Chapter 6OutlineTCP/IP ExampleIPv4 HeaderIPv6 HeaderIP Security OverviewSlide 7IP Security ScenarioSlide 9IP Security ArchitectureIPSec Document OverviewIPSec ServicesSecurity Associations (SA)PowerPoint PresentationBefore applying AHTransport Mode (AH Authentication)Tunnel Mode (AH Authentication)Authentication HeaderEnd-to-end versus End-to-Intermediate AuthenticationEncapsulating Security PayloadEncryption and Authentication AlgorithmsESP Encryption and AuthenticationSlide 23Combinations of Security AssociationsSlide 25Slide 26Slide 27Key ManagementOakleyISAKMPISAKMP Payload TypesISAKMP Exchange TypesRecommended Reading1Chapter 6Chapter 6IP SecurityHenric JohnsonBlekinge Institute of Technology, Swedenhttp://www.its.bth.se/staff/hjo/[email protected] by Andrew Yang2OutlineOutline•Internetworking and Internet Protocols (Appendix 6A)•IP Security Overview•IP Security Architecture•Authentication Header•Encapsulating Security Payload•Combinations of Security Associations•Key Management3TCP/IP ExampleTCP/IP Example4IPv4 HeaderIPv4 Header5IPv6 HeaderIPv6 Header6IP Security OverviewIP Security Overview•IPSec is not a single protocol. •Instead, IPSec provides a set of security algorithms plus a general framework that allows a pair of communicating entities to use whichever algorithms to provide security appropriate for the communication.7IP Security OverviewIP Security Overview•Applications of IPSec–Secure branch office connectivity over the Internet–Secure remote access over the Internet–Establsihing extranet and intranet connectivity with partners–Enhancing electronic commerce security8IP Security ScenarioIP Security Scenario9IP Security OverviewIP Security Overview•Benefits of IPSec–Transparent to applications (below transport layer (TCP, UDP)–Provide security for individual users•IPSec for route/router security:–A router or neighbor advertisement comes from an authorized router–A redirect message comes from the router to which the initial packet was sent–A routing update is not forged10IP Security ArchitectureIP Security Architecture•IPSec documents:–RFC 2401: Security Architecture for the Internet Protocol.>S. Kent, R. Atkinson. November 1998. (An overview of security architecture)–RFC 2402: IP Authentication Header.>S. Kent, R. Atkinson. November 1998. (Description of a packet encryption extension to IPv4 and IPv6)–RFC 2406: IP Encapsulating Security Payload (ESP).>S. Kent, R. Atkinson. November 1998. (Description of a packet emcryption extension to IPv4 and IPv6)–RFC 2408: Internet Security Association and Key Management Protocol (ISAKMP).>D. Maughan, M. Schertler, M. Schneider, J. Turner. November 1998. (Specification of key managament capabilities)11IPSec Document OverviewIPSec Document Overview12IPSec ServicesIPSec Services•Access Control•Integrity–Connectionless integrity (aka. data integrity)–Rejection of replayed packets (a form of partial sequence integrity)–Data origin authentication (aka. origin integrity)•Confidentiality –Data confidentiality (encryption)–Limited traffic flow confidentiallity (to prevent traffic analysis)•Refer to http://www.linuxexposed.com/Articles/General/The-longest-short-IP-Sec-Paper.html13Security Associations Security Associations (SA)(SA)•A one way relationsship between a sender and a receiver.•Identified by three parameters:–Security Parameter Index (SPI)–IP Destination address–Security Protocol Identifier14Transport Mode SATunnel Mode SAAHAuthenticates IP payload and selected portions of IP header and IPv6 extension headersAuthenticates entire inner IP packet plus selected portions of outer IP headerESPEncrypts IP payload and any IPv6 extesion headerEncrypts inner IP packetESP with authenticationEncrypts IP payload and any IPv6 extesion header. Authenticates IP payload but no IP headerEncrypts inner IP packet. Authenticates inner IP packet.15Before applying AHBefore applying AH16Transport Mode (AH Transport Mode (AH Authentication)Authentication)17Tunnel Mode (AH Tunnel Mode (AH Authentication)Authentication)18Authentication HeaderAuthentication Header•Provides support for data integrity and authentication (MAC code) of IP packets.•Guards against replay attacks.19End-to-end versus End-End-to-end versus End-to-Intermediate to-Intermediate AuthenticationAuthentication20Encapsulating Security Encapsulating Security PayloadPayload•ESP provides confidentiality services21Encryption and Encryption and Authentication Authentication AlgorithmsAlgorithms•Encryption:–Three-key triple DES–RC5–IDEA–Three-key triple IDEA–CAST–Blowfish•Authentication:–HMAC-MD5-96–HMAC-SHA-1-9622ESP Encryption and ESP Encryption and AuthenticationAuthentication23ESP Encryption and ESP Encryption and AuthenticationAuthentication24Combinations of Combinations of Security AssociationsSecurity Associations25Combinations of Combinations of Security AssociationsSecurity Associations26Combinations of Combinations of Security AssociationsSecurity Associations27Combinations of Combinations of Security AssociationsSecurity Associations28Key ManagementKey Management•Two types:–Manual–Automated•Oakley Key Determination Protocol•Internet Security Association and Key Management Protocol (ISAKMP)•RFCs:–RFC2412 The OAKLEY Key Determination Protocol. H. Orman. November 1998. (INFORMATIONAL)–RFC2409 The Internet Key Exchange (IKE).>D. Harkins, D. Carrel. November 1998 (PROPOSED STANDARD)–RFC2408 Internet Security Association and Key Management Protocol (ISAKMP). D. Maughan, M. Schertler, M. Schneider, J. Turner. November 1998 (PROPOSED STANDARD)29OakleyOakley•Three authentication methods:–Digital signatures–Public-key encryption–Symmetric-key encryption30ISAKMPISAKMP• All payloads All payloads bvegin with the bvegin with the same generic same generic payload header.payload header. The ‘Next The ‘Next Payload’ field has Payload’ field has a value of 0 if this a value of 0 if this is the last payload is the last payload in the mesg.in the mesg. Otherwise it Otherwise it contains the type contains the type of the next of the next payload.payload.31ISAKMP Payload TypesISAKMP Payload Types32ISAKMP Exchange ISAKMP Exchange TypesTypes• ISAKMP provides a ISAKMP provides a fraework fo rmessage fraework fo rmessage exchange, with the payload exchange, with the payload types as the building blocks.types as the building blocks.Five default