Upload
harry-barber
View
221
Download
0
Embed Size (px)
Citation preview
Potential vulnerabilities of IPsec-based VPN
GDFPamuláné Dr. Borbély Éva
What is a VPN?• VPN = Virtual Private Network • Virtual =refers to a logical connection between two devices • Private = confidentiality provided by the encryption• Network = basic connectivity between two devices
https://technet.microsoft.com
Types of VPN
• IPsec: • Can be used for site-to-site VPNs and remote-access VPNs• Implements security of IP packets at L3 of the OSI model
• SSL (Secure Sockets Layer):• Implements security of TCP sessions over encrypted SSL tunnels
• MPLS (Multiprotocol Label Switching) • Layer 3 VPNs are provided by Internet service providers• There is no encryption by default
Two Main Types of VPNs
Remote-access VPNs:• can use IPsec or Secure Shell
(SSL) technologies
Site-to-Site VPNs: • are based on a collection of VPN technologies called IPsec
IPsec
• A collection of protocols and algorithms used for protect IP packets• It is used for both remote-
access VPN and site-to-site VPN
IPsec Goals and the Methods
GOAL METHODES
Confidentiality Encryption
Data integrity Hashing
Peer authentication Pre-shared keys, RSA digital signatures
Antireplay Applying serial numbers to packets
ConfidentialitySymmetrical algorithms: fast and low CPU costAVOID DES
Acceptable: AES- 256
Alternatives: • RSA - asymmetric algorithm
moore secure, but there is a very high CPU cost when using key pairs to lock and unlock data
IntegrityWild-spread algorithms: MD5, SHA AVOID MD5
Acceptable: SHA-256
Alternatives: • HMAC: Hashed Message
Authentication Code: hash function + secret key• HMAC-SHA-256
Authentication
Pre-Shared Key
PSK = a password!
Out of data!
Not Secure!
RSA signatures
• RSA algorithms for encryption and
digital signatures are efficient at
higher security levels with a 3072-
bit modulus
• Smaller RSA key sizes, such as 768
or 1024, should be avoided!
PSK RSA
Deffie – Hellman algorithm
• allows two parties that have no prior knowledge of each other to jointly establish a shared secret key over an insecure channel.• This key can then be used to encrypt
subsequent communications using a symmetric key cipher.(ex.: AES)• DH exchange is asymmetrical, but the
resulting keys are symmetrical• Acceptable key size: 2048, 3072
Minimum Cryptography Recommendations
Encryption AES-128-CBC mode
Authentication RSA-3072, DSA-3072
Integrity SHA-256
Key exchange DH Group 15 (3072-bit)
One possible solution
• In practice RSA and DH are becoming less efficient every year.
• There are subexponential attacks that can be used against these
algorithms.
• DH, DSA, and RSA can be used with a 3072-bit modulus to protect
sensitive information. (High memory and CPU cost!)
• A newer alternative to public key cryptography is Elliptic Curve
Cryptography (ECC), which operates on elliptic curves over finite fields.
The main advantage of elliptic curves is their efficiency.
RSA vs ECC Comparison