1
CMPT 471Networking II
Authentication and Encryption
© Janice Regan, 2006-2013
2© Janice Regan, 2006-2013
3© Janice Regan, 2006-2013
IPsec usage Host to host
May use transport mode May use tunnel mode
Security Gateway to Security Gateway Must use tunneling
Host to/from security gateway For traffic destined to security gateway (for example
SNMP message) the gateway is operating as a host and transport mode may be used
Otherwise, if the gateway is operating as a gateway tunneling mode must be used
4© Janice Regan, 2006-2013
IPv4 packet: Transport mode Authentication
IPv4 packet: Tunnel mode Authentication
IPv4 AH Authentication
authenticated
Partially authenticated
IPv4 header
TCP header
TCP dataAuthentication
header
IPv4tunnel header
authenticatedPartially authenticated
IPv4 header
TCP header
TCP dataAuthentication
header
5© Janice Regan, 2006-2013
AH authentication algorithms
HMAC with MD5 RFC 2403HMAC with SHA-1 RFC 2404
6© Janice Regan, 2006-2013
Transport Mode
Tunnel Mode
IPsec: ESP
New IP
header
TCP
header
TCP
data
IP
header
ESP
header
ESP
trailer
ESP
auth
encrypted
authenticated
Not encrypted or
authenticated
TCP
header
TCP
data
IP
header
ESP
header
ESP
trailer
ESP
auth
7© Janice Regan, 2006-2013
ESP authentication algorithms
HMAC with MD5 RFC 2403HMAC with SHA-1 RFC 2404
Null Authentication
8© Janice Regan, 2006-2013
ESP encryption algorithms
DES in CBC mode RFC 2405Null Encryption
9© Janice Regan, 2006-2013
Security Associations (1) An SA describes one simplex connection.
If you are using both AH and ESP you need one SA for each.
For two way communication you need one SA for each direction
Three parameters used to uniquely define a security association (SA). destination address security protocol (AH or ESP) Security parameters index (SPI)
10© Janice Regan, 2006-2013
Security Association (2) SAs are stored in a database The SAD
(Security Associations Database) also includes the following information: Mode of communication (transport or tunnel) Sequence Number Counter Anti-Replay Window: to determine whether an
inbound AH or ESP packet is a replay. AH Authentication algorithm type, keys, etc.
OR ESP Encryption algorithm and / or authentication, algorithm types, keys etc.
Lifetime of this Security Association
11© Janice Regan, 2006-2013
Encryption Source uses an encryption key and a particular
encryption algorithm to encrypt the data The data is inserted into a packet and sent to the
receiver The receiver uses a decryption key to decrypt the data.
If the keys match the decrypted data is readable otherwise it is not.
The keys may be secret or private keys, or public keys Private key encryption is often used for long messages
public key encryption for short messages. Short messages may include sending private keys in preparation for transmission of longer messages.
12© Janice Regan, 2006-2013
Secret or private keys
Private or secret keys are known only by the sender and receiver. The decryption key is the same as or derivable from the encryption key.
Secret key encryption may also be called symmetric encryption because the same key can be used in both directions
High security, difficult to decrypt without the key.
13© Janice Regan, 2006-2013
Secret or private keys
Requires many keys (one for each pair of users)
Uses an efficient encryption algorithm Popular example DES, data encryption
standard How do you distribute keys?
Use public key encryption A central distribution centre
14© Janice Regan, 2006-2013
Public keys (1)
Each user has a public key and a private key Fewer keys needed (pair for each user, not each
pairing of users). Public key is used to encrypt the message,
private key is used to decrypt the message. Private key is not easily derivable from the public key
Sender encrypts using the receiver’s public key Only receiver can decrypt using its own private
key RSA is an example of this approach.
15© Janice Regan, 2006-2013
Public keys (2)
Encryption/Decryption process is more computationally intensive than private key encryption
Must verify (authenticate) announced public key of a user
Verification may be done by a central authority (pairs users and keys and issues certificates)
16© Janice Regan, 2006-2013
Digital Signature
Used for authentication, integrity and non repudiation (anti replay)
Use private key encryption to sign (encrypt the document or digest) the packet.
Use public key to verify signature (decrypt the document). Since only the sender knows its private key this provides authentication
17© Janice Regan, 2006-2013
Digital Signature A message signed using a senders private
key (known only by that user) indicates that the message comes from that user
Changes to the message between the sender and the receiver require knowledge of the private key, or they will in all likelihood render the message unreadable at the destination
Signature alone does not provide confidentiality, anyone can decrypt using the senders public key
18© Janice Regan, 2006-2013
Digital Signature
Used for authentication, integrity and non repudiation
Can sign entire document or digest of the document. Algorithms such as SHA1 and MD5 are
used to make digests of the document Can sign the digest rather than the whole
document
19© Janice Regan, 2006-2013
Digital Signature To sign the digest rather than the whole
document The sender uses a hash function to produce
a digest of the document with a fixed size Usually use MD5 (message digest 5) or
SHA-1 (secure hash algorithm 1) The sender encrypts the digest with her
private key The sender sends the document including
the encrypted digest
20© Janice Regan, 2006-2013
Digital Signature To sign the digest rather than the whole
document The receiver creates a digest of the document
using the same algorithm as the sender The receiver decrypts the digest appended to
the document using the senders public key The receiver compares the calculated digest
to the decrypted digest from the received message. They must match for the signature to be valid
21© Janice Regan, 2006-2013
With VPN New encapsulation Shared keys (all users behind VPN use
same key) Dangerous (one user can hijack traffic, can
have man in the middle attack)