3Major Cryptographic Systems LayerCryptographic SystemApplicationKerberosTransportSSL/TLSWAN e.g.InternetIPsecData LinkPPTP, L2TP (really only a tunneling system)PhysicalNot applicable. No messages are sent at thislayer—only individual bits
4Securing Network Communication: What Are the Challenges? Challenges to securing network communication include:Preventing data modification while in transitPreventing data from being read and interpreted while in transitKeeping data secure from unauthorized usersKeeping data from being captured and replayed
5What Is Internet Protocol Security? IPSec: A framework of open standards to ensure private, secure communications over IP networks through the use of cryptographic security servicesIPSec provides the following benefits:Transparent to users and applicationsProvides restricted access to serversCustomizable security configurationCentralized IPSec policy administration through Active DirectorySupports authentication and encryption of traffic.Certifies the originator of the packet.Protects the data from interception and tampering while in transit.
7IPsecIPSec consists of two Internet protocol extensions: the Authentication Header (AH) and the Encapsulating Security Payload (ESP) that support creation of secure networks.Access is controlled by a companion key management protocol called the Internet Key Exchange (IKE).
8IPsecTogether, IPSec and IKE ensure that authorized parties may exchange private IP packets securely over a public network.Packet content is kept confidential by applying encryption and protected against modification through digital signing. IPSec can be used to securely “tunnel” packets to routers or firewalls over a WAN, or to securely “transport” packets end to- end between desktops and servers.
9IPsec Operation: Transport Modes SiteNetworkSiteNetworkSecure ConnectionSecurityin SiteNetworkSecurityin SiteNetworkExtraSoftwareRequiredExtraSoftwareRequired3. IPSEC (IP SECURITY)Unit 6 noted that virtual private networks (VPNs) use a family of security standard collectively called IPsec (IP security). This section looks at IPsec in more depth.3.1. Secure communication Systems and internet Layer Protection:SSL: Transport Layer SecuritySecure Socket Layer (SSL), which the IETF calls Transport Layer Security, as the latter name indicates, operates at the transport layer. This allows it to protect multiple applications.IPsec: Internet Layer SecurityIn contrast, IPsec operates at the internet layer. This allows it to provide security for the transport layer, including all TCP and UDP traffic, and all other traffic carried in the data field of the IP packet, including ICMP and OSPF and even tunneled IP packets and PPP packets, as discussed later in this unit.IPsec for Both IPV4 and IPV6IPsec was originally intended for the new version of the Internet Protocol, IP Version 6 (IPv6). However, it was actually created so that it can be used with IP Version (IPv4) as well. In other words, no matter which version of IP your network uses, IPsec will protect it.3.2. Transport and Tunnel ModesThe most basic concept in IPsec is that there are two IPsec modes, that is, ways of operating. As Figure 1 indicates, these are the transport mode and the tunnel mode. We looked at tunnel mode in Unit 6 (VPN).Transport ModeAs Figure 1 indicates, transport mode is used for host-to-host security. Transport mode allows two hosts to communicate securely without regard to what else is happening on the network.The figure notes that an IPsec header is inserted after the main IP header. As cussed below, this header provides protection for higher-layer protocols, that is, transport and application layer protocols.In some cases, it may also provide limited protection for the IP header before it.However, because the IP destination address is needed to route the packet to the de nation host, the IP header must be transmitted in the clear, without encryption. This allows a snooper listening to the network traffic to understand your distribution of addresses, and this can lead to certain types of attacks.Tunnel ModeIn contrast, Figure 1 shows that tunnel mode normally is used to protect communication between two IPsec servers at different sites. These servers send traffic between sites through the Internet in secure "tunnels." We saw this mode in unit 6.In tunnel mode, even the original IP header is fully protected. The transmitting IP server encapsulates the original IP packet in a new IP packet by adding a new IP header and an IPsec header. Encapsulating a protocol's message within another protocol message at the same layer (in this case, an IP packet within another IP packet) is known as tunneling.The destination address in the new IP header is the IP address of the destination IPsec server, not the IP address of the ultimate destination host. Therefore, if an adversary snoops on the company's traffic, the only IP addresses it will see will be those of the site security servers. The adversary will learn nothing about other IP addresses.The source IPsec server receives original IP packets and encapsulates them as shown in the figure. The receiving IPsec server, in turn, de-encapsulates the original IP packet sends it on its way to the destination host within the receiving IPsec server's site network.Combining ModesThe two IPsec modes cai1 be combined. For instance, two hosts may use transport mode for end-to-end security. At the same time, their packets may be intercepted by IF servers at their sites for tunneling through the Internet to the IPsec server at the other site.For this to happen, the source host would add transport mode IPsec security to each outgoing packet. The source IPsec server would then encapsulate each packet within a tunnel mode IP packet.The receiving IPsec server would de-encapsulate the original packet and pass it on to the destination host. The destination host would then remove the transport mode security and read the information contained in the packet's data field.Secure onthe WAN e.g. Internet
10IPsec Operation: Tunnel Modes ServerIPsecServerSiteNetworkSiteNetworkTunneledConnectionNoSecurityin SiteNetworkNoSecurityin SiteNetworkNoExtraSoftwareNoExtraSoftwareSecure onthe WAN e.g. Internet
12Security Association (SA) One of the most important concepts in IPSec is called a Security Association (SA). Defined in RFC 1825.SAs are the combination of a given Security Parameter Index (SPI) and Destination Address.SAs are one way. A minimum of two SAs are required for a single IPSec connection.
13Security Association (SA) SAs contain parameters including:Authentication algorithm and algorithm modeEncryption algorithm and algorithm modeKey(s) used with the authentication/encryption algorithm(s)Lifetime of the keyLifetime of the SASource Address(es) of the SASensitivity level (ie Secret or Unclassified)
14How IPSec works: Phase 1Internet Key Exchange (IKE) is used to setup IPSec.IKE Phase 1:Establishes a secure, authenticated channel between the two computersAuthenticates and protects the identities of the peersNegotiates what SA policy to usePerforms an authenticated shared secret keys exchangeSets up a secure tunnel for phase 2Main Mode or Aggressive mode
15How IPSec works: Phase 1 Main Mode IKE Aggressive Mode IKE Negotiate algorithms & hashes.Generate shared secret keys using a Diffie-Hillman exchange.Verification of Identities.Aggressive Mode IKESqueezes all negotiation, key exchange, etc. into less packets.Advantage: Less network traffic & faster than main mode.Disadvantage: Information exchanged before a secure channel is created. Vulnerable to sniffing.
16Establishing IPsec Security Associations Using IKE Internet Key ExchangeSecurity AssociationUDP Port 500Party AParty BFirst establish IKE association and protected sessionThen create IPsec SAs within theProtection of the IKE session.IPsec SAs
17How IPSec works: Phase 2An AH or ESP packet is then sent using the agreed upon “main” SA during the IKE phase 1.IKE Phase 2Negotiates IPSec SA parametersEstablishes IPSec security associations for specific connections (like FTP, telnet, etc)Renegotiates IPSec SAs periodicallyOptionally performs an additional Diffie-Hellman exchange
18How IPSec works: Communication Once Phase 2 has established an SA for a particular connection, all traffic on that connection is communicated using the SA.IKE Phase 1 exchange uses UDP Port 500.AH uses IP protocol 51.ESP uses IP protocol 50.
193-phase strategy in general terms that can be applied to many different enterprises Phase One: A Simple, Generic Policy
203-phase strategy in general terms that can be applied to many different enterprises Phase Two: Custom Workgroups
21Phase Three: Adding Trust Infrastructure Replacing pre-shared keys with credentials enabling strong authentication.In homogenous Windows environments, Kerberos tickets might be used.In all other environments, including mixed Windows networks; a Public Key Infrastructure should be used.IPSec partners can be authenticated with “raw” public keys, but most enterprises will prefer X.509 digital certificates verified by a trusted CA.PKI combines strong access control with scalable administration through the use of CA hierarchies, cross-certification, and delegation.