11

IPSec—An OverviewIPSec—An Overview

BY Amin PathanBY Amin Pathan

MGM`s Polytechnic, AurangabadMGM`s Polytechnic, Aurangabad

2

OutlineOutline

why IPSec?why IPSec? IPSec ArchitectureIPSec Architecture Internet Key Exchange (IKE)Internet Key Exchange (IKE) IPSec PolicyIPSec Policy discussiondiscussion

3

IP is not Secure!IP is not Secure!

IP protocol was designed in the late 70s to early 80sIP protocol was designed in the late 70s to early 80s

– Part of DARPA Internet ProjectPart of DARPA Internet Project– Very small networkVery small network

All hosts are known!All hosts are known! So are the users!So are the users! Therefore, security was not an issueTherefore, security was not an issue

4

Security Issues in IPSecurity Issues in IP

source spoofingsource spoofing replay packetsreplay packets no data integrity or no data integrity or

confidentialityconfidentiality• DOS attacks• Replay attacks• Spying• and more…

Fundamental Issue: Networks are not (and will never be)

fully secure

5

Goals of IPSecGoals of IPSec

to verify sources of IP packetsto verify sources of IP packets

– authenticationauthentication to prevent replaying of old packetsto prevent replaying of old packets to protect integrity and/or confidentiality of packetsto protect integrity and/or confidentiality of packets

– data Integrity/Data Encryptiondata Integrity/Data Encryption

6

OutlineOutline

Why IPsec?Why IPsec? IPSec ArchitectureIPSec Architecture Internet Key Exchange (IKE)Internet Key Exchange (IKE) IPsec PolicyIPsec Policy DiscussionDiscussion

7

The IPSec Security The IPSec Security ModelModel

Secure

Insecure

8

IPSec ArchitectureIPSec Architecture

ESP AH

IKE

IPSec Security Policy

Encapsulating SecurityPayload

Authentication Header

The Internet Key Exchange

9

IPSec ArchitectureIPSec Architecture

IPSec provides security in three situations:

– Host-to-host, host-to-gateway and gateway-to-gateway

IPSec operates in two modes:

– Transport mode (for end-to-end)– Tunnel mode (for VPN)

10

IPsec ArchitectureIPsec Architecture

Tunnel Mode

Router Router

Transport Mode

11

Various PacketsVarious Packets

IP header

IP header

IP header

TCP header

TCP header

TCP header

data

data

data

IPSec header

IPSec header IP header

Original

Transportmode

Tunnelmode

12

IPSecIPSec

A collection of protocols (RFC 2401)A collection of protocols (RFC 2401)

– Authentication Header (AH)Authentication Header (AH) RFC 2402RFC 2402

– Encapsulating Security Payload Encapsulating Security Payload (ESP)(ESP)

RFC 2406RFC 2406

– Internet Key Exchange (IKE)Internet Key Exchange (IKE) RFC 2409RFC 2409

– IP Payload Compression (IPcomp)IP Payload Compression (IPcomp) RFC 3137RFC 3137

13

Authentication Header Authentication Header (AH)(AH)

Provides source authenticationProvides source authentication– Protects against source spoofingProtects against source spoofing

Provides data integrityProvides data integrity Protects against replay attacksProtects against replay attacks

– Use monotonically increasing sequence Use monotonically increasing sequence numbersnumbers

– Protects against denial of service attacksProtects against denial of service attacks NO protection for confidentiality!NO protection for confidentiality!

14

AH DetailsAH Details

Use 32-bit monotonically increasing sequence number to Use 32-bit monotonically increasing sequence number to avoid replay attacksavoid replay attacks

Use cryptographically strong hash algorithms to protect data Use cryptographically strong hash algorithms to protect data integrity (96-bit)integrity (96-bit)

– Use symmetric key cryptographyUse symmetric key cryptography– HMAC-SHA-96, HMAC-MD5-96 HMAC-SHA-96, HMAC-MD5-96

15

Encapsulating Security Encapsulating Security Payload (ESP)Payload (ESP)

Provides all that AH offers, andProvides all that AH offers, and in addition provides in addition provides data confidentialitydata confidentiality

– Uses symmetric key encryptionUses symmetric key encryption

16

ESP DetailsESP Details

Same as AH:Same as AH:

– Use 32-bit sequence number to Use 32-bit sequence number to counter replaying attackscounter replaying attacks

– Use integrity check algorithmsUse integrity check algorithms Only in ESP:Only in ESP:

– Data confidentiality:Data confidentiality: Uses symmetric key encryption Uses symmetric key encryption

algorithms to encrypt packetsalgorithms to encrypt packets

17

Internet Key Exchange Internet Key Exchange (IKE)(IKE)

Exchange and negotiate security policies Exchange and negotiate security policies Establish security sessionsEstablish security sessions

– Identified as Identified as Security AssociationsSecurity Associations Key exchangeKey exchange Key managementKey management Can be used outside IPsec as wellCan be used outside IPsec as well

18

IPsec/IKE AcronymsIPsec/IKE Acronyms

Security Association (SA)Security Association (SA)– Collection of attribute associated with a Collection of attribute associated with a

connectionconnection– Is Is asymmetric!asymmetric!

One SA for inbound traffic, another SA for One SA for inbound traffic, another SA for outbound trafficoutbound traffic

Similar to ciphersuites in SSLSimilar to ciphersuites in SSL

Security Association Database (SADB)Security Association Database (SADB)– A database of SAsA database of SAs

19

IPsec/IKE AcronymsIPsec/IKE Acronyms

Security Parameter Index (SPI)Security Parameter Index (SPI)

– A unique index for each entry in the A unique index for each entry in the SADBSADB

– Identifies the SA associated with a Identifies the SA associated with a packetpacket

Security Policy Database (SPD)Security Policy Database (SPD)

– Store policies used to establish SAsStore policies used to establish SAs

20

How They Fit TogetherHow They Fit Together

SPD

SADBSA-2

SPI

SPI

SA-1

21

SPD and SADB SPD and SADB ExampleExample

FroFromm

ToTo ProtocolProtocol PortPort PolicyPolicy

AA BB AnyAny AnyAny AH[HMAC-MD5]AH[HMAC-MD5]Tunnel Mode

Transport Mode

AC

B

A’s SPD

FroFromm

ToTo ProtocolProtocol SPISPI SA RecordSA Record

AA BB AHAH 1212 HMAC-MD5 keyHMAC-MD5 key

A’s SADB

D

FromFrom ToTo ProtocoProtocoll

PortPort PolicyPolicy Tunnel DestTunnel Dest

AnyAny AnyAny ESP[3DES]ESP[3DES] DD

C’s SPD

FromFrom ToTo ProtocolProtocol SPISPI SA RecordSA Record

ESPESP 1414 3DES key3DES keyC’s SADB

Asub Bsub

Asub Bsub

22

IPsec PolicyIPsec Policy

Phase 1 policies are defined in terms Phase 1 policies are defined in terms of of protection suitesprotection suites

Each protection suiteEach protection suite– Must contain the following:Must contain the following:

Encryption algorithmEncryption algorithm Hash algorithmHash algorithm Authentication methodAuthentication method Diffie-Hellman GroupDiffie-Hellman Group

– May optionally contain the following:May optionally contain the following: LifetimeLifetime ……

23

IPSec PolicyIPSec Policy

Phase 2 policies are defined in terms Phase 2 policies are defined in terms of of proposalsproposals

Each proposal:Each proposal:– May contain one or more of the followingMay contain one or more of the following

AH sub-proposalsAH sub-proposals ESP sub-proposalsESP sub-proposals IPComp sub-proposalsIPComp sub-proposals Along with necessary attributes such asAlong with necessary attributes such as

– Key length, life time, etcKey length, life time, etc

24

ResourcesResources

IP, IPsec and related RFCs:IP, IPsec and related RFCs:

– http://www.ietf.org/html.charters/ipsec-charter.html

– IPsec: RFC 2401, IKE: RFC 2409IPsec: RFC 2401, IKE: RFC 2409– www.freeswan.orgwww.freeswan.org

Google searchGoogle search