Internet Security CSCE 813 IPsec - PowerPoint PPT Presentation

1 / 34
About This Presentation
Title:

Internet Security CSCE 813 IPsec

Description:

Authenticates except for mutable fields in NEW IP hdr. Transport Mode. Tunnel Mode. IPv4 ... Authenticates except for mutable fields. CSCE 813 - Farkas. 30 ... – PowerPoint PPT presentation

Number of Views:43
Avg rating:3.0/5.0
Slides: 35
Provided by: farka1
Category:

less

Transcript and Presenter's Notes

Title: Internet Security CSCE 813 IPsec


1
Internet Security CSCE 813IPsec
2
Reading
  • Today IPSec Chapters 4, 5, 6
  • Next ClassIPSec Chapter 7

3
Benefits of IPSec
  • When implemented in a firewall or router, IPSec
    provides strong security to ALL TRAFFIC crossing
    the perimeter. Traffic within the perimeter does
    not incur security overhead.
  • Cannot be bypassed (if all traffic must go
    through the firewall implementing IPSec)
  • Transparent to applications
  • Transparent to end users

4
IP Security Architecture
RFC 2401 Overview of Security Architecture RFC
2402 Desc. Of packet authentication extension to
IPv4 and IPv6 RFC 2406 Desc. Of packet
encryption extension to IPv4 and IPv6 RFC 2408
Specification of key management capabilities
5
IPSec Document OverviewRFC 2401
6
IPSec Services
7
Security Association
  • One-way relationship
  • Identified by
  • Security parameters indes (SPI)
  • IP destination address
  • Security protocol identifier
  • Security Association Database
  • SA parameters sequence number counter, sequence
    number overflow, anti-replay window, AH
    information, ESP information, lifetime of SA,
    IPSec protocol mode, path MTU
  • Security Policy Database
  • SA selectors destination IP address, source IP
    address, UserID, Data Sensitivity Level,
    transport layer protocol, source and destination
    port

8
Modes
9
Encapsulating Security Payload(ESP)
10
ESP
  • Confidentiality Encryptor
  • Integrity Authenticator
  • Algorithm is determined by the Security
    Association (SA)
  • Each ESP has at most
  • One cipher and one authenticator or
  • One cipher and zero authenticator or
  • Zero cipher and one authenticator or
  • Disallowed zero cipher and zero authenticator or

11
ESP Protected IP packet
encrypted
Protected data
ESP Trailer
ESP header
IP header
authenticated
  • ESP goals
  • Authenticate as much information as possible
  • Allow efficient processing

12
ESP Format
IV
Payload data
Authenticity protected
Confidentiality protected
padding
Next header
Pad length
padding
13
ESP Header
  • SPI
  • Combined with the destination address and
    protocol in the preceding IP header identifies
    the SA
  • Authenticated but not encrypted
  • Sequence number
  • Used for anti-replay
  • Monotonically increasing number
  • Authenticated but not encrypted

14
Payload Data Field
  • Data to be protected
  • Length depends on the length of data to be
    protected
  • Contains
  • Initialization Vector (IV)
  • Protected Data
  • Pad
  • Pad Length
  • Next Header

15
Initialization Vector
  • Specific algorithm must define location of IV
  • DES-CBC location first 8 octets of protected data
    field
  • Authenticated but not encrypted

16
Padding
  • Needed for encryption (input data multiple of
    block size)
  • Hide actual data length
  • Padding values
  • Algorithm may specify
  • ESP default values start with 1 and
    monotonically increases
  • Used for checking proper decryption by recipient

17
Padding
  • Padding Length
  • Needed for restoring actual length of payload
    data
  • Mandatory (even if there is no padding)
  • Additional padding maybe added to provide traffic
    flow confidentiality
  • Next header
  • Defines that type of protected data
  • Transport mode type of upper-level protocol
    (e.g., TCP 6)
  • Tunnel mode 4 (IP-in-IP)

18
Authentication Data Field
  • Used for data integrity check
  • Usually keyed hash function
  • Length depends on the authentication algorithm
    defined in SA
  • If no authenticator is specified there is no
    authentication data

19
ESP Processing
  • Depends on mode in which ESP is employed
  • Both modes
  • Cipher is authenticated
  • Authenticated plain text is not encrypted
  • Outbound encryption happens first
  • Inbound authentication happens first

20
Protected Data
  • Depends on the mode of ESP
  • Transport mode Upper-layer protocol packet
  • Tunnel mode entire IP packet is protected

21
Scope of ESP Encryption and Authentication
Transport mode
Authenticate
Encrypt
IPv4
Tunnel mode
Authenticate
Encrypt
22
Outbound Processing
  • ESP header inserted into the outgoing IP packet
  • Protocol field of IP header copied into Next
    header field of ESP
  • Remaining fields of ESP filled (SPI, sequence
    number, pad, pad length)
  • Protocol number of IP header is given the value
    ESP (50)
  • Encrypt packet from the beginning of payload data
    to the next header field
  • Authenticate packet form the ESP header, through
    the encrypted ciphertext to the ESP trailer and
    insert authentication data into ESP trailer
  • Packet is routed to the destination

23
Inbound Processing
  • Check for SA of the packet
  • If no SA ? drop packet
  • Otherwise use valid SA to process the packet
  • Check sequence number
  • Invalid number ? drop packet
  • Authenticate cipher text
  • Entire packet (without the authentication data)
    is processed by the authenticator
  • Match generated data with authentication data
  • No match ? drop packet

24
Inbound Processing
  • Decrypt ESP packet (from beginning on payload to
    the next header field)
  • Check pad integrity
  • Validate ESP mode using Next header field and
    decrypted payload

25
Authentication Header
26
Authentication Header (AH)
  • Does NOT provide confidentiality
  • Provides
  • Data origin authentication
  • Connectionless data integrity
  • Prevents spoofing attack
  • May provide
  • Non-repudiation (depends on cryptographic alg.)
  • Anti-replay protection
  • Precision of authentication granularity of SA
  • Protocol number 51

27
AH Header
Reserved
Payload length
Next header
32 bit
28
Authentication Data
  • AH protects outer IP header (unlike ESP)
  • Computed by using
  • Authentication algorithm (MD5, SHA-1)
  • Cryptographic key (secret key)
  • Sender computes authentication data
  • Recipient verifies data

29
Scope of Authentication
Transport Mode
Authenticates except for mutable fields
IPv4
Tunnel Mode
Authenticates except for mutable fields in NEW IP
hdr
IPv4
30
Integrity Check Values
  • Message Authentication Code is Calculated from
  • IP header fields that either do not change in
    transit or are predictable upon arrival Fields
    that change and cannot be predicted are set to
    zero for the MAC calculation
  • AH header -- other than the authentication data
    field
  • Entire upper level protocol data
  • Note both source and destination address fields
    are protected

31
Combining Security Associations
32
SA Bundle
  • Individual SA either AH or ESP but NOT BOTH
  • Some traffic flow needs both HOW?
  • Some traffic between host and security gateway
    requires different services than flow between
    security gateways HOW?
  • Security Association Bundle
  • sequence of SAs through which traffic must be
    processed to provide a desired set of IPSec
    services
  • SAs within a bundle may terminate at different
    end points

33
SA Combinations
  • Transport adjacency
  • Applying more than one security protocol to the
    same IP packet without invoking tunneling.
  • Allows 1 level of combination (all IPSec
    processing are performed at one IPSec instance)
  • Iterated tunnelingL
  • Multiple layers of security protocols efected
    through IP tunneling
  • Multiple levels of nesting (each tunnel may
    originate and terminate at different IPSec site)
  • Combination of the two approaches above.

34
Next Class Key ManagementISAKMPExchanges
Write a Comment
User Comments (0)
About PowerShow.com