Collaborative Enforcement of Firewall Policies in Virtual Private Networks

Collaborative Enforcement of Firewall Policies in Virtual Private Networks

Fei ChenDept. of Computer Science and Engineering

Michigan State University

Joint work with Prof. Alex X. Liu

Collaborative Enforcement of Firewall Policies in Virtual Private Networks Liu, Chen

2/18

Maliciouswebsites

IBM2.2.0.0/16

MSU1.1.0.0/16

IntroductionVirtual Private Network (VPN)

FirewallIBMRepresentative

1.1.0.10

VPN Server

2.2.0.12.2.0.25

ConfidentialDatabase

2.2.0.2

Src IP: 2.2.0.25Dst IP: 2.2.0.2 Header

Payload

Src IP: 1.1.0.10Dst IP: 2.2.0.1

Src IP: 2.2.0.25Dst IP: 2.2.0.2

Header

EncryptedPayload

A secure hole


3/18

Motivation• The problem: MSU firewall cannot know what traffic is inside VPN

– Viruses or worms can enter into MSU’s networks

• Two straight forward ways

• Goal: MSU and IBM collaboratively enforce the firewall policy without MSU knowing IBM packet and IBM knowing MSU firewall

MSUFirewall

IBMVPN Server

packet×Firewall×


4/18

Related Work• Secure Function Evaluation (SFE) (Yao, 1982)

– Garbled circuits (Yao, 1986)• Computation cost is O(2b)

• Oblivious Attribute Certificates (OACerts) (Li et al., 2005)– Trusted third party– Expensive PKI operation

• Cross-Domain Cooperative Firewall (CDCF) (Cheng et al., 2007)– CDCF is insecure

• MSU knows which rule matches which packet– CDCF is inefficient

• It uses commutative encryption functions


5/18

Our Approach: VGuardMSU

FirewallIBM

VPN Serverf1(Firewall)

f2(f1(Firewall))

1. Compute f1(f2(packet))decision Filtering Protocol

f2(packet)

2. Search f1(f2(packet)) in f2(f1(Firewall))

Bootstrapping Protocol

• Key idea I: We propose Xhash protocol for oblivious comparison– Three orders faster than the commutative encryption

• Key idea II: We uses Firewall Decision Diagrams (FDD)– For security purpose, FDD can help to prevent MSU from knowing which

rule matches which packet– For efficiency purpose, processing packets using FDD is much more

efficient than using linear search


6/18

Oblivious Comparison• Oblivious comparison problem

• Xhash protocol

c1MSU

c2IBM

c1 = c2?

If c1 ≠ c2, no party should learn the value of the other party

MSU(K1) IBM(K2)h(c1⊕K1⊕K2)

c2⊕K2 Compute h(c2⊕K2⊕K1)

Compare with h(c1⊕K1⊕K2)

c1⊕K1


7/18

Membership Query• Membership query problem

• Solutions using Xhash protocol

[a, b] MSU cIBM

No party should learn the value of the other party

[3, 7] 5

Does c in the range [a,b]?

{011, 1**}

PF(5)={101, 10*,1**,***}

Prefix familyPrefix format

1** 1**


8/18

How to check the intersection of two sets in a privacy preserving manner ?

[3, 7] 5

{011, 1**}

PF(5)={101, 10*,1**,***}

Prefix familyPrefix format

MSU IBM

{01100, 10010}

{10111, 10010,10001,00011}

Prefix numericalization

Prefix numericalization{h(01100⊕K1⊕K2),

{01100⊕K1, 10010⊕K1}

h(10010⊕K1⊕K2)}

10111⊕K2, …,00011⊕K2

Store{h(01100⊕K1⊕K2), h(10010⊕K1⊕K2)}

Compute{h(10111⊕K2⊕K1), …, h(00011⊕K2⊕K1)}


9/18

The Bootstrapping Protocol (1/3)

• Why to prevent MSU from knowing which rule matches which packet?

acceptFF ]8,5[ ]4,1[ 21

f1(Firewall)

f2(f1(Firewall))

1. Compute f1(f2(packet))

decision Filtering Protocol

f2(packet)

2. Search f1(f2(packet)) in f2(f1(Firewall))

Bootstrapping Protocol

IBM cannot figure outFirewall by using f1(Firewall)

MSU may figure out packet by knowing the original rule that matches packet

f2(packet)match

acceptFF ]6,5[ ]2,1[ 21

change by MSU F1(packet) is in [1, 2]F2(packet) is not in [5, 6]

acceptFF ]8,7[ ]2,1[ 21

……


10/18


(0100010⊕K1, 0000010⊕K1) → a (0100010⊕K1, 0100011⊕K1) → a (1000010⊕K1, 0000010⊕K1) → a (1000010⊕K1, 0100011⊕K1) → a (0100010⊕K1, 0110011⊕K1) → d

……

discardFFacceptFFacceptFFacceptFF

]15,0[ ]15,0[ ]7,2[ ]15,12[ ]7,2[ ]3,0[ ]5,0[ ]11,4[

21

21

21

21

• Convert overlapping rules to non-overlapping rules

FDDconstruction

Prefixgeneration

Prefixnumericalization

XOR by MSURule

generation

Overlapping rules

Non-Overlapping rules

The order of non-overlapping rules does not affect their function


11/18


(0100010⊕K1, 0000010⊕K1) → a (0100010⊕K1, 0100011⊕K1) → a (1000010⊕K1, 0000010⊕K1) → a (1000010⊕K1, 0100011⊕K1) → a (0100010⊕K1, 0110011⊕K1) → d

……

(h (0100010⊕K1⊕K2), h(0000010⊕K1⊕K2)) → a (h(0100010⊕K1⊕K2), h(0100011⊕K1⊕K2)) → a

(h(1000010⊕K1⊕K2), h(0000010⊕K1⊕K2)) → a

(h(1000010⊕K1⊕K2), h(0100011⊕K1⊕K2)) → a

(h(0100010⊕K1⊕K2), h(0110011⊕K1⊕K2)) → d

……

(h(0100010⊕K1⊕K2), h(0000010⊕K1⊕K2)) → a(h(0100010⊕K1⊕K2), h(0100011⊕K1⊕K2)) → a(h(1000010⊕K1⊕K2), h(0000010⊕K1⊕K2)) → a(h(0100010⊕K1⊕K2), h(0110011⊕K1⊕K2)) → d(h(1000010⊕K1⊕K2), h(0100011⊕K1⊕K2)) → a

……

Send to IBM

IBM shuffles rules

Send back to MSU

(h(0100010⊕K1⊕K2), h(dummy1⊕K2)) → dIBM adddummy rules

MSU statistically analyze 1.Frequency of values2.Frequency of decisions


12/18

The Filtering Protocol (1/2)

(0101, 0011)

0101 0011010* 001*01** 00**0*** 0******* ****

0101100 00111000100011 00100110100010 00000100000001 00000010000000 0000000

0101100⊕K2 0011100⊕K2

0100011⊕K2 0010011⊕K2

0100010⊕K2 0000010⊕K2

0000001⊕K2 0000001⊕K2

0000000⊕K2 0000000⊕K2

h(0101100⊕K2⊕K1) h(0011100⊕K2⊕K1)h(0100011⊕K2⊕K1) h(0010011⊕K2⊕K1)h(0100010⊕K2⊕K1) h(0000010⊕K2⊕K1)h(0000001⊕K2⊕K1) h(0000001⊕K2⊕K1)h(0000000⊕K2⊕K1) h(0000000⊕K2⊕K1)

Prefix familygeneration

PrefixNumericalizaiton

XOR by IBM

XOR and HMACBy MSU

A Packet:


13/18

The Filtering Protocol (2/2)• To improve search efficiency, MSU can convert non-overlapping

rules to a FDD

(h(0100010⊕K1⊕K2), h(0000010⊕K1⊕K2)) → d(h(0100010⊕K1⊕K2), h(0100011⊕K1⊕K2)) → d(h(1000010⊕K1⊕K2), h(0110011⊕K1⊕K2)) → a(h(1000010⊕K1⊕K2), h(0100011⊕K1⊕K2)) → d(h(0100010⊕K1⊕K2), h(0110011⊕K1⊕K2)) → a(h(dummy5⊕K1⊕K2), h(dummy7⊕K1⊕K2)) → d

……


14/18

Experimental Results (1/3)• For real-life firewalls in bootstrapping protocol

– Bootstrapping cost of VGuard is lower than that of CDCF for most firewalls

MSU IBM


15/18

Experimental Results (2/3)• For real-life firewalls in filtering protocol

– VGuard is 552 times faster than CDCF on the MSU side– VGuard is 5035 times faster than CDCF on the IBM side

MSU

(Log scale)(Log scale)

• Two intuitive reasons for the better performance– Xhash is three orders faster than commutative encryption– FDD is much efficient to search the decision of a given packet

IBM


16/18

Experimental Results (3/3)• For synthetic firewall policies in filtering protocol

– VGuard is 252 times faster than CDCF on the MSU side– VGuard is 5529 times faster than CDCF on the IBM side

(Log scale)

MSU IBM

(Log scale)


17/18

Concluding Remarks

• VGuard is secure– VGuard prevents MSU from identifying which rule matches the

given packet

• VGuard is efficient– Xhash is three orders faster than the commutative encryption– VGuard uses firewall decision diagrams for processing packets

• Xhash is very efficient for oblivious comparison and can be used for other applications


18/18

Questions?

Thank you!

Collaborative Enforcement of Firewall Policies in Virtual Private Networks

Documents

Transcript of Collaborative Enforcement of Firewall Policies in Virtual Private Networks