ip security - linnaeus universityhomepage.lnu.se/staff/oflmsi/da2422/chapter 6.pdf · 09-09-16 5 9...
Post on 03-Jun-2020
3 Views
Preview:
TRANSCRIPT
09-09-16
1
1
Ola Flygt Växjö University, Sweden
http://w3.msi.vxu.se/users/ofl/ Ola.Flygt@vxu.se +46 470 70 86 49
IP Security
2
Outline
Internetworking and Internet Protocols (Appendix 6A)
IP Security Overview IP Security Architecture Authentication Header Encapsulating Security Payload Combinations of Security Associations Key Management
09-09-16
2
3
TCP/IP Example
4
IPv4 Header
09-09-16
3
5
IPv6 Header
6
IP Security Overview
IPSec is not a single protocol. Instead, IPSec provides a set of security algorithms plus a general framework that allows a pair of communicating entities to use whichever algorithms the decide will provide the security appropriate for the communication.
09-09-16
4
7
IP Security Overview
Applications of IPSec Secure branch office connectivity over the
Internet Secure remote access over the Internet Establishing extranet and intranet
connectivity with partners Enhancing electronic commerce security
8
IP Security Scenario
09-09-16
5
9
IP Security Overview
Benefits of IPSec Transparent to applications (below transport
layer (TCP, UDP) Provide security for individual users
Additionally, IPSec can assure that: A router or neighbour advertisement comes from
an authorized router A redirect message comes from the router to
which the initial packet was sent A routing update is not forged
10
IP Security Architecture
IPSec documents: RFC 2401: An overview of security
architecture RFC 2402: Description of a packet
authentication extension to IPv4 and IPv6 RFC 2406: Description of a packet
encryption extension to IPv4 and IPv6 RFC 2408: Specification of key
management capabilities
09-09-16
6
11
IPSec Document Overview
12
IPSec Services
Access Control Connectionless integrity Data origin authentication Rejection of replayed packets Confidentiality (encryption) Limited traffic flow confidentiality
09-09-16
7
13
Security Associations (SA)
A one way relationship between a sender and a receiver.
Identified by three parameters: Security Parameter Index (SPI) IP Destination address Security Protocol Identifier
14
Transport Mode SA Tunnel Mode SA
AH Authenticates IP payload and selected portions of IP header and IPv6 extension headers
Authenticates entire inner IP packet plus selected portions of outer IP header
ESP Encrypts IP payload and any IPv6 extension header
Encrypts inner IP packet
ESP with authentication
Encrypts IP payload and any IPv6 extension header. Authenticates IP payload but no IP header
Encrypts inner IP packet. Authenticates inner IP packet.
09-09-16
8
15
Before applying AH
16
Transport Mode (AH Authentication)
09-09-16
9
17
Tunnel Mode (AH Authentication)
18
Authentication Header
Provides support for data integrity and authentication (MAC code) of IP packets.
Guards against replay attacks.
09-09-16
10
19
End-to-end versus End-to-Intermediate Authentication
20
Encapsulating Security Payload
ESP provides confidentiality services
09-09-16
11
21
Encryption and Authentication Algorithms
Encryption: Three-key triple DES RC5 IDEA Three-key triple IDEA CAST Blowfish
Authentication: HMAC-MD5-96 HMAC-SHA-1-96
22
ESP Encryption and Authentication
09-09-16
12
23
ESP Encryption and Authentication
24
Combinations of Security Associations
09-09-16
13
25
Combinations of Security Associations
26
Combinations of Security Associations
09-09-16
14
27
Combinations of Security Associations
28
Key Management
Two types: Manual Automated
Oakley Key Determination Protocol Internet Security Association and Key
Management Protocol (ISAKMP)
09-09-16
15
29
Internet Key Exchange (IKE)
IKE=ISAKMP+Oakley automated system for on-demand creation and
distribution of keys for enabling SA’s in large
systems in a protected manner
Typically SAs need 2 pairs of keys 2 per direction for AH & ESP
Perfect forward secrecy desired D-H
30
Oakley
A key exchange protocol based on Diffie-Hellman key exchange
Adds features to address weaknesses cookies, groups (global parameters), nonces, DH key exchange
with authentication Cookie generation criteria:
must depend on the specific parties must not be possible for anyone other than the issuing entity to
generate cookies that will be accepted by that entity cookie generation function must be fast to thwart attacks
intended to sabotage CPU resources a hash over the IP source & destination address, the UDP source
and destination ports and a locally generated secret random value
09-09-16
16
31
Oakley
Three authentication methods: Digital signatures Public-key encryption Symmetric-key encryption
32
ISAKMP Internet Security Association and Key Management Protocol
Provides framework for key management Defines procedures and packet formats to establish,
negotiate, modify, & delete SAs Independent of key exchange protocol, encryption
alg., & authentication method
Phase 1: ISAKMP peers establish bi-directional secure channel using main mode or aggressive mode
Phase 2: negotiation of security services for IPSec (maybe for several SAs) using quick mode; can have multiple Phase 2 exchanges, e.g., to change keys
09-09-16
17
33
ISAKMP
34
ISAKMP Payload Types
09-09-16
18
35
ISAKMP Exchange Types
top related