the IP payload and selected portions of the IP header.
Modes of Use for AH and ESPModes of Use for AH and ESP
• Tunnel Mode: This mode provides protection to the entire packet.– After the AH and ESP fields are added to the
IP packet, the entire packet plus the security fields are treated as the payload of new `outer’ IP packet with a new outer IP header.
– No routers on the way are able to examine the inner IP header.
– Since the total is encapsulated, the destination and source addresses may be completely different adding security to the packet during transition.
Tunnel and Transport Mode Functionality
Tunnel and Transport Mode Functionality
Authentication Header (AH)Authentication Header (AH)
• provides support for data integrity & authentication of IP packets in transit– end system/router can authenticate user/app– prevents address spoofing attacks by tracking
sequence numbers
• based on use of a MAC– HMAC-MD5-96 or HMAC-SHA-1-96
• parties must share a secret key
Authentication Header (pp.491)Authentication Header (pp.491)
Anti-Replay ServiceAnti-Replay Service
• This is the type of attack where the attacker obtains a copy of an authenticated packet and later transmit it to the intended destination.
• This is circumvented using the sequence number.
• The sequence number is initialized when the new SA is established and then incremented for each subsequent packet.
Anti-Replay Service …Anti-Replay Service …• Since IP is connectionless, the delivery of the
packet is not guaranteed. Hence the receiver implements a window size of W before it determines that the packet expires.
Transport & Tunnel ModesEND to END & END to INTERMEDIATE
Transport & Tunnel ModesEND to END & END to INTERMEDIATE
pp. 495
Encapsulating Security Payload (ESP)Encapsulating Security Payload (ESP)
• provides message content confidentiality & limited traffic flow confidentiality
• can optionally provide the same authentication services as AH
• supports range of ciphers, modes, padding– incl. DES, Triple-DES, RC5, IDEA, CAST etc– CBC most common– pad to meet block size, for traffic flow
Encapsulating Security PayloadEncapsulating Security Payload
Transport vs. Tunnel Mode ESPTransport vs. Tunnel Mode ESP• transport mode is used to encrypt & optionally
authenticate IP data– data protected but header left in clear– can do traffic analysis but is efficient– good for ESP host to host traffic
Transport vs. Tunnel Mode ESP …Transport vs. Tunnel Mode ESP …
• tunnel mode encrypts entire IP packet– add new header for next hop– good for VPNs, gateway to gateway security
Combining Security AssociationsCombining Security Associations
• SA’s can implement either AH or ESP
• to implement both need to combine SA’s– form a security bundle
• have 4 cases (see next)
Combining SAs – Case 1Combining SAs – Case 1• All security is provided between end-systems
• The secret key should be shared by end systems
• The following combinations possible
– AH in transport mode, ESP in transport mode, AH followed by ESP in transport mode, any of the above inside an AH or ESP in tunnel mode
Combining SAs – Case 2Combining SAs – Case 2• Security is provided between gateways routers
firewalls etc and no host implements IPsec.• A single tunnel SA using AH, ESP or ESP with
authentication can be used. Nested tunnels are not required.
Combining SAs – Case 3Combining SAs – Case 3
• Builds on case 2 by adding end-to-end security.
Combining SAs – Case 4Combining SAs – Case 4• Provides support for a remote host that uses the
internet to reach an organization’s firewall and then to gain access to some server or workstation behind the firewall. Only tunnel mode is required.
Web SecurityWeb Security
• Web now widely used by business, government, individuals
• but Internet & Web are vulnerable• have a variety of threats
– integrity– confidentiality– denial of service– authentication
• need added security mechanisms
A Comparison of Threats on the Web
A Comparison of Threats on the Web
Categorization of Web SecurityCategorization of Web Security
• Active/Passive attacks– Passive attack – Eavesdropping of network
traffic between browser and server and gaining information about the web server that is suppose to be restricted.
– Active attacks – Impersonating, altering messages in transit between the client and the web server and in extreme cases altering web site content.
• Security threat based on location.– At web server, at web browser, transit between
browser and server, etc.
Web Security based on the Relative location on the TCP/IP Stack
Web Security based on the Relative location on the TCP/IP Stack
Web Traffic Security Approaches.Web Traffic Security Approaches.
• Network level (using IPSec)– Adv: transparent to end user+application, general
purpose solution, has IP filtering capabilities (will not add overhead to all traffic)
• Transport level– Just above TCP stack. Eg. SSL. Transparent to
application if provided in the protocol. Or can be embedded in specific applications such as Netscape.
• Application level– Embedded in application, advantage of being able to
customize the security t the application. Eg. SET
