Presentation is loading. Please wait.

Presentation is loading. Please wait.

@Yuan Xue CS 285 Network Security IP Security Yuan Xue Fall 2013.

Published byChrystal Hampton Modified over 7 years ago

Similar presentations

Presentation on theme: "@Yuan Xue CS 285 Network Security IP Security Yuan Xue Fall 2013."— Presentation transcript:

1 @Yuan Xue (yuan.xue@vanderbilt.edu) CS 285 Network Security IP Security Yuan Xue Fall 2013

2 @Yuan Xue (yuan.xue@vanderbilt.edu) Review Multi/Demultiplex port CW port Congestion window port Congestion window port SSL_CTX SSL SSL_SESSION HTTP Application Transport Network Link Fragment/Reassemble Forward Routing IP Address Routing table Forwarding table Scheduling/medium access SMTP PGP FTP User ID/Email/Key ID UDPTCP SSL HTTPS CW port Stream Frame Packet payloadTCP hdr payload SSL hdr payloadSSL hdr payloadTCP hdrSSL hdrIP

3 @Yuan Xue (yuan.xue@vanderbilt.edu) Comparison PGPSSL Application LayerTransport Layer OfflineOnline/Realtime Connectionless -Single data message -Data order? -Replay attack? Connection-oriented - A data stream - Data order? - Replay attack? Protect application payload (only) Authentication Entity: User(Key ID) Protected Unit: data message Authentication Entity: SSL Session (certificate) Protected Unit: SSL connection/TCP/Port

4 @Yuan Xue (yuan.xue@vanderbilt.edu) Issues TCP header/IP header are not protected Why this is a bad thing? Application specific protection needs user awareness Why this is a bad thing? Think about SMTP/HTTP that run over TCP, instead of SSL

5 @Yuan Xue (yuan.xue@vanderbilt.edu) Any Idea for A Solution? Security Service/protocol at a lower layer How about network layer? Above IP  enjoy the routing service Below transport  support all applications/processes on this host + protect TCP header how about IP header?

6 @Yuan Xue (yuan.xue@vanderbilt.edu) Let’s work on a solution together Security Requirement Confidentiality Integrity  Data Integrity  Source Authentication  Replay defense (*) Option for both/either of the above two requirements More Details Which part should be protected?  Whether IP header should/can be protected? How to establish cryptography context?  Keys/ciphers, etc…

7 @Yuan Xue (yuan.xue@vanderbilt.edu) IP Headers Version Header Length TOS Packet length Packet Id Flags Fragment offset TTL Protocol number Checksum Source IP address Destination IP address Options PredictableImmutable Mutable Some fields are mutable  how to perform MAC calculation/verification? Some fields are necessary for intermediate routers to forward the packet  if they are encrypted, the packet can not be delivered. What should we do?

8 @Yuan Xue (yuan.xue@vanderbilt.edu) IPSec Overview Background A collection of protocols and mechanisms  RFC 2401, RFC 2402, RFC 2406, RFC 2408 IPsec is a mandatory part of IPv6 (mandatory to implement, not mandatory to use), and is optional for use with IPv4IPv6IPv4 IPsec aims to provide a framework of open standards for secure communications over IP Protect every protocol/service running on top of IPv4 and IPv6 Transparent to applications above transport (TCP/UDP) layer  Data confidentiality  Data integrity  Source authentication Prevent IP address spoofing Guard against packet replay

9 @Yuan Xue (yuan.xue@vanderbilt.edu) Ipsec Architecture Confidentiality  ESP Integrity  AH  Replay defense  Usage of sequence number Option for both/either of the above two requirements  Authentication and encapsulation can be used separately Which part should be protected?  transport mode: only TCP/UDP header+ payload  tunnel mode: IP header + TCP/UDP header+ payload (more details later) How to establish cryptography context?  Security association  Key management…

10 @Yuan Xue (yuan.xue@vanderbilt.edu) Transport Mode vs. Tunnel Mode Transport mode Protects the payload data from upper-layer protocol IP header in clear text Host-to-host communication Tunnel-mode Protects the entire IP packets including the IP header Network-to-network/host-to-network Adding a new IP header  has new destination address IP header Encrypted data payload New IP header IP header data payload Encrypted IPSec header

11 @Yuan Xue (yuan.xue@vanderbilt.edu) IPsec in Transport Mode End-to-end security between two hosts Requires IPsec support at each host

12 @Yuan Xue (yuan.xue@vanderbilt.edu) IPsec in Tunnel Mode Gateway-to-gateway security Internal traffic behind gateways not protected Typical application: virtual private network (VPN) Only requires IPsec support at gateways

13 @Yuan Xue (yuan.xue@vanderbilt.edu) Tunnel Mode Illustration IPsec protects communication on the insecure part of the network Implements IPsec Implements IPsec

14 @Yuan Xue (yuan.xue@vanderbilt.edu) Security Association To decide the protection for an outgoing packet, IPsec uses the security parameter index (SPI), an index to the security association database (SADB), along with the destination address in a packet header, which together uniquely identify a security association for that packet. For an incoming packet IPsec gathers decryption and verification keys from the security association database. Security Association One-way relationship between a sender and a receiver For two-way security exchange, two SA are required SPI +IP Destination Address + Security Protocol Identifier ( whether an AH or an ESP) Security Parameters Index (SPI) carried in AH/ESP headers to enable the receiving system to select the SA to process the packet SADB SPI SA

15 @Yuan Xue (yuan.xue@vanderbilt.edu) Implementation

16 @Yuan Xue (yuan.xue@vanderbilt.edu) Authentication Header Security Service Data integrity Source authentication -- Prevent IP spoofing Guard against replay attack Integrity check value MAC -- HMAC-MD5-96/HMAC-SHA-1-96 Calculated over  Immutable IP header field, set the mutable field to zero  AH header other than AD field  Upper-level protocol data IP v4 Identifies security association (shared keys and algorithms) Anti-replay Authenticates source, verifies integrity of payload

17 @Yuan Xue (yuan.xue@vanderbilt.edu) AH in Transport Mode Before AH is applied

18 @Yuan Xue (yuan.xue@vanderbilt.edu) AH in Tunnel Mode Before AH is applied

19 @Yuan Xue (yuan.xue@vanderbilt.edu) ESP: Encapsulating Security Payload Security Service Confidentiality Authentication (optional) Encryption Algorithm 3DES, RC5, IDEA, CAST, Blowfish … +CBC mode Authentication Algorithm MAC -- HMAC-MD5-96/HMAC-SHA-1-96 Packet format Adds new header and trailer fields to packet Transport mode Confidentiality of packet between two hosts Complete hole through firewalls Tunnel mode Confidentiality of packet between two gateways or a host and a gateway Implements VPN tunnels

20 @Yuan Xue (yuan.xue@vanderbilt.edu) New IP header Confidentiality and integrity for packet payload Symmetric cipher negotiated as part of SA Authentication (Optional) Transport mode Tunnel mode ESP Security Guarantees Original IP header ESP headerTCP/UDP segmentESP trailerESP auth encrypted authenticated Original IP header ESP headerTCP/UDP segmentESP trailerESP auth

21 @Yuan Xue (yuan.xue@vanderbilt.edu) ESP Packet Identifies security association (shared keys and algorithms) Anti-replay TCP segment (transport mode) or entire IP packet (tunnel mode) Pad to block size for cipher, also hide actual payload length Type of payload HMAC-based Integrity Check Value (similar to AH)

22 @Yuan Xue (yuan.xue@vanderbilt.edu) Virtual Private Networks (VPN) VPN tunnel Secure communication between parts of the same organization over public untrusted Internet ESP can be used to implement a VPN Packets go from internal network to a gateway with destination IP address Entire packet protected by ESP, including original headers so destination addresses are hidden Receiving gateway decrypts packet and forwards original IP packet to receiving address in the network that it protects

23 @Yuan Xue (yuan.xue@vanderbilt.edu) AH vs. ESP AH protects some of the field in IP header ESP only protects everything beyond the ESP header Separation of authentication and encryption Port information in clear text for firewall

24 @Yuan Xue (yuan.xue@vanderbilt.edu) Combination of SA Authentication + confidentiality ESP with authentication option AH SA + ESP SA bundle Transport + Tunnel Bundle

25 @Yuan Xue (yuan.xue@vanderbilt.edu) Prevention of Replay Attacks When SA is established, sender initializes 32-bit counter to 0, increments by 1 for each packet If wraps around 2 32 -1, new SA must be established Recipient maintains a sliding 64-bit window If a packet with high sequence number is received, do not advance window until packet is authenticated Duplicated packets will be dropped What if TCP retransmit a packet with the same sequence number? Will it be dropped?

26 @Yuan Xue (yuan.xue@vanderbilt.edu) Key Management Oakley Key Determination Protocol Based on Diffie-Hellman algorithm Internet Security Association and Key Management Protocol (ISAKMP) A framework for Internet key management Internet Key Exchange Protocol (IKE) The first phase establishes an ISAKMP SA  based on pre-shared keys (PSK), RSA keys and X.509 certificates, even via Kerberos. In the second phase the ISAKMP SA is used to negotiate and setup the IPsec SAs.

27 @Yuan Xue (yuan.xue@vanderbilt.edu) Comparison Again PGPSSLIPSec Application LayerTransport Layer (above TCP) Network Layer(above IP) OfflineOnline/Realtime Connectionless -Single data message -Data order (n/a) -Replay attack (timestamp) Connection-oriented - A data stream - Data order (via tcp) - defense against replay attack Connectionless - defense against replay attack Protect application payload (only) Transport: Protect tcp hdr + application payload Tunnel: Protect IP hdr + tcp hdr + payload Authentication Entity: User(Key ID) Protected Unit: entire data message Authentication Entity: SSL Session (certificate) Protected Unit: SSL connection/TCP/Port Entity: Security association

28 @Yuan Xue (yuan.xue@vanderbilt.edu) Review Multi/Demultiplex port CW port Congestion window port Congestion window port SSL_CTX SSL SSL_SESSION HTTP Application Transport Network Link Fragment/Reassemble Forward Routing IP Address Routing table Forwarding table IEEE 802.11 SMTP PGP FTP User ID/Email/Key ID UDPTCP SSL HTTPS CW port Stream Frame Packet payloadTCP hdr payload SSL hdr payloadSSL hdr payloadIPSecSSLIP IPSec SADB TCP payloadIPSecSSLIPTCP (Transport mode) MAC

29 @Yuan Xue (yuan.xue@vanderbilt.edu) Reference http://www.ipsec-howto.org/t1.html

Download ppt "@Yuan Xue CS 285 Network Security IP Security Yuan Xue Fall 2013."

Similar presentations

IP Security have considered some application specific security mechanisms –eg. S/MIME, PGP, Kerberos, SSL/HTTPS however there are security concerns that.

IP Security have considered some application specific security mechanisms –eg. S/MIME, PGP, Kerberos, SSL/HTTPS however there are security concerns that.
CS470, A.SelcukIPsec – AH & ESP1 CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.

CS470, A.SelcukIPsec – AH & ESP1 CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.
Internet Security CSCE 813 IPsec

Internet Security CSCE 813 IPsec
IPSec: Authentication Header, Encapsulating Security Payload Protocols CSCI 5931 Web Security Edward Murphy.

IPSec: Authentication Header, Encapsulating Security Payload Protocols CSCI 5931 Web Security Edward Murphy.
IP Security. n Have a range of application specific security mechanisms u eg. S/MIME, PGP, Kerberos, SSL/HTTPS n However there are security concerns that.

IP Security. n Have a range of application specific security mechanisms u eg. S/MIME, PGP, Kerberos, SSL/HTTPS n However there are security concerns that.
Network Layer Security: IPSec

Network Layer Security: IPSec
Cryptography and Network Security Chapter 16 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Chapter 16 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.
IP SECURITY – Chapter 16 IP SECURITY – Chapter 16 Security Mechanisms: email – S/MIME, PGP client/server - Kerberos web access - Secure Sockets Layer network.

IP SECURITY – Chapter 16 IP SECURITY – Chapter 16 Security Mechanisms: – S/MIME, PGP client/server - Kerberos web access - Secure Sockets Layer network.
ECE 454/CS 594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall.

ECE 454/CS 594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall.
1 Lecture 15: IPsec AH and ESP IPsec introduction: uses and modes IPsec concepts –security association –security policy database IPsec headers –authentication.

1 Lecture 15: IPsec AH and ESP IPsec introduction: uses and modes IPsec concepts –security association –security policy database IPsec headers –authentication.
Henric Johnson1 Ola Flygt Växjö University, Sweden +46 470 70 86 49 IP Security.

Henric Johnson1 Ola Flygt Växjö University, Sweden IP Security.
IPSec Isaac Ghansah.

IPSec Isaac Ghansah.
Henric Johnson1 Chapter 6 IP Security. Henric Johnson2 Outline Internetworking and Internet Protocols IP Security Overview IP Security Architecture Authentication.

Henric Johnson1 Chapter 6 IP Security. Henric Johnson2 Outline Internetworking and Internet Protocols IP Security Overview IP Security Architecture Authentication.
IP Security IPSec 2 * Essential Network Security Book Slides. IT352 | Network Security |Najwa AlGhamdi 1.

IP Security IPSec 2 * Essential Network Security Book Slides. IT352 | Network Security |Najwa AlGhamdi 1.
CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.

CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.
1 IP Security Outline of the session –IP Security Overview –IP Security Architecture –Key Management Based on slides by Dr. Lawrie Brown of the Australian.

1 IP Security Outline of the session –IP Security Overview –IP Security Architecture –Key Management Based on slides by Dr. Lawrie Brown of the Australian.
IP Security. n Have a range of application specific security mechanisms u eg. S/MIME, PGP, Kerberos, SSL/HTTPS n However there are security concerns that.

IP Security. n Have a range of application specific security mechanisms u eg. S/MIME, PGP, Kerberos, SSL/HTTPS n However there are security concerns that.
Encapsulation Security Payload Protocol Lan Vu. OUTLINE 1.Introduction and terms 2.ESP Overview 3.ESP Packet Format 4.ESP Fields 5.ESP Modes 6.ESP packet.

Encapsulation Security Payload Protocol Lan Vu. OUTLINE 1.Introduction and terms 2.ESP Overview 3.ESP Packet Format 4.ESP Fields 5.ESP Modes 6.ESP packet.
Cryptography and Network Security

Cryptography and Network Security
1 IPsec Youngjip Kim 2004. 05. 24. 2 Objective Providing interoperable, high quality, cryptographically-based security for IPv4 and IPv6 Services  Access.

1 IPsec Youngjip Kim Objective Providing interoperable, high quality, cryptographically-based security for IPv4 and IPv6 Services  Access.

Similar presentations

Ads by Google