12/10/13

Internet Protocol Security(IPsec) Zeyao Su

Contents

1

12/10/13

Concept & History Security Architecture Modes of operation Cryptographic algorithms Cisco Example

Concept & History

2

12/10/13

Concept Why we use IPsec? IP datagrams have no inherent security •  IP source address can be spoofed •  Content of IP datagrams can be sniffed •  Content of IP datagrams can be modified •  IP datagrams can be replayed IPSec is a method for protecting IP datagrams •  Standardized by IETF: dozens of RFCs. •  Only sender and receiver have to be IPsec compliant

Concept

Internet Protocol Security (IPsec) is a protocol suite for s ecuring Internet Protocol (IP) communications by authenticating and encrypting each IP packet of a communication session.

IPsec is an end-to-end security scheme operating in the Inte rnet Layer of the Internet Protocol Suite

3

12/10/13

Concept

History

In December 1993, the Software IP Encryption protocol swIPe (protocol) was developed at Columbia University and AT&T Bell La bs by John Ioannidis and others.

In July 1994, Wei Xu at Trusted Information Systems continue d this research which was completed successfully on the BSDI pla tform after a few months. Wei quickly extended his development o n to Sun OS, HP UX, and other UNIX systems.

4

12/10/13

History

The IETF IP Security Protocol was developed starting in 1992 at the Naval Research Laboratory as part of a DARPA-sponsored r esearch project, with openly published drafts by 1993.

IPsec is officially standardised by the Internet Engineering Task Force (IETF) in a series of Request for Comments documents addressing various components and extensions. It specifies the spelling of the protocol name to be IPsec.

Security Architecture

5

12/10/13

Security Architecture

Authentication Header

Authentication Header (AH) is a member of the IPsec protocol suite. AH guarantees connectionless integrity and data origin authe ntication of IP packets. Further, it can optionally protect against replay attacks by using the sliding window technique and discarding old packets

6

12/10/13

Authentication Header

Next Header(8bits) :Type of the next header Payload Len(8bits) : The length of this Authentication Heade r in 4-octet units,minus 2. Reserved(16bits) : Reserved for future used(all zero until t

hen)

SPI(32bits) : Arbitrary value which is used to identify the security association of the receiving party. Sequence Number(32bits):A monotonic strictly increasing sequ ence number to prevent replay attacks. ICV(multiple of 32bits):Variable length check value.

Encapsulating Security Payload

Encapsulating Security Payload (ESP) is a member of the IPse c protocol suite. ESP also supports encryption-only and authenti cation-only configurations. ESP in transport mode does not provide integrity and authent ication for the entire IP packet. In Tunnel Mode, where the entire original IP packet is encap sulated with a new packet header added, ESP protection is afford ed to the whole inner IP packet

except the outer header.

7

12/10/13

Encapsulating Security Payload

SPI(32bits) : Arbitrary value which is used to identify the security association of the receiving party. Sequence Number(32bits):A monotonic strictly increasing sequ ence number to prevent replay attacks. Payload data(variable):The protected contents of original IP packet. Padding(0-255 octets):using for encryption. Pad Length(8bits):size of padding. Next Header(8bits):Type of the next header ICV(multiple of 32bits):Variable length check value.

Security Association

a security association is for building security functions in to IP. A security association is simply the bundle of algorithms and parameters (such as keys). Security associations are established using the Internet Sec urity Association and Key Management Protocol (ISAKMP). ISAKMP i s implemented by manual configuration with pre-shared secrets, I nternet Key Exchange (IKE and IKEv2), Kerberized Internet Negoti ation of Keys (KINK), and the use of IPSECKEY DNS. In order to decide what protection is to be provided for an outgoing packet, IPsec uses the Security Parameter Index (SPI), an index to the security association database (SADB), along with the destination address in a packet header, which together uniq uely identify a security association for that packet.

8

12/10/13

Security Association

Security Policy Database(SPD) From

To

Protocol

Port

Policy

A

B

Any

Any

AH[HMAC-MD5]

Security Association Database(SADB) From

To

Protocol

SPI

SA Record

A

B

AH

12

HMAC-MD5 key

Modes of Operation

9

12/10/13

Mode

Host mode with AH

Host mode with ESP

Tunnel mode with AH

Tunnel mode with ESP

Most common and most important

Host to Host Transport Mode

In transport mode, only the payload of the IP packet is u sually encrypted and/or authenticated. The routers are intact, s ince the IP header is neither modified nor encrypted; however, w hen the authentication header is used, the IP addresses cannot b e translated, as this will invalidate the hash value. The transp ort and application layers are always secured by hash, so they c annot be modified in any way (for example by translating the por t numbers).

10

12/10/13

Network Tunnel Mode

In tunnel mode, the entire IP packet is encrypted and/or aut henticated. It is then encapsulated into a new IP packet with a new IP header. Tunnel mode is used to create virtual private networks for network-to-network communications ( e.g. between routers to link sites), host-to-network communications (e.g. remote user access) host-to-host communications (e.g. private chat).

Packets

Original

IP header

TCP header

Transport

IP header

IPSec header

IP header

IPSec header IP header

data

TCP header

data

mode Tunnel mode

TCP header

data

11

12/10/13

Cryptographic algorithms

Cryptographic algorithms

Cryptographic algorithms defined for use with IPsec include: •  HMAC-SHA1 for integrity protection and authenticity. •  TripleDES-CBC(cipher-block chaining) for confidentiality •  AES-CBC for confidentiality. Refer to RFC 4835 for details.

12

12/10/13

Cisco Example

Cryptographic algorithms

Two-Phase protocol: phase 1 exchange: Two peers establish a secure, authenticated ch annel with which to communicate; use Main mode or Aggressive mode. There is also a Transaction Mode, that sits between Phase 1 and Phase 2. Phase 2 exchange: Security association are negotiated on behalf of Ipsec service; use Quick Mode. Each phase has its SAs: ISAKMP SA (Phase 1) and Ipsec SA(Phase 2)

13

12/10/13

Cryptographic algorithms

Cryptographic algorithms

14

12/10/13

Cryptographic algorithms

Cryptographic algorithms

15

12/10/13

Reference

Wikipedia : http://en.wikipedia.org/wiki/IPsec Cisco : http://www.cisco.com/web/about/ac123/ac147/ac174/ac197/about_cisco _ipj_archive_article09186a00800c830b.html Cisco Baidu : http://baike.baidu.com/link?url=PcYpSg3D9G1ik4gXB-MdddPfgcmByS IRbJ0ar9HDY6Sy-8Q-bV7ijk0cF4qIBMsS Author：Naganand Doraswamy，Dan Harkins

? s n

o i t es

u Q

16

12/10/13

! u o Y k

n a Th

Made By：

Zeyao Su

17