PowerPoint PresentationOUTLINEINTRODUCTION AND TERMSESP OVERVIEWESP OVERVIEW (cont.)ESP PACKET FORMATPACKET FIELDSPACKET FIELDS (CONT.)ESP MODESESP MODES (CONT.)ESP PACKET PROCESSINGSlide 12WHY ESP?SECURITY CONSIDERATIONSSECURITY CONSIDERATIONS (cont.)PERFORMANCE IMPACTSConclusionREFERENCESEncapsulation Security PayloadProtocolLan VuOUTLINE1. Introduction and terms2. ESP Overview3. ESP Packet Format4. ESP Fields5. ESP Modes6. ESP packet processing7. Why ESP?8. Security Considerations9. ESP Performance Impacts10. ConclusionINTRODUCTION AND TERMS•Internet Protocol Security (IPSec): a security function implemented at the IP level of the protocol stack.•Security Association (SA): is used to track a given communication session. It defines the information about the traffic security protocol, the authentication algorithm, and the encryption algorithm to be used. Also, it gives the information on data flow, lifetime of the SA and sequence numbering to guard against replay attacks.ESP OVERVIEW•ESP protocol (i.e. traffic security protocol) is used in an IPsec transmitted over IP. •ESP is identified by protocol number 50. •ESP provides optional services to provide the protection for anything such as authentication, encryption, and integrity check for IP datagrams. It operates on a per-packet basis.+ Encryption scrambles the data packet to prevent unauthorized people from reading the message.+ Authentication verifies that the source address was not forged.+ Anti replay mechanism ensures the packet was not tampered while in route to its destination.ESP OVERVIEW (cont.)•The desired services to be used are selectable upon establishment of the security association (SA). •Encryption is selectable independent of any other services. If encryption is enabled, then integrity check and authentication should be turned on as well. If only encryption is used, intruders could forge packets in order to mount a cryptanalytic attack.ESP PACKET FORMATThere is an ESP header, an ESP trailer, and ESP authentication data. The payload is located (encapsulated) between the header and the trailer, which gives the protocol its name.PACKET FIELDSThe ESP packet contains the following fields:•Security Parameter Index (SPI) This field is 32 bits in length•Sequence Number This 32-bit field is an increasing counter, and again follows the AH definitions. It is used to prevent replay attacks.•Payload Data + This field is mandatory.+ It consists of a variable number of bytes of data described by the Next Header field. + PD is encrypted with the cryptographic algorithm selected during SA establishment. If the algorithm requires initialization vectors (CBC), they will be included here as well.+ Algorithms supported:–DES (CBC) – TDEA (three key)–IDEA – Three key triple IDEA–CAST – Blowfish–RC5PACKET FIELDS (CONT.)•Padding:ie. to ensure that the bits to be encrypted are a multiple of blocksize•Authentication Data + This optional field is variable in length.+ Authenticate packet using MD5 or SHA-1 with a key (i.e. HMAC) or without a key to create a unique “hash” or “digest” of the contents of the packet. + IP header is not covered in the AD+ The AD is calculated from the SPI to the Next Header field inclusive.ESP MODES•Transport Mode Here the ESP header is inserted immediately after the IP header. The ESP trailer and the optional authentication data are appended to the payload. In transport mode, ESP neither authenticates nor encrypts the IP header. But this mode has a low computational overhead.ESP MODES (CONT.)•Tunnel Mode Here, a new IP packet is made with a new IP header. ESP/Transport is then applied and the original datagram is the payload for the new packet. If authentication and encryption have been initiated, the packet is protected. However, the new IP header is not protected.ESP PACKET PROCESSING•Sender Processes:1. Look up SA2. Packet encryption and authentication data+Encapsulate the original next layer protocol information or the entire original IP datagram+Add necessary padding+Encrypt the result using the key and encryption algorithm mode specified in SA+Compute the authenticate data over the ESP packet using hash functions.3. Generate sequence numberESP PACKET PROCESSING•Receiver Processes:1. Determines the appropriate SA2. Verify sequence number3. Verify the decryption and authentication+ Decrypts and integrity check the ESP payload data, padding, pad length, and next header using the key, algorithm, algorithm mode indicated by SA+ If the check fail, discard the packet and log the SPI value, date/time received, source address, destination address, the sequence number.+ Process any padding+ Check the next header field, if the value is “59”, the packet is discard .+ Extract the original IP datagram or transport-layer fram from the ESP Payload Data field.WHY ESP?•Data origin authentication is a security service that verifies the identity of the claimed source of data •Confidentiality is the security service that protects data from unauthorized parties. + the disclosure of application level data is protected by encrypting the payload data . + the disclosure of external characteristics of communication, also known as the traffic-flow confidentiality that is support by concealing source and destination addresses, message length, or frequency of communication. •Anti-replay detects arrival of duplicate IP datagram (using sliding receive window). It is supported by the sequence number which is an unsigned 32-bit field contains a monotonically increasing counter value in ESP headerSECURITY CONSIDERATIONS•The quality of the security provides by this ESP mechanism depends on- The strength of the implemented cryptographic algorithms- The strength of the key being used- The correct implementation of the cryptographic algorithms- The security of the key management protocol- The correct implementation of IP - Several security mechanisms in all of the participating systems. •The ESP protocol is described as a security service focuses only on the IP layer. Not solve the secure of the system.SECURITY CONSIDERATIONS (cont.)•Advantage: + Higher-level services protect a single protocol. + Lower level services protect a single medium.Therefore, Can protect any protocol running above IP and any medium which IP runs over.+ Attacks on higher-level protocols more difficult. •Limitations+ Not end-to-end+ Authenticate machine not users+ Does not stop traffic
View Full Document