Using the IPSec Architecture for Secure Multicast Communication Thorsten Aurisch [email protected]

Christoph Karg [email protected]

Research Establishment for Applied Science Neuenahrer Straße 20 D-53343 Wachtberg, Germany

RESEARCH INSTITUTE FOR COMMUNICATION, INFORMATION PROCESSING AND ERGONOMICS

Computer Networks

KIE ICCRTS 2003 – p.1/17

Multicast Communication • Efficient data transmission from one sender to a group of receivers • Examples of usage . Briefing sessions . Database replication . Audio/video conferencing • Idea: send data once and duplicate it where necessary • Requirement: sophisticated routing infrastructure • Problem: How to secure the data traffic?

RESEARCH INSTITUTE FOR COMMUNICATION, INFORMATION PROCESSING AND ERGONOMICS

Computer Networks

KIE ICCRTS 2003 – p.2/17

Important Questions • Which scenario for group communication? • How to secure the multicast traffic? • How to manage the security settings?

RESEARCH INSTITUTE FOR COMMUNICATION, INFORMATION PROCESSING AND ERGONOMICS

Computer Networks

KIE ICCRTS 2003 – p.3/17

Scenario (Briefing Session) send receive

Receiver (1, 1)

Receiver (1, n1 )

Sender 1

Multicast Group Receiver (n, 1)

Receiver (2, 1)

Sender n

Sender 2

Receiver (n, mn )

Receiver (2, m2 )

RESEARCH INSTITUTE FOR COMMUNICATION, INFORMATION PROCESSING AND ERGONOMICS

Computer Networks

KIE ICCRTS 2003 – p.4/17

Multicast Security • Mandatory requirements . Secrecy of the data traffic . Group authentication . Source authentication . Forward/backward security • Group key exchange . Key agreement protocols collaborative key negotiation . Key distribution protocols generation & distribution via a key server

RESEARCH INSTITUTE FOR COMMUNICATION, INFORMATION PROCESSING AND ERGONOMICS

Computer Networks

KIE ICCRTS 2003 – p.5/17

Scenario (Key Exchange) Receiver (1, 1)

Receiver (1, n1 )

Key Distribution Protocol

Receiver (n, mn )

Key Distribution Protocol

Receiver (n, 1)

Key Agreement Protocol

Sender n

Sender 2

Key Distribution Protocol

Sender 1

Receiver (2, 1)

Receiver (2, m2 )

RESEARCH INSTITUTE FOR COMMUNICATION, INFORMATION PROCESSING AND ERGONOMICS

Computer Networks

KIE ICCRTS 2003 – p.6/17

Scenario Details Sender hosts • Number n ≈ 25 • Send and receive data • Connected via broadband networks • Key exchange via agreement

Receiver hosts • Number mi ≈ 10000 • Only receive data • Connected via networks with narrow bandwidth • Key distribution from a designated sender RESEARCH INSTITUTE FOR COMMUNICATION, INFORMATION PROCESSING AND ERGONOMICS

Computer Networks

KIE ICCRTS 2003 – p.7/17

Security Concept • Security: Usage of the IPSec protocol suite . Security at network layer . Multicast support . Algorithms for encryption and group authentication . But: No source authentication Hope: several IETF drafts (work in progress) • To solve: Multicast Internet Key Exchange (MIKE) . Negotiation of IPSec settings . Key exchange functionality • Goal: Development of a MIKE daemon

RESEARCH INSTITUTE FOR COMMUNICATION, INFORMATION PROCESSING AND ERGONOMICS

Computer Networks

KIE ICCRTS 2003 – p.8/17

Kernel Space

User Space

MIKE as part of the IPSec framework Application

IKE

AF_INET6

TCP

UDP

MIKE PF_KEY 2

SAD

SPD

MSAD

IPv6 Unicast/Multicast IPSec HF ISDN Ethernet

RESEARCH INSTITUTE FOR COMMUNICATION, INFORMATION PROCESSING AND ERGONOMICS

Computer Networks

KIE ICCRTS 2003 – p.9/17

MIKE Design Goals • Two objectives: . Prototypical implementation . Simulation environment • Special focus on military environments . Narrow bandwidth (wireless communication) . Emission control (EMCON) • Design criteria . Separation of key management and application . Robust exchange protocols . Extensibility . Independency from multicast routing mechanisms . Usage of existing standards as far as possible RESEARCH INSTITUTE FOR COMMUNICATION, INFORMATION PROCESSING AND ERGONOMICS

Computer Networks

KIE ICCRTS 2003 – p.10/17

MIKE Architecture

Group Policy Database

MIKE daemon Key Manager Group 1

Key Manager Group n

Group Management Framework

Message Dispatcher

PF_KEY 2

TCP

UDP

RESEARCH INSTITUTE FOR COMMUNICATION, INFORMATION PROCESSING AND ERGONOMICS

Computer Networks

KIE ICCRTS 2003 – p.11/17

Message Dispatcher • Task: transmission of key exchange messages • Prototypical implementation . Connection to the Internet . Configuration of IPSec kernel module • Simulation environment Group Policy Database

MIKE daemon

. Simulation of packet loss, delays, etc.

Key Manager Group 1

Key Manager Group n

. Visualization of key exchange protocols

Group Management Framework

Message Dispatcher

PF_KEY 2

TCP

UDP

RESEARCH INSTITUTE FOR COMMUNICATION, INFORMATION PROCESSING AND ERGONOMICS

Computer Networks

KIE ICCRTS 2003 – p.12/17

Group Management Framework • Task: Multicast IPSec management of the host • Group access control • Invocation/termination of key managers • Key exchange message distribution

Group Policy Database

MIKE daemon Key Manager Group 1

Key Manager Group n

Group Management Framework

Message Dispatcher

PF_KEY 2

TCP

UDP

RESEARCH INSTITUTE FOR COMMUNICATION, INFORMATION PROCESSING AND ERGONOMICS

Computer Networks

KIE ICCRTS 2003 – p.13/17

Key Manager • Task: negotiation of IPSec settings for one multicast group • Host authentication and digest validation • Sender mode . Key agreement with other senders . Receiver management

Group Policy Database

MIKE daemon Key Manager Group 1

Key Manager Group n

• Receiver mode

Group Management Framework

. Requesting IPSec settings from the designated sender

Message Dispatcher

PF_KEY 2

TCP

UDP

RESEARCH INSTITUTE FOR COMMUNICATION, INFORMATION PROCESSING AND ERGONOMICS

Computer Networks

KIE ICCRTS 2003 – p.14/17

Group Policy Database • Task: provision of security relevant information • Type of information dependent on the accessing component . Filtering rules message dispatcher . Group access policy Key Manager group management framework

Group Policy Database

MIKE daemon Key Manager Group 1

Group n

Group Management Framework

. User access control, authentication data key manager

Message Dispatcher

PF_KEY 2

TCP

UDP

RESEARCH INSTITUTE FOR COMMUNICATION, INFORMATION PROCESSING AND ERGONOMICS

Computer Networks

KIE ICCRTS 2003 – p.15/17

Implementation Details • Object oriented approach (C++) • Open source operating system . Debian Linux . USAGI IPv6/IPSecurity kernel patch • Development tools . GNU Tools (gcc, make, etc.) . Standard Template Library . Crypto++ Library • Roadmap: . First prototype at the end of 2003 . Simulation environment in 2004 RESEARCH INSTITUTE FOR COMMUNICATION, INFORMATION PROCESSING AND ERGONOMICS

Computer Networks

KIE ICCRTS 2003 – p.16/17

Conclusion • Scenario: Briefing sessions • Security via IPSec architecture • Setup via Multicast Internet Key Exchange

RESEARCH INSTITUTE FOR COMMUNICATION, INFORMATION PROCESSING AND ERGONOMICS

Computer Networks

KIE ICCRTS 2003 – p.17/17