IPsec:%20Internet%20Protocol%20Security

1
IPsec Internet Protocol Security

• Chong, Luon, Prins, Trotter

2
What is IPsec?

• A collection of protocols for securing Internet
  Protocol (IP) communications by encrypting and
  authenticating all IP packets1
• Progressive standard
• Defined in RFC 2401 thru 2409
• Purpose
• To protect IP packets
• To provide defense against network attacks

1 From wikipedia.org
3
What is IPsec? (cont)

• Created November 1998
• Created by the Internet Engineering Task Force
  (IETF)
• Deployable on all platforms
• Windows
• Unix
• Etc..
• Can be implemented and deployed on
• End hosts
• Gateways
• Routers
• Firewalls

4
Protection Against Attacks

• Layer 3 (network) protection
• Protects from
• sniffers by encrypting data
• data modifications by using cryptography based
  checksums
• identity spoofing, denial of service, application
  layer, and password based attacks through mutual
  authentication
• man in the middle attacks by mutual
  authentication and cryptography based keys

5
How IPsec Works

• Services
• Protocol Types
• Key Protection
• Components
• Policy Based Security
• Model Example

6
How IPsec Works Services

• Security Properties
• Non-repudiation Authentication
• Public key certificate based authentication
• Pre-shared key authentication
• Anti-replay
• Key management
• Diffie-Hellman Algorithm, Internet Key Exchange
  (IKE)
• Integrity
• Hash message authentication codes (HMAC)
• Confidentiality
• Public key cryptography

7
How IPsec Works Protocol Types

• Authentication header (AH)
• Authentication, integrity, and anti-replay
• Placed between the IP layer and the transport
  layer

8
Header Fields
Protection
9
How IPsec Works Protocol Types (cont.)

• Encapsulating security payload (ESP)
• Provides confidentiality in addition to what AH
  provides
• Has
• Header
• Trailer
• Authentication Trailer

10
Header Fields
Protection
11
How IPsec Works Components

• IPsec Policy Agent Service
• Diffie-Hellman Algorithm
• Internet Key Exchange (IKE)
• Security Association (SA)
• Phase 1 SA
• Phase 2 SA
• IPsec Driver

12
How IPsec Works Key Protection

• Key lifetimes
• Session key refresh limit
• Perfect forward security (PFS)

13
How IPsec Works Policy Based Security

• Rules
• Filter list
• Filter actions
• Policy Inheritance
• Authentication

14
How IPsec Works Model Example
15
Practical Implementations

• LANs, WANs, and remote connections
• VPNs for remote access
• Dial-up setting to private networks
• Where data security is critical
• Example Hospital with patient data
• Businesses with multiple sites

16
Suggested Readings

• http//en.wikipedia.org/wiki/IPSEC
• http//www.ietf.org/rfc/rfc2401.txt
• http//www.webopedia.com/TERM/I/IPsec.html
• http//www.microsoft.com/windows2000/techinfo/plan
  ning/security/ipsecsteps.asp
• Microsoft Windows 2000 Server TCP/IP Core
  Networking Guide