Presentation is loading. Please wait.

Presentation is loading. Please wait.

IPSEC Modes of Operation. Breno de MedeirosFlorida State University Fall 2005 IPSEC  To establish a secure IPSEC connection two nodes must execute a.

Published byClaire Norman Modified over 8 years ago

Similar presentations

Presentation on theme: "IPSEC Modes of Operation. Breno de MedeirosFlorida State University Fall 2005 IPSEC  To establish a secure IPSEC connection two nodes must execute a."— Presentation transcript:

1 IPSEC Modes of Operation

2 Breno de MedeirosFlorida State University Fall 2005 IPSEC  To establish a secure IPSEC connection two nodes must execute a key agreement protocol.  The sub-protocol of IPSEC that handles key negotiations is called IKE (Internet Key Exchange).  First, assume two nodes have agreed on keys (via IKE) and see how they proceed to protect their communication via IPSEC.

3 Breno de MedeirosFlorida State University Fall 2005 Security Associations  An IPsec protected connection is called a security association.  IPsec is a level-3 protocol (runs on top of IP), and below TCP/UDP  Security associations may either be end-to-end or link-to-link.  Two modes of encapsulating IPsec data into an IP packet define two modes of operation:  Transport mode and tunnel mode.

4 Breno de MedeirosFlorida State University Fall 2005 Security Parameter Index (SPI)  The IPsec protocol maintains two databases:  Security association database. Indexed by SPI’s, contains the information needed to encapsulate packets for one association: cryptographic algorithms, keys, sequence numbers, etc.  Security policy database: Allows for implementation of packet filtering policies. Defines whether or not to accept non-protected packets, what to require, etc.

5 Breno de MedeirosFlorida State University Fall 2005 Transport mode IPheaderpayload IPheaderIPsec headerpayload Transport mode was designed to save bandwidth in end-to-end associations. The payload is typically encrypted and authenticated. The IPheader is in the clear, and may or may not be authenticated.

6 Breno de MedeirosFlorida State University Fall 2005 Transporting AliceBob IP packet p 1 Sender=Alice Recipient=Bob IP packet p 2 (IPsec transport) Sender=Alice Recipient=Bob IP packet p 1

7 Breno de MedeirosFlorida State University Fall 2005 Tunnel Mode IPheaderpayload new IP hdrIPsec hdrIPheaderpayload Tunnel mode protects both the payload and IP header of the original packet. If encryption is used between gateways in tunnel mode, then it reduces information for traffic analysis.

8 Breno de MedeirosFlorida State University Fall 2005 Tunneling IP packet p 1 Sender=Alice Recipient=Bob Alice Gateway G 1 Gateway G 2 IP packet p 2 (IPsec tunnel) Sender=G 1 Recipient=G 2 IP packet p 1 Bob

9 Breno de MedeirosFlorida State University Fall 2005 Adding IPSec to IPv4 version: 4bits header length: 4bits (unit = 4-octet) type of service: 1 octet packet length: 2 octets packet identification: 2 octets flags: 3 bits fragment offset: 13 bits hops remaining (TTL): 1 octet protocol: 1 octet header checksum: 2 octets source address: 4 octets destination address: 4 octets options: variable Regular IP protocol values: TCP=6; UDP=17; IP= 4 IPsec protocol values: ESP=50 and AH=51 The communication protocols are specified in the IPsec header

10 Breno de MedeirosFlorida State University Fall 2005 Adding IPsec to IPv6 version| type of service | flow label: 4 octets payload length: 2 octets next header: 1 octet (specifies protocol) TTL: 1 octet source address: 16 octets destination address: 16 octets

11 Breno de MedeirosFlorida State University Fall 2005 Authentication Header (AH) next hdr: 1 octet (communication protocol) payload length: (AH header length): 1 octet unused: 2 octets SPI (Security Parameter Index): 4 octets sequence number: 4 octets authentication data: variable The Authentication Header authenticates data -- the protocol field is unencrypted, so it is available for firewall rule-based decisions. AH authenticates not only the IP payload but all “immutable” IP header components, such as source and destination addresses. This creates incompatibilities with NAT boxes in end-to-end associations.

12 Breno de MedeirosFlorida State University Fall 2005 ESP (Encapsulating Security Payload)  ESP allows for encryption, as well as authentication.  Both are optional, defined by the SPI and policies.  ESP does not protect the IP header, only the payload  But, in tunnel mode everything is encapsulated  If ESP encryption is enabled, then everything after the ESP header is encrypted  Communication protocol, ports (NATs and firewalls need this information).

13 Breno de MedeirosFlorida State University Fall 2005 ESP encapsulation SPI (Security parameter Index): 4 octets sequence number: 4 octets IV (initialization vector): variable data: variable padding: variable padding length: 1 octet (unit length: octets) next header/protocol type authentication data

14 IKE Internet Key Exchange

15 Breno de MedeirosFlorida State University Fall 2005 IKE Phases  In a design similar to Kerberos, IKE performs a phase 1 mutual authentication based on public keys and phase 2 re-authentication based on shared secrets (from phase 1).  This allows multiple SAs to re-use the same handshake.  Phase 1 has two modes:  Aggressive mode (3 messages)  Main mode (6 messages)

16 Breno de MedeirosFlorida State University Fall 2005 IKE Phase 1: Aggress. Mode Alice Bob g a mod p, “Alice”, supported crypto g b mod p, choice crypto, proof(“I’m Bob”) proof(“I’m Alice”) In aggressive mode, Alice chooses some Elgamal context (p, g). Bob may not support it, and reject the connection. If that happens, Alice should try and connect to Bob using main mode. Aggressive mode provides mutual authentication, and a shared secret g ab mod p, which can be used to derive keys for the symmetric crypto protocols.

17 Breno de MedeirosFlorida State University Fall 2005 IKE Phase 1: Main Mode Alice Bob g a mod p supported crypto suites chosen crypto suite g b mod p K{“Alice”, proof I’m Alice} K{“Bob”, proof I’m Bob} K= g ab mod p

Download ppt "IPSEC Modes of Operation. Breno de MedeirosFlorida State University Fall 2005 IPSEC  To establish a secure IPSEC connection two nodes must execute a."

Similar presentations

IP Security have considered some application specific security mechanisms –eg. S/MIME, PGP, Kerberos, SSL/HTTPS however there are security concerns that.

IP Security have considered some application specific security mechanisms –eg. S/MIME, PGP, Kerberos, SSL/HTTPS however there are security concerns that.
Internet Protocol Security (IP Sec)

Internet Protocol Security (IP Sec)
CS470, A.SelcukIPsec – AH & ESP1 CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.

CS470, A.SelcukIPsec – AH & ESP1 CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.
Internet Security CSCE 813 IPsec

Internet Security CSCE 813 IPsec
Working Connection Computer and Network Security - SSL, IPsec, Firewalls – (Chapter 17, 18, 19, and 23)

Working Connection Computer and Network Security - SSL, IPsec, Firewalls – (Chapter 17, 18, 19, and 23)
IPSec: Authentication Header, Encapsulating Security Payload Protocols CSCI 5931 Web Security Edward Murphy.

IPSec: Authentication Header, Encapsulating Security Payload Protocols CSCI 5931 Web Security Edward Murphy.
Network Security. Reasons to attack Steal information Modify information Deny service (DoS)

Network Security. Reasons to attack Steal information Modify information Deny service (DoS)
NAT TRAVERSAL FOR IPSEC Research Seminar on Datacommunications Software HIIT 09.11.2005.

NAT TRAVERSAL FOR IPSEC Research Seminar on Datacommunications Software HIIT
Information System Security AABFS-Jordan Summer 2006 IP Security Supervisor :Dr. Lo'ai Ali Tawalbeh Done by: Wa’el Musa Hadi.

Information System Security AABFS-Jordan Summer 2006 IP Security Supervisor :Dr. Lo'ai Ali Tawalbeh Done by: Wa’el Musa Hadi.
Chapter 5 Network Security Protocols in Practice Part I

Chapter 5 Network Security Protocols in Practice Part I
Chapter 13 IPsec. IPsec (IP Security)  A collection of protocols used to create VPNs  A network layer security protocol providing cryptographic security.

Chapter 13 IPsec. IPsec (IP Security)  A collection of protocols used to create VPNs  A network layer security protocol providing cryptographic security.
ECE 454/CS 594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall.

ECE 454/CS 594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall.
1 Lecture 15: IPsec AH and ESP IPsec introduction: uses and modes IPsec concepts –security association –security policy database IPsec headers –authentication.

1 Lecture 15: IPsec AH and ESP IPsec introduction: uses and modes IPsec concepts –security association –security policy database IPsec headers –authentication.
Henric Johnson1 Ola Flygt Växjö University, Sweden +46 470 70 86 49 IP Security.

Henric Johnson1 Ola Flygt Växjö University, Sweden IP Security.
IPSec Isaac Ghansah.

IPSec Isaac Ghansah.
IP Security IPSec 2 * Essential Network Security Book Slides. IT352 | Network Security |Najwa AlGhamdi 1.

IP Security IPSec 2 * Essential Network Security Book Slides. IT352 | Network Security |Najwa AlGhamdi 1.
IP Security. Overview In 1994, Internet Architecture Board (IAB) issued a report titled “Security in the Internet Architecture”. This report identified.

IP Security. Overview In 1994, Internet Architecture Board (IAB) issued a report titled “Security in the Internet Architecture”. This report identified.
CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.

CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.
Crypto – chapter 16 - noack Introduction to network stcurity Chapter 16 - Stallings.

Crypto – chapter 16 - noack Introduction to network stcurity Chapter 16 - Stallings.
IPsec – IKE CS 470 Introduction to Applied Cryptography

IPsec – IKE CS 470 Introduction to Applied Cryptography

Similar presentations

Ads by Google