IP SECURITY – Chapter 16 IP SECURITY – Chapter 16 Security Mechanisms: email – S/MIME, PGP client/server - Kerberos web access - Secure Sockets Layer network.

Slides:



Advertisements
Similar presentations
IP Security have considered some application specific security mechanisms –eg. S/MIME, PGP, Kerberos, SSL/HTTPS however there are security concerns that.
Advertisements

Cryptography and Network Security
CS470, A.SelcukIPsec – AH & ESP1 CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.
Internet Security CSCE 813 IPsec
IPSec: Authentication Header, Encapsulating Security Payload Protocols CSCI 5931 Web Security Edward Murphy.
IP Security. n Have a range of application specific security mechanisms u eg. S/MIME, PGP, Kerberos, SSL/HTTPS n However there are security concerns that.
Henric Johnson1 Chapter 6 IP Security Henric Johnson Blekinge Institute of Technology, Sweden
Network Security Essentials Chapter 8 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.
Network Layer Security: IPSec
Cryptography and Network Security Chapter 16 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.
ECE 454/CS 594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall.
1 Lecture 15: IPsec AH and ESP IPsec introduction: uses and modes IPsec concepts –security association –security policy database IPsec headers –authentication.
Henric Johnson1 Ola Flygt Växjö University, Sweden IP Security.
Henric Johnson1 Chapter 6 IP Security. Henric Johnson2 Outline Internetworking and Internet Protocols IP Security Overview IP Security Architecture Authentication.
IP Security. Overview In 1994, Internet Architecture Board (IAB) issued a report titled “Security in the Internet Architecture”. This report identified.
CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.
1 IP Security Outline of the session –IP Security Overview –IP Security Architecture –Key Management Based on slides by Dr. Lawrie Brown of the Australian.
IP Security. n Have a range of application specific security mechanisms u eg. S/MIME, PGP, Kerberos, SSL/HTTPS n However there are security concerns that.
Cryptography and Network Security
1 Pertemuan 11 IPSec dan SSL Matakuliah: H0242 / Keamanan Jaringan Tahun: 2006 Versi: 1.
1 IPsec Youngjip Kim Objective Providing interoperable, high quality, cryptographically-based security for IPv4 and IPv6 Services  Access.
Chapter 6 IP Security. Outline Internetworking and Internet Protocols (Appendix 6A) IP Security Overview IP Security Architecture Authentication Header.
IP Security. IPSEC Objectives n Band-aid for IPv4 u Spoofing a problem u Not designed with security or authentication in mind n IP layer mechanism for.
IP Security. n Have a range of application specific security mechanisms u eg. S/MIME, PGP, Kerberos, SSL/HTTPS n However there are security concerns that.
IP Security. n Have a range of application specific security mechanisms u eg. S/MIME, PGP, Kerberos, SSL/HTTPS n However there are security concerns that.
1 Chapter 6 IP Security Henric Johnson Blekinge Institute of Technology, Sweden Revised by Andrew.
IP Security: Security Across the Protocol Stack
NETWORK SECURITY.
IPSec.1 CEENet ‘ Understanding and using Remote Access and VPN services IPSec.
1 Network Security Lecture 8 IP Sec Waleed Ejaz
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
CSCE 715: Network Systems Security
/IPsecurity.ppt 1 - Chapter 6 of William Stallings. Network Security Essentials (2nd edition). Prentice Hall.
IPSec IPSec provides the capability to secure communications across a LAN, across private and public wide area networks (WANs) and across the Internet.
Karlstad University IP security Ge Zhang
IPsec Introduction 18.2 Security associations 18.3 Internet Security Association and Key Management Protocol (ISAKMP) 18.4 Internet Key Exchange.
IP Security.  In CERTs 2001 annual report it listed 52,000 security incidents  the most serious involving:  IP spoofing intruders creating packets.
Chapter 6 IP Security. We have considered some application specific security mechanisms in last chapter eg. S/MIME, PGP, Kerberos however there are security.
IPSec ● IP Security ● Layer 3 security architecture ● Enables VPN ● Delivers authentication, integrity and secrecy ● Implemented in Linux, Cisco, Windows.
IP Security: Security Across the Protocol Stack. IP Security There are some application specific security mechanisms –eg. S/MIME, PGP, Kerberos, SSL/HTTPS.
1 Chapter 6 IP Security. 2 Outline Internetworking and Internet Protocols (Appendix 6A) IP Security Overview IP Security Architecture Authentication Header.
Chapter 8 IP Security MSc. NGUYEN CAO DAT Dr. TRAN VAN HOAI.
IP security Ge Zhang Packet-switched network is not Secure! The protocols were designed in the late 70s to early 80s –Very small network.
1 IPv6 Security & QoS Babu Ram Dawadi. 2 Outline IP Security Overview IP Security Architecture Authentication Header Encapsulating Security Payload Combinations.
1 Lecture 13 IPsec Internet Protocol Security CIS CIS 5357 Network Security.
Internet Security CSCE 813 IPsec. CSCE813 - Farkas2 TCP/IP Protocol Stack Application Layer Transport Layer Network Layer Data Link Layer.
Security IPsec 1 * Essential Network Security Book Slides. IT352 | Network Security |Najwa AlGhamdi 1.
Cryptography and Network Security (CS435) Part Thirteen (IP Security)
IPSec  general IP Security mechanisms  provides  authentication  confidentiality  key management  Applications include Secure connectivity over.
IPSec – IP Security Protocol By Archis Raje. What is IPSec IP Security – set of extensions developed by IETF to provide privacy and authentication to.
IPSec is a suite of protocols defined by the Internet Engineering Task Force (IETF) to provide security services at the network layer. standard protocol.
1 IPSec: An Overview Dr. Rocky K. C. Chang 4 February, 2002.
CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.
Network Layer Security Network Systems Security Mort Anvari.
K. Salah1 Security Protocols in the Internet IPSec.
8-1Network Security Virtual Private Networks (VPNs) motivation:  institutions often want private networks for security.  costly: separate routers, links,
@Yuan Xue CS 285 Network Security IP Security Yuan Xue Fall 2013.
Presentaion on ipsecurity Presentaion given by arun saraswat To lavkush sharma sir arun saraswat1.
IP Security
UNIT 7- IP Security 1.IP SEC 2.IP Security Architecture
IPSecurity.
Chapter 16 – IP Security If a secret piece of news is divulged by a spy before the time is ripe, he must be put to death, together with the man to whom.
Chapter 18 IP Security  IP Security (IPSec)
IT443 – Network Security Administration Instructor: Bo Sheng
IPSec IPSec is communication security provided at the network layer.
CSCE 815 Network Security Lecture 13
Chapter 6 IP Security.
Presentation transcript:

IP SECURITY – Chapter 16 IP SECURITY – Chapter 16 Security Mechanisms: – S/MIME, PGP client/server - Kerberos web access - Secure Sockets Layer network - TCP/IP Three Areas: 1. Authentication – verifies source / no alteration 2. Confidentiality – no eavesdropper 3. Key Management – secure exchange

ATTACKS - REQUIREMENTS ATTACKS - REQUIREMENTS 1.IP Spoofing - false IP address 2.eavesdropping / packet sniffing - logon data, database contents Secure Branch Office over Internet - Virtual Private Network Secure Remote Access over Internet - local call to ISP  remote company extranet/internet – secure comms  other orgs Secure Commerce – enhanced by IPSEC …because encrypt/decrypt all traffic at IP level (fig 16.1)

IP SECURITY SCENARIO

BENEFITS of IPSEC BENEFITS of IPSEC Traffic within company – ”no need for security” Transparent applications and end users Security for ”off-site” individuals

IPSEC and ROUTING IPSEC and ROUTING Authorises Routing Advertisement Authorises Neighbour Advertisement Redirect Routing Update - not forged

EXTENSION HEADER EXTENSION HEADER - follows main IP header Authentication Header Encapsulating Security Payload (ESP) header (encrypted) Fig 16.2 AH - Authentication Header ESP – Encryption + Authentication Table 16.1

IPSec DOCUMENT OVERVIEW

SECURITY ASSOCIATIONS (SAs) One-way relationship between sender and receiver -For two-way, need two SAs - Three Parameters 1. Security Parameter Index (SPI) 2. IP Destination Address 3. Security Protocol Identifier

SECURITY ASSOCIATIONS (SAs) 1. Security Parameter Index (SPI) - bit string – carried in AH and ESP headers enables receiver to select SA for processing packet. 2. IP Destination Address - end user or network system (e.g. firewall, router) 3. Security Protocol Identifier indicates AH or ESP

SA PARAMETERS SA PARAMETERS Sequence Number Counter Sequence Counter Overflow - overflow auditable? Anti-Replay Windows - is incoming AH or ESP a replay? AH information - auth. alg., keys, key lifetimes ESP information - encryp. alg., auth. alg., keys, init. values, key lifetimes Lifetime of SA IPSec Protocol Mode: - Tunnel/Transport/Wildcard (mask) Path MTU – max packet size

SECURITY POLICY DATABASE (SPD) SECURITY POLICY DATABASE (SPD) Relates IP traffic to specific SAs [ Subset 0 of IP Traffic] SA [ Subset 1 of IP Traffic] and/or [Subset of IP Traffic] SA 0 SA 1

SPD : IP and UPPER LAYER SELECTORS SPD : IP and UPPER LAYER SELECTORS - filters/maps traffic  SA Dest. IP Address: single/list/range/wildcard Source IP Address: single/list/range/wildcard User ID Data Sensitivity Level: e.g.secret/unclassified Transport Layer Protocol: (number) individual/list/range IPSEC Protocol: AH/ESP/AH and ESP Source and Dest. Ports: (TCP or UDP values) individual/list/wildcard

SPD : IP and UPPER LAYER SELECTORS SPD : IP and UPPER LAYER SELECTORS - filters/maps traffic  SA IPv6 Class: specific/wildcard IPv6 Flowlabel: specific/wildcard IPv4 Type of Service (TOS): specific/wildcard

TRANSPORT MODE TRANSPORT MODE Transport Upper-layer protection End-to-end communication (e.g. client  server, two workstations) ESP encrypts IP payload (not header) (optionally authenticates) AH authenticates IP payload + selected portions of header

TUNNEL MODE TUNNEL MODE Tunnel Protects entire IP packet entire packet + security fields treated as ”outer” payload with new IP header Original (inner) packet travels through tunnel. Routers cannot examine inner IP header e.g. tunneled through firewall Table 16.2

AUTHENTICATION HEADER AUTHENTICATION HEADER - Detects modification - Prevents address spoofing, replay Uses MAC - Alice, Bob share secret key Fig 16.3

AUTHENTICATION HEADER

ANTI-REPLAY SERVICE ANTI-REPLAY SERVICE Sequence Number Field (SNF) thwarts attack New SA: Sender initialises C=0 For every new packet on SA: C++ Anti-Replay operates up to max C = 2 32 – 1 If max reached, terminate SA

ANTI-REPLAY SERVICE ANTI-REPLAY SERVICE IP is, connectionless, unreliable  protocol does NOT guarantee: packets delivered in order all packets delivered

ANTI-REPLAY MECHANISM

ANTI-REPLAY MECHANISM ANTI-REPLAY MECHANISM (Fig 16.4) 1. if Rx packet falls in window and new then check MAC. if authentic then mark slot 2. if Rx packet to right of window and new then check MAC. if authentic advance window up to packet. 3. if Rx packet to left of window or authentication fails then, discard, audit

INTEGRITY CHECK VALUE (ICV) - MAC INTEGRITY CHECK VALUE (ICV) - MAC HMAC–MD5-96, HMAC-SHA-1-96 (trunc to 96 bits) MAC over: IP Header Fields which are unchanged in transit (or are predictable at receiver), other fields set ot 0 for calculation purposes. AH Header except Authentication Data Field – AD  0 Upper-Level protocol data

TRANSPORT / TUNNEL MODES TRANSPORT / TUNNEL MODES Fig 16.5 Transport SA: workst.  server (secret key) Tunnel SA: workst. intern. network firewall intern. server without auth. Fig 16.6 IP Payload is TCP or data for other protocol.

End-to-End vs. End-to-intermediate Auth.

SCOPE OF AH AUTHENTICATION

ENCAPSULATING SECURITY PAYLOAD (ESP) ENCAPSULATING SECURITY PAYLOAD (ESP) Message Confidentiality Limited Traffic flow Confidentiality Authentication (like AH) Fig 16.7

ENCAPSULATING SECURITY PAYLOAD (ESP)

ENCAPSULATING SECURITY PAYLOAD (ESP) ENCAPSULATING SECURITY PAYLOAD (ESP) SPI – Security Association Sequence Number Payload – Transport/Tunnel – encrypt Padding - 0 – 255 bytes Pad Length Next Header – Payload type by identifying first header in payload. Auth. Data – ICV (MAC)

ESP ESP Encrypts payload, padding, pad length, next header Optimal init. vector (IV) for encryp. alg. at beginning of Payload Uses DES(CBC), 3DES, RC5, IDEA, 3IDEA, CAST, Blowfish Uses HMAC-MD5-96, HMAC-SHA-1-96

PADDING PADDING Required, if encryp. alg. requires plaintext to be certain multiple of bytes. to make ciphertext a multiple of 32-bits for Partial Traffic Flow Confidentiality

TRANSPORT and TUNNEL MODES TRANSPORT and TUNNEL MODES Fig 16.8 Transport - confidentiality for all appl. - drawback : traffic analysis Tunnel – hosts avoid security (VPN) Fig 16.9

Transport vs. Tunnel Encryp.

Scope of ESP Encryp. and Auth.

COMBINING SAs COMBINING SAs Each SA implements AH or ESP, but, Some traffic flow may require both.  multiple SAs Security Association Bundle Sequence of SAs SAs may terminate at different endpoints

TWO BUNDLE TYPES TWO BUNDLE TYPES Transport Adjacency: more than one security protocol to same IP packet, no tunneling, one endpoint. Iterated Tunneling: multiple (nested) security layers using tunnelling, possible different end points.

TWO BUNDLE TYPES TWO BUNDLE TYPES Two approaches can be Combined e.g. Transport SA between hosts travels partway through a Tunnel SA between security gateways.

AUTHENTICATION + CONFIDENTIALITY AUTHENTICATION + CONFIDENTIALITY 1. ESP with Auth. Option - Fig 16.9 Transport mode ESP: IP header not protected Tunnel mode ESP: Auth. entire outer IP packet Encryp. entire inner IP packet For both cases, ciphertext authenticated

Scope of ESP Encryp. and Auth.

AUTHENTICATION + CONFIDENTIALITY AUTHENTICATION + CONFIDENTIALITY 2. Transport Adjacency Two Bundled SAs: - inner being ESP (no auth.) outer being AH - advantage: auth. covers more fields - disadvantage: two SAs versus one

AUTHENTICATION + CONFIDENTIALITY AUTHENTICATION + CONFIDENTIALITY 3. Transport-Tunnel Bundle Auth. Prior to encryp.: - advantages: Impossible to intercept and alter without detection. Store MAC with message at destination for later. Use Bundle: Inner AH: Transport SA Outer ESP: Tunnel SA  entire auth. inner packet encrypted. new outer IP header added

BASIC COMBINATION OF SAs BASIC COMBINATION OF SAs CASE 1 End systems implement IPSec - share keys CASE 2 Security between gateways (routers,firewalls) No hosts implement IPSec Simple VPN Nested tunnels not required because IPSec applied to entire packet. CASE 3 Case 2 + end-to-end security. Gateway-to-gateway ESP provides traffic confidentiality. CASE 4 Support for remote host to reach firewall. Only tunnel mode required. Key Management - Read

BASIC COMBINATION OF SAs