IPv6 Security
110 Long Module on Security
IPv6 Security 1
Copy …RightsIPv6 Deployment and Support
py g
Thi lid t i th hi f th 6DISSThis slide set is the ownership of the 6DISS project via its partnersThe Powerpoint version of this material may beThe Powerpoint version of this material may be reused and modified only with written authorizationauthorizationUsing part of this material must mention 6DISS courtesyyPDF files are available from www.6deploy.orgLooking for a contact ?g
Mail to : [email protected] [email protected]
IPv6 Security 2
ContributorsIPv6 Deployment and Support
János Mohácsi, NIIF/HUNGARNET - HungaryO OOctavio Medina, Octavio Medina, Laurent Toutain, ENSTBernard Tuy, Jérôme Durand, Emmanuel Goiffon,Bernard Tuy, Jérôme Durand, Emmanuel Goiffon, RenaterPeter Kirstein, Steve Hailes, Piers O’Hanlon, UCLWolfgang Fritsche IABGWolfgang Fritsche, IABGJim Bound, Hewlett PackardPatrick Grostete, ArchrockPatrick Grostete, ArchrockMohsen Souissi, AFNICAlain Durand, Sun Microsystems Bill M i ISIBill Manning, ISIAlain Baudot, France Telecom R&DAnd many others
IPv6 Security 3
And many others
Table of ContentsIPv6 Deployment and Support
Introduction to Security Problems - 5The Security Threats - 24Mobile Computing and Access Control - 30Cryptographically Generated Addresses - 39Personal Area Networks - 44Unauthorized Access and Firewalls - 51Other threats - 62Transition mechanisms problems - 69Securing the Infrastructure with IPSEC - 73gConclusions and References – 85A short version - 88
IPv6 Security 4
IPv6 Security
Introduction to Security Problems
IPv6 Security 5
IntroductionIPv6 Deployment and Support
Security – isn’t it all solved?Conventional threatsWireless systems nowA i i f th f tA vision of the futureProtection nowProtection in the future
IPv6 Security 6
So what’s the big problem?IPv6 Deployment and Support
g pWe have firewalls and Intrusion Detection Systems – so we’re safe from outside attack VPNs, RADIUS, SSH, etc. allow secure remote accessPKI can be used to determine identityS/MIME PGP t t ilS/MIME or PGP protects mailSSL/TLS protects web accessVi i i ff tiVirus scanning is effectiveSecurity patches can be applied centrally – SMSIPv6 has complete built-in securityand it’s always sunny outside, pink bunnies play h il i t t ll ki d t ld l di
IPv6 Security 7
happily in streets, all are kind to old ladies
IPv6 Deployment and SupportWhy is there a problem?Lots of money + intellectual property (=money)Hostile environment (motivations for attack vary)Lack of security consciousnessLots of potential points of attackp pPolicies are often seen as unacceptableNo regulatory frameworkNo regulatory frameworkLegal aspects unclear
IPv6 Security 8
IPv6 Deployment and SupportWhy is there a problem?If b li th t ti ( fi llIf you believe that encryption (or firewalls or Intrusion Detection Systems) are the
t ll it bl thanswer to all your security problems, then you probably asked the wrong question.S it i b t i tSecurity is about securing a systemSecurity is a process NOT a productOOver-concentration on technology is deeply naïveHo e er if o do major changes like IP 4 IP 6However if you do major changes, like IPv4-IPv6, ensure you have not introduced new holes
IPv6 Security 9
IPv6 Deployment and SupportNetwork ThreatsPassive tapActive tappDenial of serviceF ki / lFaking/replayTraffic analysisy
IPv6 Security 10
IPv6 Deployment and SupportOther ThreatsPhysical attackTrojan Horses, viruses, worms, logic bombsPasswordsLoopholespCollusionAccidental accessAccidental accessTempestSocial EngineeringSocial Engineering
IPv6 Security 11
Cost Effective SecurityIPv6 Deployment and Support
yAbsolute security?
GIVE UP ON THE IDEA OF CERTAINTY, IT’SGIVE UP ON THE IDEA OF CERTAINTY, IT S FICTIONAL
Security = delay = cost to an attacker.But security costs implementer too.
So compromise on level of securityEvaluate risksEvaluate cost of lossesD ’ d h hiDon’t spend more than this
Hard --d ’t k ti ti f tt kdon’t know motivation of attackerdon’t know value of information or goodwill
IPv6 Security 12
Wireless systemsIPv6 Deployment and Support
y
Oh and then it all gets decidedly worse. AndOh and then it all gets decidedly worse. And the culprits?...
Toys!aka ‘empowering the workforce’
IPv6 Security 13
New problemsIPv6 Deployment and Support
p
I f t t d ’t t t d tInfrastructure doesn’t protect dataApplications can’t be trusted to secure dataN f f i ?New forms of virus?Security in mobile devices not standardised (many OS)(many OS)Devices easy to lose (or steal) or breakR di i b d t diRadio is a broadcast mediumMost mobile devices come with security disableddisabledData loss is painful; the more so the more one relies on it
IPv6 Security 14
relies on it
So what’s to be done?IPv6 Deployment and Support
Play Luddite? - Too lateWireless nodes will always be resource scarce compared to equivalent wired nodesActually, there is (going to be) a LOT of h t it i thiheterogeneity in this space
Low mobility high b/w devices (802.11)High mobility low b/w devices (cell phones to RFID tags)High mobility low b/w devices (cell phones to RFID tags)IPv4/IPv6 heterogeneous protocol suites
The UIs will not be getting significantly better (auThe UIs will not be getting significantly better (au contraire)There’s battery lifetime to consider (new DoS y (attacks)Much of it is going to look very different from now...
IPv6 Security 15
What is new with IPv6?IPv6 Deployment and Support
Security was considered from the beginning in y g gIPv6
One can rely on certain features existingWhen new services were considered, their security was part of IPv6 thinkingSome of the areas where the thinking is obvious are:
Th t t M bil d M bil IPThreats to Mobile access and Mobile IPCryptographically generated addressesProtocol for Authentication and Network AccessProtocol for Authentication and Network AccessIPsecMaking intrusion harder
IPv6 Security 16
Making intrusion harder
Security IssuesIPv6 Deployment and Support
ySame as ever – robustness
Authentication, Confidentiality, IntegrityNon-repudiationA t l ( th i ti )Access control (authorisation)Accounting/billing
B tButFocus is on ‘certainty’ – and it’s not clear we can have thatthatResource poverty – processing power/bandwidthActuators can kill peopleActuators can kill peopleLawful interception
IPv6 Security 17
Security issuesIPv6 Deployment and Support
y
Encryption, signatures etc. affected by resourcesVPNs and PKI work OK in principle (to the same extent as wired systems)same extent as wired systems)So does application level securityMalicious code – no ubiquitous approach
IPv6 Security 18
Traditional Way of Securing systemsIPv6 Deployment and Support
If we want to secure a system, then we need to y ,follow a number of principles:
Prevention is never 100% effective – so:Need defence in depth – several different mechanismsMechanisms for detecting and responding to attacks, preferably in real time, are essential:Start by securing the weakest linkStart by securing the weakest linkCompartmentalise – don’t put all of your data in one basketone basketMediocre security now is better than great security never
IPv6 Security 19
Take your users with you
Mechanisms for detecting and IPv6 Deployment and Support
gresponding to attacks
Detect – get to know you’re being attacked.Localise – determine what’s being attacked.Identify – determine who the attacker is.Assess – why are they doing this?y y gRespond or Prevent – depends on all of above.Recover – Have a plan better than ‘go find a newRecover – Have a plan better than go find a new job’Keep Audit Trail – so that you can assess theKeep Audit Trail – so that you can assess the damage
IPv6 Security 20
What changes in thisIPv6 Deployment and Support
Ambient computing = invisible computingBut heterogeneity in infrastructure, network protocols, etc.
Issues of scale mean that human intervention is largely impracticable. One needs:g y p
Autonomic mechanisms, new models of trustTo abandon the simple certainties ofTo abandon the simple certainties of conventional securityMechanisms to make intrusion more difficultMechanisms to make intrusion more difficult to do and easier to detectNew techniques to deal with mobility
IPv6 Security 21
New techniques to deal with mobility
Threats due to MobilityIPv6 Deployment and Support
y
Mobility in the system means changingMobility in the system means changing physical connectivity and logical context. It needs:needs:
Different types of policies; ones that can capture contextcapture context. Those policies implemented in a context dependent waydependent wayA flexible architecture to allow for composition of appropriate componentsof appropriate componentsSome assurance about how this will perform
Th bi i iIPv6 Security 22
There are big privacy issues
ConclusionIPv6 Deployment and SupportSecurity at present just about works
But it is a bolt on it has been a painful process toBut it is a bolt on – it has been a painful process to get here
Vision of futureVision of futuresystems of huge scale,with huge heterogeneitywith huge heterogeneity,and a bigger impact on our lives than ever before
N d R&D tl tNeed R&D urgently tothink what security means in these environmentsb ild it i t th t f d 1build security into these systems from day 1
Need public debate about impacts on society
IPv6 Security 23
IPv6 Security
The Security Threats
IPv6 Security 24
Threats to be Countered in IPV6IPv6 Deployment and SupportScanning gateways and Hosts for
weaknessScanning for multicast addressesExposing weaknesses with NATsExposing weaknesses with NATsUnauthorised accessWeaknesses in FirewallsPerformance attacks with fragmented headersProtocol WeaknessesDistributed Denial of Service
IPv6 Security 25
Scanning Gateways and HostsIPv6 Deployment and Support
Scanning Gateways and Hosts
Subnet Size is much larger About 500,000 years to scan a /64 , ysubnet@1M addresses/sec
But…But…NMAP does support IPv6 network scanningIPv6 Scanning methods are changing- IPv6 Scanning methods are changing
- DNS based, parallelised scanning, common numbering
- Compromising a router at key transit points- Can discover addresses in use
26IPv6 Workshop, Tbilisi
Scanning in IPv6IPv6 Deployment and Support
Scanning in IPv6IPv6 Scanning methods are likely to change
Public servers will still need to be DNS reachable giving attacker some hosts to attack – this is not new!Administrators may adopt easy to remember addresses (::1,::2,::53, or simply IPv4 last octet) EUI-64 address has “fixed part”EUI-64 address has fixed partEthernet card vendors guessNew techniques to harvest addresses – e.g. from DNS zones, logs
Deny DNS zone transferBy compromising routers at key transit points in aBy compromising routers at key transit points in a network, an attacker can learn new addresses to scan
Other possible network hiding: DNS splittingIPv6 Security 27
Other possible network hiding: DNS splitting
Scanning Multicast AddressesIPv6 Deployment and Support
g
New Multicast Addresses IPv6 supportsNew Multicast Addresses - IPv6 supports new multicast addresses enabling attacker to identify key resources on aattacker to identify key resources on a network and attack them
E.g. Site-local all DHCP servers (FF05::5), and All Routers (FF05::2)Addresses must be filtered at the border in order to make them unreachable from theorder to make them unreachable from the outside
IPv6 specs forbids the generation of ICMPv6 packets in response to messages to global multicast addresses that contain requests
28IPv6 Workshop, Tbilisi
Security of IPv6 addressesIPv6 Deployment and Support
y
C t hi ll G t d AddCryptographically Generated Addresses (CGA) IPv6 addresses [RFC3972]
Host ID part of address is an encoded hashHost-ID part of address is an encoded hashBinds IPv6 address to public key
Used for securing Neighbor DiscoveryUsed for securing Neighbor Discovery [RFC3971]Is being extended for other uses [RFC4581]
Private addresses as defined [RFC 4941]prevents device/user tracking from gmakes accountability harder
Host-ID could be token to access network
29IPv6 Workshop, Tbilisi
IPv6 Security
Mobile Computing and Access Control
IPv6 Security 30
Mobile IP (MIP)- IntentionIPv6 Deployment and SupportMobility
Growing number of mobile Internet usersM bilit t i th I t t i d
Mobile IP (MIP) Intention
Mobility support in the Internet requiredAddressing
Reachability of user under one fixed IPReachability of user under one fixed IP addressAutomatic configuration
Transparency
network A
TransparencyTransparent mobility support for users
Internetnetwork A
network B
IPv6 Security 31
MIPv6 – Home RegistrationIPv6 Deployment and SupportVisited network B
MIPv6 Home Registration
Home network A
BillInternet Bill
Home Agent Network CMapping
Mike
MappingBill‘s network A addressBill‘s network B address
MikeBill sends mapping to Home Agent (registration)
Home Agent confirms receipt of mapping and start to i k t f Bill ( )
IPv6 Security 32
receive packets for Bill (proxy)
MIPv6 – “Dog-leg” RoutingIPv6 Deployment and SupportVisited network B
g g g
Internet
Home network A Bill
N t k C
Internet
Home Agent Network C
Mike initiates communication to Bill and sends packets to Bill’s address on home network A
MikeHome Agent intercepts packets and bi-directionally tunnels them to Bill’s address on visited network B
IPv6 Security 33
MIPv6 – Optimised RoutingIPv6 Deployment and Support
Visited network
Home
p g
BillInternet
Home network A
Home Agent Network Cet o C
M i
Mike
MappingBill‘s network A addressBill‘s network B address
Bill sends mapping to Mike
Mike sends following packets directly to Bill’s address i it d t k B
IPv6 Security 34
on visited network B
MIPv6 – Attack ScenarioIPv6 Deployment and Support
Visited network BHome network A
Home Agent BillInternet
Network CNetwork D
Mike
MappingBill‘s network A address
Attacker‘s network D addressAttacker
Bill sends mapping to Mike
Attacker re directs traffic sent from Mike to Bill towards himself
IPv6 Security 35
Attacker re-directs traffic sent from Mike to Bill towards himself
MIPv6 – Trust RelationshipIPv6 Deployment and Support
Visited network B
p
Home
Visited network B
Internetnetwork A
Network C
No trust relationship between MN and CN --> ???Trust relationship between MN and HA --> IPSec can be used
IPv6 Security 36
No trust relationship between MN and CN --> ???
MIPv6 - Return routabilityIPv6 Deployment and Support
Visited network B
y
homenetwork A
Internetnetwork A
Network C
Home Test Init (HoT cookie)
Care of Test Init (CoT cookie)
Home Test (HoT cookie, home keygen token, home nonce index)
Care of Test (CoT cookie care of keygen token care of nonce index)
Care-of Test Init (CoT cookie)
IPv6 Security 37
Care-of Test (CoT cookie, care-of keygen token, care-of nonce index)
Mobile IPv6 – remaining security IPv6 Deployment and Support
Attacker on the path between HA and CN plus
g yissues
Attacker on the path between HA and CN plus between MN and CN will be able to receive all Return Routability packetsReturn Routability packets- This attacker could still send Binding information on behalf of the MNon behalf of the MNCryptographically Generate Addresses can help h ( lid )here (see next slides)- This still requires Return Routability itself to prove reachability of MN’s addresses
IPv6 Security 38
IPv6 Security
Cryptographically Generated Addresses
IPv6 Security 39
yp g p y
Cryptographically Generated IPv6 Deployment and Support
D fi d i RFC 3972 d t d b RFC4581&4982
Addresses (CGA) OverviewDefined in RFC 3972, updated by RFC4581&4982 IPv6 addresses, which carry hashed information about public key in the identifier partabout public key in the identifier part
Providing a binding of IP address to public key without requiring a full key management g y ginfrastructure
Provide for Secure Neighbor Discovery (SEND) –RFC 3971RFC 3971
Resolve chicken-egg problem of IPsecCould help to further secure Mobile IPv6 BindingCould help to further secure Mobile IPv6 Binding informationContinued work in IETF CSI Working Group
IPv6 Security 40
CGA - parametersIPv6 Deployment and Support
CGA Parameter data structure (RFC 3972)
p
CGA Parameter data structure (RFC 3972)Modifier
Chosen arbitrarily (16 octets)Chosen arbitrarily (16 octets) Address prefix
Prefix valid on the respective link (8Prefix valid on the respective link (8 octets)
Collision count (1 octet)Collision count (1 octet)Public key (Variable length)O ti l t i fi ld (V i bl l th)Optional extension fields (Variable length)
IPv6 Security 41
CGA – generation of Pub/Priv Key PairIPv6 Deployment and Support
1 Choose an arbitrary value for the 16 octet modifier
CGA generation of Pub/Priv Key Pair
1. Choose an arbitrary value for the 16 octet modifier2. Select an appropriate value for the security parameter (0:
« low resistance » to brute-force to 7: « high resistance to brute-force »brute-force »
3. Hash (SHA-1) concatenation of modifier, address prefix (set to zero), collision count (set to zero) and public key
4. If first 16 times security parameter bits are not zero, increase modifier by 1 and repeat hash computation (back to 4)
5 Hash (SHA-1) concatenation of final modifier real address5. Hash (SHA-1) concatenation of final modifier, real address prefix, collision count (set to zero) and public key
6. The identifier are the first 64 bits of the result with overriding the first 3 bits by the security parameter and setting u and gthe first 3 bits by the security parameter and setting u and g bit
7. If duplicate address detection fails, increase collision counter and go back to 6
IPv6 Security 42
and go back to 6
CGA structureIPv6 Deployment and Support
CGA - structure
Cryptographically Generated Address
Subnet prefix (64 bit) CGA specific ID (64 bit)
0 1 2 6 7
security „u“ bit „g“ bityparameter
„ „g
IPv6 Security 43
IPv6 Security
Personal Area Networks
IPv6 Security 44
PANA - overviewIPv6 Deployment and SupportIntention
E bl k h i iEnable network access authenticationProvide a link layer agnostic solution
Protocol aspectsProtocol aspectsPANA is an own protocolRuns on top of UDP / IPRuns on top of UDP / IPCarries EAP authentication messages (EAP MD5, EAP PEAP, EAP LEAP, EAP- TLS, EAP TTLS, …), , , , )Additional information in Attribute Value Pairs (Cookie, Protection-Capability, Device-ID, EP-Device ID EAP MAC Session ID )Device-ID, EAP, MAC Session ID, …)Supports separation of ISP and NAP authentication
IPv6 Security 45
authentication
PANA - architectureIPv6 Deployment and Support
PaC EP PAA
PANA architecture
PANA Authentication
Authorisation
PAA Discovery
PANAClient Enforcement
PointPoint
PANA Authentication
IPv6 Security 46
Agent
PANA - PAA discovery phaseIPv6 Deployment and Support
Client triggered
y p
PaC PAAPANA PAA Discovery
PANA Start Request [opt. Cookie]
PANA Start Answer [opt. Cookie]
Data / L2 triggeredPaC EP PAA
PANA PAA Discovery [device ID]
Data or L2 trigger
PANA Start Request [opt. Cookie]
PANA St t A [ t C ki ]
IPv6 Security 47
PANA Start Answer [opt. Cookie]
PANA - authentication phaseIPv6 Deployment and Support
PaC PAAPANA A th Req est [EAP req est]
p
PANA Auth Request [EAP request]
PANA Auth Answer [EAP response]
...PANA Auth Request [EAP request]
PANA Auth Answer [EAP response]
PANA Bind Request [EAP success, opt. protection]
PANA Bind Answer [opt. protection]
IPv6 Security 48
PANA - termination phaseIPv6 Deployment and Support
PAA triggered
p
PaC PAA
PANA T i ti R t [MAC]PANA Termination Request [MAC]
PANA Termination Answer [MAC][ ]
Client triggered
PaC PAA
PANA T i ti R t [MAC]PANA Termination Request [MAC]
PANA Termination Answer [MAC]
IPv6 Security 49
[ ]
PANA – open issuesIPv6 Deployment and Support
Separation between EP and PAARequires communication between bothNot in scope of the PANA specificationCOPS, SNMP, Diameter could be candidates hhere
Mobility supportIf client roams between different PAAs a reIf client roams between different PAAs a re-use of existing PANA session would be niceniceCommunication between involved PAAs requiredNot in scope of the PANA specificationContext Transfer Protocol potential
did tIPv6 Security 50
candidate
IPv6 Security
Unauthorised Access and Firewalls
IPv6 Security 51
Unauthorised Access control in IPv6IPv6 Deployment and SupportPolicy implementation in IPv6 with Layer 3
d L 4 i till d i fi lland Layer 4 is still done in firewallsSome design considerations! – see next slides
Filter site-scoped multicast addresses at site boundariesFilt IP 4 d IP 6 dd th iFilter IPv4 mapped IPv6 addresses on the wireMultiple address per interfaces
sshanyx:y:z:w::va:b:c:d::epermit
Dst portSrc portDstSrcAction
anyanydeny
IPv6 Security 52
Unauthorised Access control in IPv6IPv6 Deployment and Support
non routable + bogon address filteringnon-routable + bogon address filtering slightly different
in IPv4 easier deny non-routable + bogonin IPv6 easier to permit legitimate (almost)
host/net2001:db8::/32deny
Dst portSrc portDstSrcAction
serviceanyhost/net2002::/16permit
serviceanyhost/net2001::/16permit
ih t/ t2003 /16it serviceanyhost/net2003::/16permit
anyanydeny
serviceanyhost/net3ffe::/16permit
IPv6 Security 53
FirewallsIPv6 Deployment and Support
IPv6 architecture and firewall - requirementsNo need to NAT – same level of security with IPv6 possible as with IPv4 (security and privacy)
Even better: e2e security with IPSecEven better: e2e security with IPSecWeaknesses of the packet filtering cannot be hidden by NAThidden by NATIPv6 does not require end-to-end connectivity, but provides end-to-end addressabilitySupport for IPv4/IPv6 transition and coexistenceNot breaking IPv4 security
M t fi ll IP 6 blMost firewalls are now IPv6-capableCisco ACL/PIX, Juniper NetScreen, CheckPointModern OSes now provide IPv6 capable firewalls
54
Modern OSes now provide IPv6 capable firewallsIPv6 Security
IPv6 firewall setup - method1IPv6 Deployment and Support
DMZ
p
Internet
RouterProtectedNetwork
Firewall
Internet ↔router↔firewall↔net architectureRequirements:
Firewall must support/recognise ND/NA filteringFi ll RS/RA if S AAC i dFirewall must support RS/RA if SLAAC is usedFirewall must support MLD messages if multicast is required
IPv6 Security 55
multicast is required
IPv6 firewall setup - method2IPv6 Deployment and Support
p DMZ
Internet
Router Protected Network
Internet
Firewall
Internet ↔ firewall ↔ router ↔ net architectureRequirements:
Firewall must support ND/NAFirewall should support filtering dynamic routing
lprotocolFirewall should have large variety of interface types
IPv6 Security 56
IPv6 firewall setup - method3IPv6 Deployment and Support
p DMZ
Internet
Protected Network
Firewall+Router
Internet ↔ firewall/router(edge device) ↔ net architectureRequirements
Can be powerful - one point for routing and it li i SOHOsecurity policy – very common in SOHO
(DSL/cable) routersMust support what usually router AND firewall do
IPv6 Security 57
Must support what usually router AND firewall do
Firewall setupIPv6 Deployment and Support
p
No blind ICMPv6 filtering possible:No blind ICMPv6 filtering possible:
D b b tt i di tiN t t d ti ti
DebugEcho request/reply
Error report (e g E tension header errors)Parameter problem
Error reportTTL exceededDebug – better error indicationNo route to destination
⎤
Required for normal operation – except static ND entry
NS/NA
Error report (e.g. Extension header errors)Parameter problem
ific
d ⎤
ND entry
For Stateless Address AutoconfigrationRS/RA
iiv6 sp
eci
equi
red
Path MTU discoveryPacket too big
Requirements in for multicastMLD
⎡IP
v
⎡r
58
⎡
IPv6 Workshop, Tbilisi
Firewall setup 2IPv6 Deployment and Support
p
No blind IP options (→ extension Header) o b d opt o s (→ e te s o eade )filtering possible:
What to do with jumbograms or router alert Hop-by-hop header
Source routing – in IPv4 it is considered harmfulRouting header
option? – probably log and discard – what about multicast join messages?
Source routing – in IPv4 it is considered harmful, but required for IPv6 mobility – log and discard if you don’t support MIPv6, otherwise enable only Type 2 routing header for Home Agent of MIPv6
Routing header
Process according to the security policyAH headerProcess according to the security policyESP header
Type 2 routing header for Home Agent of MIPv6
All but last fragments should be bigger than 1280 octets
Fragment header
Process according to the security policyAH header
IPv6 Security 59
Interoperability of filtered applicationsIPv6 Deployment and Support
p y pp
FTPFTP:Very complex: PORT, LPRT, EPRT, PSV, EPSV, LPSV (RFC 1639, RFC 2428)virtually no support in IPv6 firewalls
HTTP seems to be the next generation file transfer protocol with WEBDAV andfile transfer protocol with WEBDAV and DELTAOther non tri iall pro able protocolOther non trivially proxy-able protocol:
no support (e.g.: H.323)
IPv6 Security 60
Overview of IPv6 firewallsIPv6 Deployment and Support
(a little out of date - things are getting better now)
1
CL X n XP
IPFi
lter 4
.
PF 3
.6
IP6f
w
Ipta
bles
Cis
co A
C
Portability Excellent Good Average Weak Weak Weak Weak Weak Weak
Cis
co P
IX7.
0
Juni
per
firew
all
Juni
per
Net
Scre
e
Win
dow
s SP
2
ICMP 6 Good Good Good Good Good Good Good Good Good
Excellent Excellent Good Excellent Excellent Excellent Good Excellent Weak
Excellent Excellent Good Excellent Excellent Excellent Excellent Excellent Good
ICMPv6 supportNeighbor DissoveryRS /RA
t Excellent Excellent Good Excellent Excellent Excellent Excellent Excellent Good
Good Good Good Excellent Good Good Good Good Weak
supportExtension header supportFragmantati CompleteWeak Weak Good Weak Average Weak Average Weak
Yes Yes No Yes Yes No
No No No ? No No No
tion support
Complete block
Stateful firewall
Csak USAGI
Reflexive firewall
ASP necessary
Next since 12.3FTP proxy No No No ? No No No
Oth
version (11)T
QOS support
QoS support, checking packet
Predefined rules in *BSD
EUI64 check,
Time based ACL
No TCP flag
support today, HW
IPSec VPN,
routing support
Graphical and central configuratio
n
IPv6 Security 61
Other vailidity based support n
IPv6 SecurityIPv6 Security
Other threats
IPv6 Security 62
Header Manipulation and Fragmentation Best Practices
IPv6 Deployment and Support
Fragmentation Best PracticesDeny IPv6 fragments destined to anDeny IPv6 fragments destined to an internetworking device - Used as a DOS vector to attack the infrastructurevector to attack the infrastructure Ensure adequate IPv6 fragmentation filtering capabilities. For example, drop all packets p p , p pwith the routing header if you don't have MIPv6Potentially drop all fragments with less than 1280 octets (except the last fragment)All f t h ld b d li d i 60All fragment should be delivered in 60 seconds otherwise drop
IPv6 Security 63
L3- L4 Spoofing in IPv6IPv6 Deployment and Support
p g
While L4 spoofing remains the same, IPv6 address are globally aggregated makingaddress are globally aggregated making spoof mitigation at aggregation points easy to deployto dep oyCan be done easier since IPv6 address is hierarchicalhierarchicalHowever host part of the address is not protectedprotected
You need IPv6 <– >MAC address (user) mapping for accountability!
IPv6 Security 64
y
Autoconfiguration/Neighbour DiscoveryIPv6 Deployment and Support
Neigbor Discovery ~ security ~ Address g y yResolution Protocol
No attack tools – ARP cache poisoningNo prevention tools – DHCP snooping
Better solution with SENDbased on CGA: token1=hash(modifier, prefix, public key, collision-count)y )Available in IOS-12.4(24)T, Linux/BSD (DoCoMo’s SEND Project)
DHCPv6 with authentication is possibleND with IPSec also possible
IPv6 Security 65
ND with IPSec also possible
Amplification (DDoS) AttacksIPv6 Deployment and Support
p ( )There are no broadcast addresses in IPv6
This would stop any type of amplificationThis would stop any type of amplification attacks that send ICMP packets to the broadcast addressGlobal multicast addresses for special groups of devices, e.g. link-local addresses, etc.
IPv6 specifications forbid the generationIPv6 specifications forbid the generation of ICMPv6 packets in response to messages to global multicast addressesmessages to global multicast addresses
Many popular operating systems follow the specificationStill uncertain on the danger of ICMP packets with global multicast source addresses
66IPv6 Workshop, Tbilisi
Mitigation of IPv6 amplificationIPv6 Deployment and Support
Mitigation of IPv6 amplification
Be sure that your host implementations follow the ICMPv6 spec [RFC 4443]p [ ]Implement Ingress Filtering
Defeats Denial of Service Attacks whichDefeats Denial of Service Attacks which employ IP Source Address Spoofing [RFC 2827]2827]
Implement ingress filtering of IPv6 packets with IPv6 multicast source addresswith IPv6 multicast source address
67IPv6 Workshop, Tbilisi
Other threatsIPv6 Deployment and SupportIPv6 Routing Attacks
Use traditional authentication mechanisms for BGP and IS-IS.Use traditional authentication mechanisms for BGP and IS IS.Use IPsec to secure protocols such as OSPFv3 and RIPng
Viruses and WormsSniffingg
Without IPsec, IPv6 is no more or less likely to fall victim to a sniffing attack than IPv4
ICMP attacks – slight differences with ICMPv4R d ti f Filt i ICMP 6 M i Fi ll (RFC4890)Recommendations for Filtering ICMPv6 Messages in Firewalls (RFC4890)TCP ICMP attacks – slight differences with ICMPv6
http://tools.ietf.org/html/draft-ietf-tcpm-icmp-attacksApplication Layer AttacksApplication Layer Attacks
Even with IPsec, the majority of vulnerabilities on the Internet today are at the application layer, (IPsec can’t help)
Man-in-the-Middle Attacks (MITM)( )Without IPsec, any attacks utilizing MITM will have the same likelihood in IPv6 as in IPv4
FloodingFlooding attacks are identical between IPv4 and IPv6
IPv6 Security 68
Flooding attacks are identical between IPv4 and IPv6
IPv6 Security
Transition Mechanisms Problems
IPv6 Security 69
Transition Mechanisms Problems
IPv6 transition mechanismsIPv6 Deployment and Support
~15 methods possible in combinationDual stack:Dual stack:
enable the same security for both protocolT lTunnels:
ip tunnel – punching the firewall (protocol 41)gre tunnel – probable more acceptable since used several times before IPv6
IPv6 Security 70
L3 – L4 Spoofing in IPv4 with 6to4IPv6 Deployment and Support
p g
For example via 6to4 tunneling spoofedFor example, via 6to4 tunneling spoofed traffic can be injected from IPv4 into IPv6.
IPv4 Src: Spoofed IPv4 Address pIPv4 Dst: 6to4 Relay Anycast (192.88.99.1)IPv6 Src: 2002:: Spoofed Source IPv6 Dst: Valid Destination
Attacke
IPv6 net public IPv4 IPv6 net
Attacker
IPv6 netnet
IPv6 net
6to4 relay6to4 gateway
IPv6 Security 71
6to4 relay6to4 gateway
Mixed IPv4/IPv6 environments IPv6 Deployment and Support
There are security issues with the transition h imechanisms
Tunnels are extensively used to interconnect networks over areas supporting the “wrong” et o s o e a eas suppo t g t e o gversion of protocolTunnel traffic many times has not been anticipated by the security policies It may pass throughby the security policies. It may pass through firewall systems due to their inability check two protocols in the same time
Do not operate completely automated tunnelsDo not operate completely automated tunnelsAvoid “translation” mechanisms between IPv4 and IPv6, use dual stack insteadOnly authorized systems should be allowed as tunnel end-pointsAutomatic tunnels can be secured by IPSec
IPv6 Security 72
Automatic tunnels can be secured by IPSec
IPv6 Security
IPSEC Infrastructure
IPv6 Security 73
IPSecIPv6 Deployment and Support
general IP Security mechanismsprovides
authenticationconfidentialityconfidentialitykey management - requires a PKI infrastructure (IKE) –new simplified and unified IKEv2 will be available soon.
applicable to use over LANs, across public & private WANs, & for the InternetIPSec is not a single protocol. Instead, IPSec provides a set of g p , psecurity algorithms plus a general framework that allows a pair of communicating entities to use whichever algorithms provide security appropriate for the communication.p y pp pIPSec is mandated in IPv6 – you can rely on for e2e security
But some like 3G may not use it after all!
IPv6 Security 74
IPsec protocol overviewIPv6 Deployment and Support
pIPsec services
AuthenticationAH (Authentication Header - RFC 4302)
ConfidentialityESP (Encapsulating Security Payload - RFC 4303)
Replay protection IntegrityReplay protection, IntegrityKey management
IKEv2 (Internet Key Exchange - RFC4306)IKEv2 (Internet Key Exchange RFC4306)IPsec modes: Transport Mode & Tunnel Mode
ImplementationspLinux-kernel (USAGI), Cisco IOS-12.4(4)T, BSD&OSX(Kame)
75IPv6 Workshop, Tbilisi
IPsec Architecture (RFC 2401)IPv6 Deployment and Support
( )
S it P li i Whi h t ffi i t t d?Security Policies: Which traffic is treated?
S it A i ti H i t ffi d?Security Associations: How is traffic processed?
Security Protocols: Which protocols (extension headers) are used?
Key Management: Internet Key Exchange (IKE)
Algorithms: Authentication and Encryption
IPv6 Security 76
IPsec ModesIPv6 Deployment and Support
Transport Mode Tunnel Mode
Above the IP levelBelow the Transport level
IP within IPBelow the transport levelBelow the Transport level
Only the IP datagram All the tunneled IP y gpayload is protected datagram is protected
IPv6 Security 77
IPsec Scenarios - Scenario 1: H2HIPv6 Deployment and Support
End-to-end serviceTransport/Tunnel mode between the 2 hosts
Transport or Tunnel
R1H1 H2R2
L lLocalIntranet The
InternetLocal
Intranet
IP header IPsec ext AH/ESP Payload
IPv6 Security 78
AH/ESP
IPsec Scenarios - Scenario 1: H2HIPv6 Deployment and Support
End-to-end serviceTransport/Tunnel mode between the 2 hosts
Transport or Tunnel
R1H1 H2R2
L lLocalIntranet The
InternetLocal
Intranet
IP header PayloadIPsec ext AH/ESP
Inner IP header
IPv6 Security 79
AH/ESP header
IPsec Scenarios - Scenario 2: G2GIPv6 Deployment and Support
VPN, Site-to-Site/ISP agreements, …, g ,Tunnel between the 2 gateways
G1H1 H2G2
Tunnel
G1H1 H2G2
LocalI t t The LocalIntranet The
InternetLocal
Intranet
IP header PayloadIPsec ext AH/ESP
Inner IP header
IPv6 Security 80
AH/ESP header
IPsec Scenarios - Scenario 3: H2G, G2HIPv6 Deployment and SupportDial-in users
Tunnel between the “external” host and theTunnel between the external host and the gateway
Tunnel
H1 H2G
TheInternet
LocalIntranet
IP header PayloadIPsec ext AH/ESP
Inner IP header
IPv6 Security 81
AH/ESP header
IPsec ProtocolsIPv6 Deployment and SupportAuthentication Header (AH)
RFC 4302Encapsulation Security P l d H d (ESP)RFC 4302
Protocol# (Next Header) = 51
Provides:
Payload Header (ESP)RFC 4303
Protocol# (Next Header) = 50Provides:Connectionless IntegrityData origin authenticationReplay protection
Provides:Connectionless IntegrityD t i i th ti tiReplay protection
Is insertedIn Transport mode: After
Data origin authenticationReplay protectionConfidentialityIn Transport mode: After
the IP header and before the upper layer protocol (UDP, TCP, …)
Is insertedIn Transport mode: After the IP header and before the upper layer protocol( )
In Tunnel mode: Before the original IP header (the entire IP header is protected)
the upper layer protocolIn Tunnel mode: before an encapsulated IP header
IPv6 Security 82
protected)
IPsec: Protocols, services & modes IPv6 Deployment and Support
combinationsTransport Mode Tunnel Mode SA
AH Authenticates IP pa load and
Authenticates entire inner IP datagrampayload and
selected portions of IP header
inner IP datagram (header + payload), + selected portions of the outer IP header
ESP Encrypts IP payload Encrypts inner IPESP Encrypts IP payload Encrypts inner IP datagram
ESP ith Encrypts IP payload Encrypts andESP with Authentication
Encrypts IP payload and authenticates IP payload but not IP h d
Encrypts and authenticates inner IP datagram
IPv6 Security 83
IP header
IPsec : Key ManagementIPv6 Deployment and Support
y g
M lManualKeys configured on each system
Automatic: IKE or IKEv2 (Internet Key Exchange, RFC 4306)( y g , )Combines previously separate documents: Internet Security Association and Key Management Protocol (ISAKMP, RFC 2408), IKE (RFC 2409), the Internet Domain of Interpretation2408), IKE (RFC 2409), the Internet Domain of Interpretation (DOI, RFC 2407), Network Address Translation (NAT) Traversal, Legacy authentication, and remote address acquisition. qVersion 2 of IKE does not interoperate with version 1, but it has enough of the header format in common that both versions can unambiguously run over the same UDP port.versions can unambiguously run over the same UDP port.
Algorithms: Authentication and Encryption
IPv6 Security 84
IPv6 Security infrastructureIPv6 Security infrastructure
Conclusions and the referencesIPv6 Security 85
Conclusions and the references
SummaryIPv6 Deployment and Support
SummaryIPv6 has potential to be a foundation of 6 pa more secure InternetElements of the IPv6 securityElements of the IPv6 security infrastructure are mature enough to be deployed in production environment.deployed in production environment.
Firewalls, IPSec, AAA, Mobile IP etc.Other elements are in prototype stateOther elements are in prototype state
CGA, PANA, VPNsBut even these are ready for experimentalBut even these are ready for experimental
deployment
IPv6 Security 86
A Few Specific ReferencesIPv6 Deployment and Support
p6NET D3.5.1: Secure IPv6 Operation: Lessons learned from 6NETJ Mohacsi “IPv6 firewalls” presentation on the 5th TFJ. Mohacsi, “IPv6 firewalls”, presentation on the 5th TF-NGN meeting, October 2001 available at http:///skye.ki.iif.hu/~mohacsi/athens_tf_ngn_ipv6_firewalls pdfs.pdfJ.Mohacsi, “Security of IPv6 from firewalls point of view”, presentation on TNC2004 conference, June 2004, available atavailable at http://www.terena.nl/conferences/tnc2004/programme/presentations/show.php?pres_id=115 6NET D6 2 2: Operational procedures for secured6NET D6.2.2: Operational procedures for secured management with transition mechanismsS. Convery, D Miller, IPv6 and IPv4 Threat Comparison and Best Practice Evaluation (v1 0)" presentation at theand Best-Practice Evaluation (v1.0) , presentation at the 17th NANOG, May 24, 2004János Mohácsi, Elwyn Davis: Draft-v6ops-icmpv6-filtering bcp 00 txt
IPv6 Security 87
filtering-bcp-00.txt