UNH-IOL IPsec Introduction Timothy Carlin May 23, 2012
tjcarlin
1 / 43
Overview What you’ll learn ipsec, IPSec, IPSEC, IPsec IPsec Architecture Protocols Algorithms USGv6 and Logo Tools
Overview
Cryptography
tjcarlin
2 / 43
What you’ll learn Overview What you’ll learn ipsec, IPSec, IPSEC, IPsec IPsec Architecture Protocols Algorithms
■ ■ ■ ■ ■
IPsec as a Technology IPsec as an Architecture What the packets look like How to read them Tools
USGv6 and Logo Tools Cryptography
tjcarlin
3 / 43
Overview ipsec, IPSec, IPSEC, IPsec What it can mean What it is Really IPsec Architecture Protocols Algorithms
ipsec, IPSec, IPSEC, IPsec
USGv6 and Logo Tools Cryptography
tjcarlin
4 / 43
What it can mean Overview ipsec, IPSec, IPSEC, IPsec What it can mean What it is Really IPsec Architecture Protocols Algorithms USGv6 and Logo
A lot! ■ Can refer to: ■
◆ ◆ ◆ ◆ ◆
Encryption Protection Keying VPNs Generic Security (Think Firewall)
Tools Cryptography
tjcarlin
5 / 43
What it is Overview ipsec, IPSec, IPSEC, IPsec What it can mean What it is Really IPsec Architecture Protocols Algorithms
■
Lots of RFCs! ◆ ◆ ◆ ◆ ◆
4301 4303 5996 4835 4945
-
IPsec ESP IKEv2 Required Algorithms Public Key Infrastructure (PKI)
USGv6 and Logo Tools Cryptography
tjcarlin
6 / 43
Really Overview
■
ipsec, IPSec, IPSEC, IPsec What it can mean What it is Really
◆ ◆
IPsec Architecture Protocols Algorithms USGv6 and Logo
Infrastructure/Guidelines/Rules to offer Protection of Network Traffic What traffic to protect How protect it
That’s it. ■ It’s not difficult! ■ But it is detailed.
■
Tools Cryptography
tjcarlin
7 / 43
Overview ipsec, IPSec, IPSEC, IPsec IPsec Architecture RFC4301 Databases Policy Entry Security Association Device Types Packet Modes Configuration Conf. Method #1 Conf. Method #2
IPsec Architecture
Protocols Algorithms USGv6 and Logo Tools Cryptography
tjcarlin
8 / 43
RFC4301 Overview ipsec, IPSec, IPSEC, IPsec IPsec Architecture RFC4301 Databases Policy Entry Security Association Device Types Packet Modes Configuration Conf. Method #1 Conf. Method #2
Defines: 1. 2. 3. 4.
Databases Modes External Behavior ...
Protocols Algorithms USGv6 and Logo Tools Cryptography
tjcarlin
9 / 43
Databases Overview
■
ipsec, IPSec, IPSEC, IPsec IPsec Architecture RFC4301 Databases Policy Entry Security Association Device Types Packet Modes Configuration Conf. Method #1 Conf. Method #2 Protocols Algorithms
Security Policy Database (SPD) ◆ ◆ ◆
■
Security Association Database (SAD) ◆ ◆ ◆
■
Stores Policies Packet Oriented Specify Action (What) Stores Algorithm Information Linked to by a Policy Specify Protection (How)
Peer Authorization Database (PAD) ◆
More on this later (Dynamic Keying)
USGv6 and Logo Tools Cryptography
tjcarlin
These Databases and the entries are completely independent, yet inextricably intertwined!
10 / 43
Policy Entry Overview ipsec, IPSec, IPSEC, IPsec IPsec Architecture RFC4301 Databases Policy Entry Security Association Device Types Packet Modes Configuration Conf. Method #1 Conf. Method #2 Protocols Algorithms
Stores items associated with processing and diverting traffic. ■ ■ ■ ■ ■ ■ ■ ■
Source/Destination (Data Endpoints) Upper Layer/Next Protocol (e.g. TCP/ICMPv6/UDP) Source/Dest Port or Protocol Type (e.g. Port 21, 80, or ICMP Type 0x80, 0x81 Direction Mode (Transport or Tunnel) Action (Bypass, Discard, IPsec) Link, Pointer, or index to SA And more.
USGv6 and Logo Tools Cryptography
tjcarlin
11 / 43
Security Association Overview ipsec, IPSec, IPSEC, IPsec IPsec Architecture RFC4301 Databases Policy Entry Security Association Device Types Packet Modes Configuration Conf. Method #1 Conf. Method #2 Protocols
Stores items associated with processing traffic for IPsec ■ ■ ■ ■ ■ ■ ■ ■
Source/Destination (Tunnel Endpoints) SPI (Security Parameter Index) Encryption Algorithm and Key Authentication Algorithm and Key Mode (Transport or Tunnel) Sequence Numbers Protocol (ESP, . . .) Timers, Counters, etc.
Algorithms USGv6 and Logo Tools Cryptography
tjcarlin
12 / 43
Device Types Overview ipsec, IPSec, IPSEC, IPsec IPsec Architecture RFC4301 Databases Policy Entry Security Association Device Types Packet Modes Configuration Conf. Method #1 Conf. Method #2 Protocols Algorithms USGv6 and Logo Tools
Two types of IPsec Devices: ■
End-Node ◆ ◆
■
Like it sounds, provides services only for itself Hosts are usually End-Nodes
Security Gateway ◆ ◆
Provides tunneled IPsec services for other devices Routers can usually be SGWs, Hosts can be, without being a router
Don’t think of these as Host/Router!! They are different, and independent device types!
Cryptography
tjcarlin
13 / 43
Packet Modes Overview ipsec, IPSec, IPSEC, IPsec IPsec Architecture RFC4301 Databases Policy Entry Security Association Device Types Packet Modes Configuration Conf. Method #1 Conf. Method #2 Protocols Algorithms USGv6 and Logo Tools Cryptography
tjcarlin
Two ways to process packets: ■
Transport Mode ◆ ◆ ◆ ◆
■
Data Occuring after IP is Encrypted End-to-End Encryption Addresses in the Clear End-Node - MUST, SGW - MAY
Tunnel Mode ◆ ◆ ◆ ◆ ◆ ◆
New IP Header Inserted (Outer/Inner) Like other tunneling End Devices Need not be aware of services End Devices Identity protected Somewhat more complicated MUST for End-Node and SGW
14 / 43
Configuration Overview ipsec, IPSec, IPSEC, IPsec
Two different methods of Configuration, or Keying:
IPsec Architecture RFC4301 Databases Policy Entry Security Association Device Types Packet Modes Configuration Conf. Method #1 Conf. Method #2 Protocols Algorithms USGv6 and Logo Tools Cryptography
tjcarlin
15 / 43
Conf. Method #1 Overview ipsec, IPSec, IPSEC, IPsec IPsec Architecture RFC4301 Databases Policy Entry Security Association Device Types Packet Modes Configuration Conf. Method #1 Conf. Method #2
Manual ■ ■ ■ ■ ■ ■
There is a lot to configure, and it’s required to support it Obviously, this leaves room for error Mostly used for debugging (though usually causes it) Should NEVER be used in production networks (keys never change!) Pay attention OSPF. Exponentially bad.
Protocols Algorithms USGv6 and Logo Tools Cryptography
tjcarlin
16 / 43
Conf. Method #2 Overview ipsec, IPSec, IPSEC, IPsec IPsec Architecture RFC4301 Databases Policy Entry Security Association Device Types Packet Modes Configuration Conf. Method #1 Conf. Method #2
Automated There is still a lot to configure! ■ Still a lot of room for error! ■ But! Once it’s configured correctly, it’s good forever. ■
Protocols Algorithms USGv6 and Logo Tools Cryptography
tjcarlin
17 / 43
Overview ipsec, IPSec, IPSEC, IPsec IPsec Architecture Protocols ESP ESP (cont.) IKEv2 IKEv2 (cont.) IKEv2 (cont.)
Protocols
Algorithms USGv6 and Logo Tools Cryptography
tjcarlin
18 / 43
ESP Overview ipsec, IPSec, IPSEC, IPsec IPsec Architecture Protocols ESP ESP (cont.) IKEv2 IKEv2 (cont.) IKEv2 (cont.)
ESP (Encapsulating Security Payload) Just a packet format ■ No handshake, no hello’s, no negotiation ■ Slides directly above IP in Transport Mode ■ Slides between two IP Headers in Tunnel Mode ■
Algorithms USGv6 and Logo Tools Cryptography
tjcarlin
19 / 43
ESP (cont.) Overview ipsec, IPSec, IPSEC, IPsec IPsec Architecture Protocols ESP ESP (cont.) IKEv2 IKEv2 (cont.) IKEv2 (cont.) Algorithms USGv6 and Logo Tools Cryptography
tjcarlin
Visible Fields ■ ■
SPI Sequence Number
Encoded Fields ■ ■ ■ ■ ■ ■ ■
IV (Initialization Vector) Payload Data TFC Padding Padding Pad Length Next Header ICV
20 / 43
IKEv2 Overview ipsec, IPSec, IPSEC, IPsec IPsec Architecture Protocols ESP ESP (cont.) IKEv2 IKEv2 (cont.) IKEv2 (cont.)
Internet Key Exchange ■ ■ ■ ■ ■
Second version of the protocol, the first was lousy Automatically negotiates algorithms and keys No need to worry about correct key length Still needs configuration Authentication is a huge deal with IKE
Algorithms USGv6 and Logo Tools Cryptography
tjcarlin
21 / 43
IKEv2 (cont.) Overview ipsec, IPSec, IPSEC, IPsec
Protocal has 3 Parts: ■
IPsec Architecture Protocols ESP ESP (cont.) IKEv2 IKEv2 (cont.) IKEv2 (cont.)
◆ ◆ ■
USGv6 and Logo
Cryptography
tjcarlin
■
Negotitate Algorithms and Keys Uses Diffie-Hellman, complicated math
Authenticate Identity of Yourself and Peer ◆ ◆ ◆
Algorithms
Tools
Protect Negotiation
Pre-Shared Keys - Password Public Key Infrastructure (PKI) - Certs EAP - Something Else
Negotiate who to protect, and how to protect ◆ ◆ ◆
Another set of Algorithms and Keys Data Endpoint - Traffic Selectors Other Things (Configuration, VPN info, Vendor IDs, ...)
22 / 43
IKEv2 (cont.) Overview ipsec, IPSec, IPSEC, IPsec IPsec Architecture Protocols ESP ESP (cont.) IKEv2 IKEv2 (cont.) IKEv2 (cont.) Algorithms USGv6 and Logo Tools Cryptography
tjcarlin
Required Configuration ■ ■
Remote Tunnel Endpoint (The other guy) Authentication Credentials ◆ ◆
Pre-Shared Key OR Certificate Chain
Optional Configuration ■ ■ ■ ■ ■ ■ ■ ■ ■ ■
Mode (Transport/Tunnel) Protected Range of Addresses Algorithm Limitations Different Identification Types SA Lifetimes Rekeying Timers Mobility Perfect Forward Secrecy Sequence Numbers Probably More! (Implementation Dependent) 23 / 43
Overview ipsec, IPSec, IPSEC, IPsec IPsec Architecture Protocols Algorithms Encryption Authentication/Integrity USGv6 and Logo
Algorithms
Tools Cryptography
tjcarlin
24 / 43
Encryption Overview ipsec, IPSec, IPSEC, IPsec IPsec Architecture Protocols Algorithms Encryption Authentication/Integrity USGv6 and Logo Tools
Required (Get used to these) 3DES-CBC ■ AES-CBC ■ NULL ■
Others AES-CTR ■ Camellia ■
Cryptography
tjcarlin
25 / 43
Authentication/Integrity Overview ipsec, IPSec, IPSEC, IPsec IPsec Architecture Protocols Algorithms Encryption Authentication/Integrity USGv6 and Logo Tools
Required (Get used to these) HMAC-SHA1 ■ HMAC-SHA256 ■ AES-XCBC ■
Others NULL ■ HMAC-MD5 ■
Cryptography
tjcarlin
26 / 43
Overview ipsec, IPSec, IPSEC, IPsec IPsec Architecture Protocols Algorithms USGv6 and Logo IPsec Test Suites IKEv2 Test Suites USGv6 and Logo USGv6 IPsec Logo IPsec What It Means
USGv6 and Logo
Tools Cryptography
tjcarlin
27 / 43
IPsec Test Suites Overview ipsec, IPSec, IPSEC, IPsec IPsec Architecture Protocols Algorithms USGv6 and Logo IPsec Test Suites IKEv2 Test Suites USGv6 and Logo USGv6 IPsec Logo IPsec What It Means
IPsec ■ ■ ■ ■ ■ ■
Conformance and Interoperability End-Node and SGW Different algorithms Different situations/topologies Only a couple error condition tests Pretty small
Tools Cryptography
tjcarlin
28 / 43
IKEv2 Test Suites Overview ipsec, IPSec, IPSEC, IPsec IPsec Architecture Protocols Algorithms USGv6 and Logo IPsec Test Suites IKEv2 Test Suites USGv6 and Logo USGv6 IPsec Logo IPsec What It Means
IKEv2 ■ ■ ■ ■ ■ ■
Conformance and Interoperability End-Node and SGW Lots of protocol testing. (Somewhere between the state-machine tests and DAD) Also tests Algorithms and situations/topologies Lots of different error condition tests Big
Tools Cryptography
tjcarlin
29 / 43
USGv6 and Logo Overview ipsec, IPSec, IPSEC, IPsec IPsec Architecture Protocols Algorithms USGv6 and Logo IPsec Test Suites IKEv2 Test Suites USGv6 and Logo USGv6 IPsec Logo IPsec What It Means
Both the USGv6 and IPv6Ready Logo Programs use the same test documents. ■ Unlike IPv6 Base, and AddrArch, with IPsec the two programs have different requirements. ■ This is something to pay attention to, depending on what the vendor is looking for. ■
Tools Cryptography
tjcarlin
30 / 43
USGv6 IPsec Overview ipsec, IPSec, IPSEC, IPsec
Conformance - All Tests Required ■ Interoperability - 3 Devices ■
IPsec Architecture
◆ ◆ ◆
Protocols Algorithms USGv6 and Logo IPsec Test Suites IKEv2 Test Suites USGv6 and Logo USGv6 IPsec Logo IPsec What It Means
■
1 End Node 1 SGW 1 More (Either Type)
This amounts to 2 Rounds
Tools Cryptography
tjcarlin
31 / 43
Logo IPsec Overview ipsec, IPSec, IPSEC, IPsec
Conformance - Most Tests Required, we test all anyway ■ Interoperability - 4 Devices ■
IPsec Architecture
◆ ◆
Protocols Algorithms USGv6 and Logo IPsec Test Suites IKEv2 Test Suites USGv6 and Logo USGv6 IPsec Logo IPsec What It Means
■
2 Transport Mode 2 Tunnel Mode
Tunnel Mode Not Required!
Tools Cryptography
tjcarlin
32 / 43
What It Means Overview ipsec, IPSec, IPSEC, IPsec IPsec Architecture Protocols Algorithms
We run everything, as much as we can ■ Then figure out what it means later ■ Sometimes end up having 5 Interop partners ■ A lot of testing is just configuration, everything is in the test suites!! ■
USGv6 and Logo IPsec Test Suites IKEv2 Test Suites USGv6 and Logo USGv6 IPsec Logo IPsec What It Means Tools Cryptography
tjcarlin
33 / 43
Overview ipsec, IPSec, IPSEC, IPsec IPsec Architecture Protocols Algorithms USGv6 and Logo Tools Setkey ip xfrm Strongswan Racoon2 Scripts
Tools
Cryptography
tjcarlin
34 / 43
Setkey Overview ipsec, IPSec, IPSEC, IPsec IPsec Architecture Protocols Algorithms USGv6 and Logo Tools Setkey ip xfrm Strongswan Racoon2 Scripts
Setkey is our favorite. ■ ■ ■ ■ ■
Linux Based (also similar on FreeBSD) Manual Configuration Display All Configuration (Manual or Auto) We have lots of experience with this, and lots of scripts to make testing easy. man setkey for more information!
Cryptography
tjcarlin
35 / 43
ip xfrm Overview ipsec, IPSec, IPSEC, IPsec IPsec Architecture Protocols Algorithms USGv6 and Logo Tools Setkey ip xfrm Strongswan Racoon2 Scripts
Similar to setkey ■ ■ ■ ■ ■
Also Linux Based Manual Configuration Display All Configuration (Manual or Auto) Configuration looks different, but has all of the same options as setkey The wiki is the best source for more info
Cryptography
tjcarlin
36 / 43
Strongswan Overview ipsec, IPSec, IPSEC, IPsec IPsec Architecture Protocols Algorithms USGv6 and Logo Tools Setkey ip xfrm Strongswan Racoon2 Scripts
Use Strongswan for IKEv2 Go-to-Device ■ ■ ■ ■ ■
Linux (of course, others too!) Well Documented Use it all the time Does everything http://wiki.strongswan.org/wiki/strongswan/IpsecConf
Cryptography
tjcarlin
37 / 43
Racoon2 Overview ipsec, IPSec, IPSEC, IPsec IPsec Architecture Protocols Algorithms USGv6 and Logo Tools Setkey ip xfrm Strongswan Racoon2 Scripts
Another IKEv2 Implementation ■ ■ ■ ■ ■
Linux (and others) Not a ton of documentation, but some Use it when you must Certificate support is not fully implemented! (No IKEv2 Interop) IOL Wiki https://tommy.iol.unh.edu/wiki/Racoon Config Help
Cryptography
tjcarlin
38 / 43
Scripts Overview
■
ipsec, IPSec, IPSEC, IPsec IPsec Architecture
■
Protocols Algorithms USGv6 and Logo Tools Setkey ip xfrm Strongswan Racoon2 Scripts
■ ■ ■
Configuration Scripts exist for almost everything that has been tested. Depending on the device and if we are using Manual Keys or IKEv2, I usually have something to make it easier, check with me before despair. When testing a new device, or a device for the first time, save the config you used for every test! Also try to save the keys that were negotiated when testing IKEv2. This is the only way we’ll be able to decrypt the packets. You’ll thank yourself later.
Cryptography
tjcarlin
39 / 43
Overview ipsec, IPSec, IPSEC, IPsec IPsec Architecture Protocols Algorithms USGv6 and Logo Tools
Cryptography
Cryptography Cryptography 401 Cryptography 401 cont. Caesar Shift
tjcarlin
40 / 43
Cryptography 401 Overview ipsec, IPSec, IPSEC, IPsec IPsec Architecture Protocols Algorithms USGv6 and Logo Tools Cryptography Cryptography 401 Cryptography 401 cont. Caesar Shift
tjcarlin
We aren’t the NSA. ■ But it’s worth it to know the basics ■
Types of Protection: Encryption Provides Confidentiality Integrity Data Unmodified Authentication Establishing Identity Hash/Checksum/CRC Weak - no key needed! Not IPsec!
41 / 43
Cryptography 401 cont. Overview ipsec, IPSec, IPSEC, IPsec IPsec Architecture Protocols
Unfortunately, Integrity and Authenticity are often used incorrectly. ■ For now, we’ll worry about Encryption, and Authentication as both Authenticity and Integrity ■
Algorithms USGv6 and Logo Tools Cryptography Cryptography 401 Cryptography 401 cont. Caesar Shift
tjcarlin
42 / 43
Caesar Shift Overview ipsec, IPSec, IPSEC, IPsec
YG OADVUSLK ideas?
IPsec Architecture Protocols
Algorithm called an Alphabetic Rotation
Algorithms USGv6 and Logo Tools Cryptography Cryptography 401 Cryptography 401 cont. Caesar Shift
Okay, but how far? Key is the Distance of rotation What is the key?
Algorithm=Rot(ation) Key=18
⇒
Rot-18
So: Y → g O → w, etc... This is a form of encryption. tjcarlin
43 / 43
