Distributed Systems Security Protocols (Network-/Transport Layer)

Dr. Dennis Pfisterer Institut für Telematik, Universität zu Lübeck http://www.itm.uni-luebeck.de/people/pfisterer

Overview • Until now – Security on Different Layers – Security on Physical & Data-Link Layer • Mostly security in wireless networks • Bluetooth, GSM / GPRS / UMTS, Wireless LANs

• Today – Security on Network & Transport Layer – IPsec – Secure Sockets Layer (SSL) / Transport Layer Security (TLS) Security - 07c Network and Transport Layer

#2

Why is IP unsecure? Attack Security Objective Traffic-Analysis Anonymity Message Interception Confidentiality Modification of Messages Integrity Discard messages / Availability (Denial-of-Service attack) TTL-Field modification IP-address spoofing Authenticity Security - 07c Network and Transport Layer

#3

IPsec

IPsec

HTTP

FTP

SMTP

TCP

• IPsec = IP security – Initiated 1994 by Internet Architecture Board (IAB) – Reaction to increasing attacks on IP (IP Spoofing,…) – Addition to IPv6, integral part of IPv6

IP / IPsec

• Defined in numerous RFCs – Architecture, Authentication, Confidentiality, and Key Management/Distribution – RFC 4301: Security Architecture for the Internet Protocol – RFC 4302: IP Authentication Header – RFC 4303: IP Encapsulating Security Payload (ESP) – RFC 4306: Internet Key Exchange (IKEv2) Protocol Security - 07c Network and Transport Layer

#5

Fundamentals & Concepts

Protocols

Algorithms

Architecture (RFC 4301)

ESP (RFC 4303)

AH (RFC 4302)

Encryption (RFC 2405)

Authentication (RFC 2404)

DOI (RFC 2407)

Key Management DOI: Domain of Interpretation

ISAKMP, IKE, others Security - 07c Network and Transport Layer

#6

IPsec • Security service on ISO/OSI-Layer 3 (network) – Typically supplied by the operating system – Transparent for applications (can remain unchanged)

• Often used for Virtual Private Networks (VPNs) – Secure data transmission over unsecure Internet links – Interconnection of different organization-internal networks – Cost-effective interconnection means Security - 07c Network and Transport Layer

#7

IPsec application examples

Security - 07c Network and Transport Layer

#8

IPsec architecture • Security mechanisms implemented using IP Extension Header • Two types

– Authentication Header (AH) – Encapsulating Security Payload Header (ESP)

• Implemented security services AH

ESP (w/o auth.)

ESP (with Auth)

Access Control

✪

✪

✪

Integrity (connection-less)

✪

✪

Authentication

✪

✪

Replay-Mitigation

✪

✪

✪

Confidentiality

✪

✪

Traffic Flow Confidentiality

✪

✪

Security - 07c Network and Transport Layer

#9

Modes of Operation • Both, AH and ESP, can be used in to different ways – Transport mode – Tunnel mode

• Transport mode – Only the packets payload is treated / secured – Mostly used for point-to-point communication – E.g., VPN access for mobile users

• Tunnel mode – The full IP packet (incl. header) is treated / secured – Provide a virtual "secure hop" between two gateways – Mostly used to interconnect networks Security - 07c Network and Transport Layer

#10

Modes of operation: Tunnel vs. Transport Transport Mode

Tunnel Mode

AH

Authenticates full inner IP Authenticated IP payload and packets and (parts of ) the outer (parts of ) the IP header. IP header.

ESP (w/o auth.)

Encrypts IP payload and all IP extension headers following the ESP header.

Encrypts the full inner IP packet.

ESP (with Auth.)

Like ESP w/o auth but with additional authentication of the IP payload.

Encrypts and authenticates inner IP packet.

Security - 07c Network and Transport Layer

#11

Authentication Header • Authentication based on Message Authentication Code (MAC) – Required algorithms: MD5 and SHA-1

• Example of AH in tunnel mode:

New IP header

Extension headers

AH

IP header

Extension Headers (if present)

TCP header

Data

Orig. IP header

Extension Headers (if present)

TCP header

Data

Authentication protected (excluding those modified in transit, such as TTL or header checksum) Security - 07c Network and Transport Layer

#12

AH Protokoll • AH adds an extension header to IP datagrams – Security Parameter Index : identifies security association (details later); basically indicates which algorithms and keys are used – Sequence number to avoid replay attacks – Authentication data: MAC value authenticating payload and all non-volatile IP header fields 0

8

16

Next Header

Payload Length

Reserved

31

Security Parameters Index (SPI) Sequence Number Authentication Data (variable length) Security - 07c Network and Transport Layer

#13

AH: Transport & Tunnel Mode • AH in transport mode Original IP Header

AH (Len, SPI, SeqNo, MAC)

Payload (e.g., TCP, UDP, ICMP)

MAC scope (alle unveränderlichen Felder)

• AH in tunnel mode Outer IP Header

AH (Len, SPI, SeqNo, MAC)

Inner IP Header

Payload (e.g., TCP, UDP, ICMP)

MAC scope (alle unveränderlichen Felder)

Security - 07c Network and Transport Layer

#14

0

IPSec and IP

Vers ion

Hdr Len

8

16

Type of Service

Total Length

Identification TTL

31

Flag s

Protocol

Fragment Offset Header Checksum

Source Address Destination Address Options & Padding Data (