8/2/2019 What is IPsec
1/35
Explained
8/2/2019 What is IPsec
2/35
Outline
IPsec What, Why and How?
IPsec Architecture
IPSec and SSL
8/2/2019 What is IPsec
3/35
What Is IPsec?
IPsec is a set of security protocols andalgorithms used to secure IP data at the networklayer.
IPsec provides
data confidentiality (encryption)
integrity (hash)
authentication (signatures and certificates)Access control
Detection and rejection of Replay Attacks
while maintaining the ability to route themthrough existing IP networks.
8/2/2019 What is IPsec
4/35
Security Issues in IP
source spoofing
replay packets no data integrity or
confidentiality
DOS attacks Replay attacks Spyingand more
Fundamental Issue: Networks are not (and
will never be) Fully secure
8/2/2019 What is IPsec
5/35
IPsec Architecture Two modes of propagation: Transport and Tunnel
Three situations:Host-host, host-gateway and gateway-gateway
Security Protocols: AH and ESP
Security Associations:Security parameter index (SPI)
Security policy database (SPD)
SA database (SAD)
Key management & Exchange: IKE (ISAKMP/Oakley) Cryptographic algorithms for authentications
and encryption
8/2/2019 What is IPsec
6/35
6
IPsec Transport Mode
IPsec datagram emitted and received by
end-system.
IPsec IPsec
8/2/2019 What is IPsec
7/357
IPsec Tunneling mode
In first case end routers are IPsec aware.
Hosts need not be.
IPsec IPsec
IPsecIPsec
8/2/2019 What is IPsec
8/35
8
Tunnel v/s Transport
IP header
IP header
IP header
TCP header
TCP header
TCP header
data
data
data
IPSec header
IPSec header IP header
Original
Transport
mode
Tunnel
mode
8/2/2019 What is IPsec
9/35
Two Security Protocols
Authentication Header (AH) protocol
provides source authentication & data integrity but notconfidentiality
Encapsulation Security Protocol (ESP)
provides source authentication, data integrity, and
confidentiality . more widely used than AH
Host modewith AH
Host modewith ESP
Tunnel modewith AH
Tunnel modewith ESP
Most common and
most important
8/2/2019 What is IPsec
10/35
Authentication Header (AH)
RFC 2402
provides support for data integrity &
authentication of IP packets end system/router can authenticate user/app
prevents address spoofing attacks by tracking sequence numbers
based on use of a message authentication code HMAC-MD5-96 or HMAC-SHA-1-96
MAC is calculated:
immutable IP header fields
AH header (except for Authentication Data field)
the entire upper-level protocol data (immutable)
parties must share a secret key
8/2/2019 What is IPsec
11/35
Encapsulating Security Payload
RFC 2406 provides message content confidentiality &
limited traffic flow confidentiality
can optionally provide the sameauthentication services as AH
supports range of ciphers, modes, padding
incl. DES, Triple-DES, RC5, IDEA, CAST etc CBC most common
pad to meet blocksize, for traffic flow
8/2/2019 What is IPsec
12/35
AH in Tunnel Mode
8/2/2019 What is IPsec
13/35
ESP in Tunnel Mode
8/2/2019 What is IPsec
14/35
Security Association - SA
Defined by 3 parameters: Security Parameters Index (SPI)
IP Destination Address
Security Protocol Identifier
Have a database of Security Associations
Determine IPSec processing for senders
Determine IPSec decoding for destination
SAs are not fixed. Generated and customized per
traffic flows
8/2/2019 What is IPsec
15/35
Security Parameters Index (SPI)
The SPI is a bit string assigned to the SA that has local
significance only.
The SPI is carried in AH and ESP headers to enable the
receiving system to select the SA under which a
received packet will be processed.
IP destination address
The IP address of the destination endpoint of the SA May
be an end-user system Or, a network system such as a
firewall or router.
Security Protocol Identifier
Indicates which IPSec protocol is in use on the SA
AH or ESP
8/2/2019 What is IPsec
16/35
Security Parameters Index - SPI
Can be up to 32 bits large
The SPI allows the destination to select the
correct SA under which the received packet
will be processed
According to the agreement with the sender
The SPI is sent with the packet by the sender
SPI + Dest IP address + IPSec Protocol (AH or
ESP) uniquely identifies a SA
E h SA ( i )
8/2/2019 What is IPsec
17/35
Each SA (contains)
Sequence number counter
Sequence counter overflow A flag indicating whether
overflow of the sequence number counter should generate anauditable event and prevent further transmission of packets onthis SA
Anti-replay window Used to determine whether an inboundAH or ESP packet is a replay, by defining a sliding window withinwhich the sequence number must fall
AH information
ESP information
Lifetime of this security association
IPSec protocol mode Tunnel or transport
Path MTU Any observed path maximum transmission unit(maximum size of a packet that can be transmitted withoutfragmentation) and aging variables (required for all
implementations)
8/2/2019 What is IPsec
18/35
SA Database - SAD
Holds parameters for each SA
Lifetime of this SA
AH and ESP information Tunnel or transport mode
Every host or gateway participating in
IPSec has their own SA database
8/2/2019 What is IPsec
19/35
Security Policy Database - SPD
What traffic to protect?
Policy entries define which SA or SA bundles
to use on IP traffic
Each host or gateway has their own SPD
Index into SPD by Selector fields
Dest IP, Source IP, Transport Protocol, IPSec
Protocol, Source & Dest Ports,
8/2/2019 What is IPsec
20/35
SPD Entry Actions
Discard Do not let in or out
Bypass
Outbound: do not apply IPSec Inbound: do not expect IPSec
Protect will point to an SA or SA bundle
Outbound: apply security Inbound: check that security must have been
applied
8/2/2019 What is IPsec
21/35
SPD Protect Actions
If the SA does not exist
Outbound processing: use IKE to
generate SA dynamically Inbound processing: drop packet
8/2/2019 What is IPsec
22/35
Few things to know
To decide which SA to useMay use: source and destination IP
address; protocol number.
Info in SPD indicates what to do with
arriving datagram;
Info in the SAD indicates how to do it.
8/2/2019 What is IPsec
23/35
Is it for IPSec?If so, which policyentry to select?
SPD
(Policy)
SA
Database
IP Packet
Outbound packet (on A)A B
SPI & IPSecPacket
Send to B
Determine the SAand its SPI
IPSec processing
Outbound Processing
8/2/2019 What is IPsec
24/35
Use SPI toindex the SAD
SA Database
Original IP Packet
SPI & Packet
Inbound packet (on B) A B
From A
Inbound Processing
SPD(Policy)
Was packet properlysecured?
un-process
d l
8/2/2019 What is IPsec
25/35
25
SPD and SADB Example
From To Protocol Port PolicyA B Any Any AH[HMAC-MD5]
Tunnel Mode
TransportMode
AC
B
As SPD
From To Protocol SPI SA Record
A B AH 12 HMAC-MD5 keyAs SADB
D
From To Protocol Port Policy Tunnel DestAny Any ESP[3DES] D Cs SPD
From To Protocol SPI SA Record
ESP 14 3DES keyCs SADB
Asub Bsub
Asub Bsub
8/2/2019 What is IPsec
26/35
26
# SAs encrypt w/ 192 bit keys & auth w/ 128 bit keys
Add 200.168.1.100 193.68.2.23 esp 0x201 -m tunnel -E 3des-cbc
0x7aeaca3f87d060a12f4a4487d5a5c3355920fae69a96c831 -A
hmac-md5 0xc0291ff014dccdd03874d9e8e4cdf3e6;
Add 193.68.2.23 200.168.1.100 esp 0x301 -m tunnel -E 3des-cbc
0xf6ddb555acfd9d77b03ea3843f2653255afe8eb5573965df -A
hmac-md5 0x96358c90783bbfa3d7b196ceabe0536b;
# Security policies
spdadd 172.16.1.0/24 172.16.2.0/24 any -P out ipsec
esp/tunnel/ 200.168.1.100 - 193.68.2.23 /require;
spdadd 172.16.2.0/24 172.16.1.0/24 any -P in ipsec
esp/tunnel/ 193.68.2.23 - 200.168.1.100 /require;
2 SAs
addedto SAD
SPI
2 policies
added
to SPD apply to all packets
8/2/2019 What is IPsec
27/35
Key Management IKE provides a standardized method for dynamically
authenticating IPSec peers, negotiating security services,and generating shared keys
There are five variations of an IKE negotiation:
Two modes (aggressive mode and main mode)
Three authentication methods (preshared, public keyencryption, and public key signature)
IKE has evolved from many different protocols and can be
thought of as having two distinct capabilities
ISAKMP (Key Management)
Oakley (Key Distribution)
8/2/2019 What is IPsec
28/35
ISAKMP
Internet Security Association and Key
Management Protocol (RFC 2407)
provides framework for key management
defines procedures and packet formats to
establish, negotiate, modify and delete SAs
independent of key exchange protocol,
encryption algorithm and authentication method
8/2/2019 What is IPsec
29/35
Oakley
RFC 2412
a key exchange protocol
based on Diffie-Hellman key exchange adds features to address weaknesses
cookies, groups (global params), nonces, DH
key exchange with authentication can use arithmetic in prime fields or elliptic
curve fields
8/2/2019 What is IPsec
30/35
Diffie-Hellman is a standard method of Alice and Bob being able
to communicate, and end up with the same secret encryption
key
8/2/2019 What is IPsec
31/35
8/2/2019 What is IPsec
32/35
8/2/2019 What is IPsec
33/35
8/2/2019 What is IPsec
34/35
IPsec v/s SSL
IPSEC is a huge and overly complicated set ofcrypto protocols while SSL is a just a securetransport layer.
IPSec works at the Network Layer; SSL works atthe Application layer. SSL is clientless, IPSec needsa provisioned client.
SSL works in many more locations since it does
not need to deal with NAT which is enabled in somany places and prevents IPSec from workingeasily.
8/2/2019 What is IPsec
35/35
References
Top Related