Title: Mehrdad Nourani
1Data Network Security
2Session 17
3- Review of
- TCP/IP Model and Features
4Why TCP/IP Is Preferred?
- Originated in ARPA protocol
- Simplified protocol stack
- Funded by the US government in early years
- Supported in Berkeley Unix (a free OS)
- Higher speed, lower price and more availability
5Some of Protocols in TCP/IP Suite
6Who Standardizes TCP/IP?
- The Internet Society
- Has both organizational and individual members
- Gets technical advice from the Internet
Architecture Board (IAB ) - The IAB standardizes the protocols used on the
Internet - Specification documents are called Requests for
Comments (RFCs). - IAB oversees the Internet Engineering Task Force
(IETF ) - Goal Standardization as a part of implementation
- Working documents are called Internet Drafts
- Divided into working groups focused on specific
standards
7Who Standardizes TCP/IP? (cont.)
- Overall responsibility for names and IP
addresses ICANN - IP addresses American Registry for Internet
Numbers (ARIN) - Domain names Network Solutions, Inc. and many
other registrars - Numerical parameters Internet Assigned Numbers
Authority (IANA)
8Internetworking (When One is not Enough)
- Why not have a single physical network for the
entire planet? - Requires centralized coordination
- Difficult to integrate heterogeneous networks
- Growth by scaling difficult (impossible?)
- Alternative Interconnected networks that look
like a single network
9Internetworking Layer by Layer
- Layer 1 internetworking Goal is to connect two
similar physical networks so that they function
as one - Typical internetworking device Repeating hub
- Layer 2 internetworking Connect two (possibly
dissimilar) physical networks so that traffic
flows from one to the other only if necessary - Typical internetworking devices Bridge, Layer 2
switch - Layer 3 internetworking Goal is to connect
diverse networks so that layers above the network
layer see only a single large network - Typical internetworking devices Router , Layer3
switch - Layer 4 internetworking Filter applications and
network addresses to limit access - Typical internetworking device Firewall
10Internetworking in the OSI Model
11Internetworking Modes
- There are two basic modes of internetworking at a
particular protocol layer - 1. Protocol Translation
- The Protocol Data Units (PDUs) of network A are
replaced with network B PDUs - Example A bridge (Layer 2 internetworking
device) between an Ethernet LAN and a token-ring
LAN removes the Ethernet framing and encapsulates
the contents of each Ethernet frame in token-ring
frames - Problems arise when networks A and B offer
dissimilar services
12Internetworking Modes (cont.)
- 2. Protocol Encapsulation
- At an edge node between two dissimilar networks,
A and B, the network-layer protocol data units
(PDUs) of network A are encapsulated in PDUs of
network B - Encapsulation nearly always works, so it is the
IETFs usual approach for implementing IP in a
non-IP network - Example IP over ATM
- Disadvantage Large overhead
13The Internet Protocol (IP)
- The vision A virtual network, This is as
important as virtual memory and networked (i.e.,
virtual) file systems - Modern memory and file systems present the same
user interface, regardless of - The physical location of the data
- The technology used to access the data
- Design goal for a virtual network
- Make hosts on other physical networks look and
feel as if they were on the same physical network
as your computer - The worlds most important data network protocol
- If your network speaks IP, you can talk to
networks anywhere
14Main Features of IP
- IP (Internet Protocol)
- Layer 3 (network)
- End-to-end encapsulation thus, hardware details
are hidden - Datagrams do not have to be explicitly routed
- Routing is performed hop-by-hop for each
datagram, not end-to-end over a path set up in
advance - Transparent, connectionless, unreliable datagram
transport - No flow control
15Main Features of TCP
- TCP (the Transmission Control Protocol )
- Layer 4 (transport) thus, Hides network details
- Transparent, connection-oriented, reliable stream
transport - Flow and congestion control
- Sequence numbers and sliding windows
- Insensitive to details of routing
16TCP and UDP
- TCP (Transmission Control Protocol)
- connection-oriented
- Reliable packet delivery in sequence
- UDP (User Datagram Protocol )
- connectionless (datagram)
- Unreliable packet delivery
- Packets may arrive out of sequence or duplicated
17TCP/UDP Standard
- TCP
- RFC 793, RFC 1122
- Outgoing data is logically a stream of octets
from user - Stream broken into blocks of data, or segments
- TCP accumulates octets from user until segment is
large enough, or data marked with PUSH flag - Data marked with URGENT flag causes user to be
signaled - Similarly, incoming data is a stream of octets
presented to user - Data marked with PUSH flag triggers delivery of
data to user, otherwise TCP decides when to
deliver data - UDP
- RFC 768
- Connectionless, unreliable, Less overhead
- Simply adds port addressing to IP
- Checksum is optional
18Fragmentation and Reassembly
- Networks may have different maximum packet size
- Router may need to fragment datagrams before
sending to next network - Fragments may need further fragmenting in later
networks - Reassembly done only at final destination since
fragments may take different routes
19Encapsulation in TCP/IP
20A Decoded Ethernet Frame
21Role of IP
- IP provides functionality for interconnecting end
systems across multiple networks. - IP should be implemented in each end systems and
routers in between - Higher level data at a source are encapsulated in
an IP data unit (PDU) for transmission - E.g. in TCP/IP, the source IP layer attaches a
header that specifies destination global address.
If destination is in another subnetwork, in the
router the IP hands its data to LLC (Logical Link
Control) and later to MAC (Medium Access Control)
layer that can be forwarded to the next router.
22Configuration of TCP/IP
23IP Headers
24IPv6 Packet with Extension Headers
25Routing What Makes Internet Possible
- Routers are specialized computers that forward
datagrams - Each network connected to the router communicates
through a dedicated physical or logical network
interface - Many types exist
- Store and forward (e.g., general-purpose
computer) - Routing switch (ASIC forwarding engines, switch
fabric)
26What Makes Routing Successful
- 1. The Robustness
- Principle (quoted from RFC 1123)
- At every layer of the protocols, there is a
general rule whose application can lead to
enormous benefits in robustness and
interoperability - Be liberal in what you accept, and
conservative in what you send
27What Makes Routing Successful
- 2. Scalability
- A system that is designed to support growth to an
arbitrarily large size without degradation of the
services that it offers is called scalable - For a network, size number of hosts or users
- The Internet Protocol (v4) has allowed the
construction of a global, heterogeneous network
of moderately large size by distributing the
control - The challenge for future protocols, systems and
applications is to provide for scalability of the
global Internet to a much larger size than it has
at present
28 29Operation of TCP/IP
30Operation of TCP/IP (cont.)
31Operation of TCP/IP At Sender Side
32Operation of TCP/IP At Router
33Operation of TCP/IP At Receiver
34Packet Switch (Datagram Approach)
- Data transmitted in short blocks, or packets
- Packet length lt 1000 octets
- Each packet contains user data plus control info
(routing) - Store and forward
- Advantages
- flexibility, resource sharing, robust, responsive
- Disadvantages
- Time delays in distributed network, overhead
penalties - Need for routing and congestion control
35Packet Switch (Virtual Circuit Approach)
- Frame relay and ATM are variants of
packet-switching - Datagram
- Each packet sent independently of the others
- No call setup
- More reliable (can route around failed nodes or
congestion) - Virtual circuit
- Fixed route established before any packets sent
- No need for routing decision for each packet at
each node
36 37IP Security
- Internet community has considered some
application specific security mechanisms, e.g. - Electronic Mail (S/MIME, PGP)
- Client-Server communication (Kerberos)
- Web Access (Secure Socket Layer SSL/HTTPS)
-
- however there are security concerns that cut
across protocol layers, e.g. - IP spoofing intruders create packets with false
IP address and exploit applications that use
authentication based on IP - Packet sniffing attackers read transmitted
information including logon information and
database contents - would like security implemented by the network
for all applications
38IPSec
- general IP Security mechanisms
- provides
- authentication
- confidentiality
- key management
- applicable to use over LANs, across public
private WANs, for the Internet. Examples - Secure branch office connectivity over the
Internet - Secure remote access over the Internet
- Establishing Extranet/Intranet connectivity with
partners - Enhancing electronic commerce security
39IPSec Principal Features
- encrypts and/or authenticate all traffic at the
IP level. Thus all distributed applications will
benefit, such as - logon, client-server, email, file transfer, web
access - is implemented in a firewall or router and
provides strong security that can be applied to
all traffic crossing the perimeter. - when implemented in a firewall is resistant to
bypass if all traffic from the outside must use
IP. - In routing applications, IPSec ensures that a
router advertisement comes from a legitimate
router and a routing update (or a redirect
message) is not forged.
40IPSec Uses
Individual security (when needed)
41Benefits of IPSec
- in a firewall/router provides strong security to
all traffic crossing the perimeter - Typically, IPSec
- encrypt/compress data going into WAN
- decrypt/decompress traffic coming from WAN
- is resistant to bypass (affects all traffic with
no exception) - is below transport layer (TCP, UDP), hence
transparent to applications (e.g. servers and
workstations in LAN) - can be transparent to end users
- can provide security for individual users if
desired - can be also used in routing applications to make
sure that a new router is authorized in the
neighborhood.
42IP Security Architecture
- specification has become quite complex
- defined in numerous RFCs
- including RFC 2401/2402/2406/2408
- many others, grouped by category
- mandatory in IPv6, optional in IPv4
- Security features are implemented as extension
headers that follow the main IP header
43IPSec Services
- Access control
- Connectionless integrity
- Data origin authentication
- Rejection of replayed packets
- a form of partial sequence integrity
- Confidentiality (encryption)
- Limited traffic flow confidentiality
Encapsulating Security Payload Protocol
Authentication Header Protocol
44Security Associations (SA)
- SA is a one-way relationship between sender
receiver that affords security services to the
traffic carried on it - defined by 3 parameters
- Security Parameters Index (SPI) (carried in
SA/ESP headers) - IP Destination Address (endpoint of the SA)
- Security Protocol Identifier (says if SA is an AH
or ESP) - The IP destination address is in IPv4/IPv6 header
and SPI in the enclosed extension header (AH or
ESP) - SA has a number of other parameters (see book)
- sequence number, sequence counter overflow,
Anti-replay window, AH info, ESP info, lifetime,
protocol mode, etc. - Through these parameters, authentication and
privacy are specified independent of specific
key-management mechanism. - have a database of Security Associations (see
details of Security Policy Database (SPD) in the
textbook).
45Transport and Tunnel Modes
- Transport Mode
- Used for end-to-end communications (e.g. two
workstations or a client and a server) - ESP encrypts and optionally authenticate the IP
payload but not the IP header - AH authenticate the IP payload and selected
portions of the IP header - Tunnel Mode
- Used when one or both ends of communication is a
security gateway such as a firewall or a router
that implements IPSec. - The entire original (inner) packet travels
through tunnel and no router along the way is
able to examine the inner IP header - After AH and ESP fields are added to IP packet,
the entire packet plus security fields is treated
as the payload of new outer IP packet with a
new outer IP header.
46Transport and Tunnel Modes (cont.)
47Transport Tunnel Modes
- Uses Transport mode, e.g.
- Workstation and server share a protected secret
key
- Uses Tunnel mode, e.g.
- to access the entire internal network or
- because the requested server does not support the
authentication feature.
48Authentication Header (AH)
- provides support for data integrity
authentication of IP packets - end system/router can authenticate
user/application - prevents address spoofing attacks by tracking
sequence numbers (spoofing is the creation of
TCP/IP packets using somebody else's IP address.
Then, the responses may be directed to the
attacker). - The authentication Data field holds a value
referred to as Integrity Check Value (ICV) which
is based on use of a MAC - HMAC-MD5-96 or HMAC-SHA-1-96
- parties must share a secret key
49Authentication Header
(identifies a security association)
(A counter value up to 232 for one SA to provide
anti-replay function)
(also called ICV-96 bits)
50Scope of AH Authentication
- Transport Mode AH
- In IPv4, AH is inserted after the original IP
header and before the IP payload. - In IPv6, AH is viewed as an end-to-end payload,
i.e. it is not examined or processed by
intermediate routers - In both IPv4 and IPv6, authentication covers the
entire packet, excluding mutable fields that are
set to zero for MAC calculation
(dest options extension header can be before or
after AH)
51Scope of AH Authentication (cont.)
- Tunnel Mode AH
- Entire IP packet is authenticated
- AH is inserted between the original IP header and
a new outer IP header - The inner header has source / destination
addresses - The outer header has address of firewall or other
security gateways - Entire inner IP packet, including the entire IP
header, is protected by AH
52Encapsulating Security Payload (ESP)
- provides message content confidentiality
limited traffic flow confidentiality - can optionally provide the same authentication
services as AH - supports range of ciphers, modes, padding
- including DES, 3-key triple-DES, RC5, 3-key
triple-IDEA, CAST, etc. - CBC most common
- pad to meet block-size, for traffic flow
53Encapsulating Security Payload
(To prevent replay attack)
- - Transport mode transport level segment
- Tunnel mode IP packet
(also called ICV computed over ESP packet minus
Authentication Data field)
54Transport vs. Tunnel Mode ESP
- transport mode is used to encrypt optionally
authenticate IP data - data protected but header left in clear
- attacker can do traffic analysis
- good for ESP host to host traffic
- tunnel mode encrypts entire IP packet
- add new header for next hop
- good for virtual private networks (VPNs), gateway
to gateway security
55Transport vs. Tunnel Mode ESP (cont.)
- Transport Mode
- Encryption (and optionally authentication) is
provided directly between two hosts. - Tunnel Mode
- E.g. Four private networks are interconnected
across the Internet. Hosts use internet to
communicate among themselves only. The tunnel and
security gateway do not allow hosts to interact
with other Internet-based hosts.
56Scope of ESP Encryption Authentication
- Transport Mode ESP
- In IPv4, ESP header is inserted after the
original IP header and before the transport layer
header (e.g. TCP, UDP, ICMP). - In IPv6, ESP is viewed as an end-to-end payload,
i.e. it is not examined or processed by
intermediate routers - In both IPv4 and IPv6, authentication covers the
cipher plus the ESP header - The destination node examines and processes the
IP and extensions headers. Then based on SPI in
ESP header, decrypts the remainder of packet to
recover transport-layer segment.
ESP
Used if authentication is selected
ESP Trailerpadding, pad length, next header
57Scope of ESP Encryption Authentication (cont.)
- Tunnel Mode ESP
- Entire IP packet is authenticated
- ESP is inserted between the original IP header
and a new outer IP header - The new header provides information for routers
for routing but not for traffic analysis - Packet plus ESP trailer is encrypted
- The destination firewall examines and processes
the outer IP header plus any extension headers.
Then based on SPI in the ESP header decrypts the
packet and then send it to the internal network.
ESP
58Combining Security Associations
- An individual SA can implement either the AH or
ESP but not both - to implement both need to combine SAs
- form a security bundle
- have 4 cases that must be supported by compliant
IPSec hosts (e.g. workstations and servers) or
security gateways (e.g. firewall, router).
59Combining Security Associations
Security is provided between any two system with
IPSec (sharing secret key)
Cases (1) and (2) are combined
Security is provided only between gateways
(routers, firewalls, etc.)
Case (1) plus support for a remote host to reach
firewall and server behind it
60Key Management
- handles key generation distribution
- typically need 2 pairs of keys
- transmit for AH transmit for ESP
- receive for AH receive for ESP
- manual key management
- System admin manually configures every system
- automated key management
- automated system for on demand creation of keys
for SAs in large systems - Default automated key management protocol for
IPSec is referred to as ISAKMP/Oakley elements
61Oakley
- a key exchange protocol
- based on Diffie-Hellman (DH) key exchange
- adds features to address weaknesses
- It employs a mechanism known as Cookies to solve
clogging attack (to solve pseudorandom numbers
problem) - It enables two parties to negotiate a group (to
set global parameters for Diffie-Hellman key
exchange) - It uses nonces to ensures against replay attacks
- It enables DH key exchange with authentication
(to solve the man-in-the-middle attack) - can use arithmetic in prime fields or elliptic
curve fields - See book for examples.
62ISAKMP
- ISAKMP stands for Internet Security Association
and Key Management Protocol - defines procedures and packet formats to
establish, negotiate, modify, delete security
associations (SAs) - The payload format, defined by ISAKMP, provides
framework for key management independent of - key exchange protocol
- encryption algorithm
- authentication method
63ISAKMP
(A pseudorandom number)
(unique ID for this message)
(header plus payload in octets)
64ISAKMP Payload Types
65ISAKMP Message Exchange Types
66ISAKMP Message Exchange Types (cont.)
67Summary
- have considered
- IPSec security framework
- AH
- ESP
- key management Oakley/ISAKMP