CSE543 Computer (and Network) Security - Fall 2006 - Professor JaegerCSE 543 - Computer Security(Fall 2006)Lecture 17 - Network SecurityNovember 2, 2005URL: http://www.cse.psu.edu/~tjaeger/cse543-f06/1CSE543 Computer (and Network) Security - Fall 2006 - Professor JaegerCommunications Security•Harden the communication against mal-intent ...2http://artfiles.art.com/images/-/Philip-Gendreau/Jolly-Roger-the-Pirates-Flag-Giclee-Print-C10274009.jpegCSE543 Computer (and Network) Security - Fall 2006 - Professor JaegerCommunications Security•A host wants to establish a secure channel to remote hosts over an untrusted network•Not Login – end-users may not even be aware that protections in place•Remote hosts may be internal or external•The protection service must …•Authenticate the end-points (each other)•Negotiate what security is necessary (and how)•Establish a secure channel•Process the traffic between the end points3CSE543 Computer (and Network) Security - Fall 2006 - Professor JaegerIPsec (not IPSec!)•Host level protection service•IP-layer security (below TCP/UDP)•De-facto standard for host level security•Developed by the IETF (over many years)•Now available in most operating systems•E.g., Available in XP, OS X, Linux, BSD*, …•Implements a wide range of protocols and cryptographic algorithms•Provides ….•Confidentiality, integrity, authenticity, replay protection, DOS protection4CSE543 Computer (and Network) Security - Fall 2006 - Professor JaegerIPsec Protocols and the stack•IPsec puts the two main protocols in between IP and the other protocols•AH - authentication header•ESP - encapsulating security payload•Tunnel vs. transport?•Key management/authentication•Policy•Other function provided by external protocols and architecturesSMTPFTPTCPHTTPESPAHIPUDP5CSE543 Computer (and Network) Security - Fall 2006 - Professor JaegerTunneling•“IP over IP”•Network-level packets are encapsulated •Allows traffic to avoid firewallsIP layer…IP layer…6CSE543 Computer (and Network) Security - Fall 2006 - Professor JaegerIPsec Protocol Suite(IKE)Internet KeyExchange(AH)AuthenticationHeader(ESP)EncapsulatingSecurity Payload(SPS)Security Policy SystemManualPolicy/Configuration ManagentKey ManagementPacket Processing7CSE543 Computer (and Network) Security - Fall 2006 - Professor JaegerInternet Key Exchange (IKE)•Built on of ISAKMP framework•Two phase protocol used to establish parameters and keys for session•Phase 1: negotiate parameters, authenticate peers, establish secure channel•Phase 2: Establish a security association (SA)•The details are unimaginably complex•The SA defines algorithms, keys, and policy used to secure the session8CSE543 Computer (and Network) Security - Fall 2006 - Professor JaegerIPsecIPsec: Packet Handling (Bump …)Network (IP)PhysicalApplicationPresentationSessionTransportData LinkIP Protocol StackSADB9CSE543 Computer and Network Security - Fall 2006 - Professor Jaeger Page Authentication Header (AH)•Authenticity and integrity–via HMAC–over IP headers and data•Advantage: the authenticity of data and IP header information is protected–it gets a little complicated with mutable fields, which are supposed to be altered by network as packet traverses the network–some fields a immutable, and are protected•Confidentiality of data is not preserved•Replay protection via AH sequence numbers–note that this replicates some features of TCP (good?)10CSE543 Computer (and Network) Security - Fall 2006 - Professor JaegerIPsec AH Packet FormatIPv4 Header IPv4 AH Packet FormatNext Header Length ReservedSecurity Parameter IndexAuthentication Data (variable number of 32-bit words)AH Header Format11Authentication HeaderHigher Level Protocol DataCSE543 Computer and Network Security - Fall 2006 - Professor Jaeger Page Authentication Header (AH)•Modifications to the packet format12IP HeaderAH HeaderMACPayloadAH PacketEncryptedAuthenticatedIP Header PayloadCSE543 Computer (and Network) Security - Fall 2006 - Professor JaegerIPsec Authentication • SPI: (spy) identifies the security association for this packet– Type of crypto checksum, how large it is, and how it is computed– Really the policy for the packet• Authentication data– Hash of packet contents include IP header as as specified by SPI– Treat transient fields (TTL, header checksum) as zero • Keyed MD5 Hash is default Headers and data being sentKey KeySecret KeyMD5 Hash13CSE543 Computer and Network Security - Fall 2006 - Professor Jaeger Page Encapsulating Security Payload (ESP)•Confidentiality, authenticity and integrity–via encryption and HMAC–over IP payload (data)•Advantage: the security manipulations are done solely on user data–TCP packet is fully secured–simplifies processing•Use “null” encryption to get authenticity/integrity only•Note that the TCP ports are hidden when encrypted–good: better security, less is known about traffic–bad: impossible for FW to filter/traffic based on port•Cost: can require many more resources than AH14CSE543 Computer (and Network) Security - Fall 2006 - Professor JaegerIPsec ESP Packet FormatIPv4 ESP Packet FormatIP HeaderOther IP HeadersESP Header Encrypted DataESP Header FormatSecurity Parameter Identifier (SPI)Opaque Transform Data, variable length Unencrypted EncryptedSecurity Parameters Index (SPI)Initialization Vector (optional)Replay Prevention Field (incrementing count)Payload Data (with padding)Authentication checksumDES + MD5 ESP Format15CSE543 Computer and Network Security - Fall 2006 - Professor Jaeger Page Encapsulating Security Payload (ESP)•Modifications to packet format16IP Header ESP Header Payload ESP Trailer MACESP PacketEncryptedAuthenticatedIP Header PayloadCSE543 Computer (and Network) Security - Fall 2006 - Professor JaegerPractical Issues and Limitations•IPsec implementations•Often not compatible (ungh.)•Large footprint•resource poor devices are in trouble•New standards to simplify (e.g, JFK, IKE2)•Slow to adopt new technologies•Issues•IPsec tries to be “everything for everybody at all times” •Massive, complicated, and unwieldy•Policy infrastructure has not emerged •Large-scale management tools are limited (e.g., CISCO)•Often not used securely (common pre-shared keys)17CSE543 Computer (and Network) Security - Fall 2006 - Professor JaegerIsolation•Countermeasure to physically separate the devices/environment
View Full Document
Unlocking...