Presentation is loading. Please wait.

Presentation is loading. Please wait.

Andreas Steffen, 5.12.2011, 13-VPN.pptx 1 Internet Security 1 (IntSi1) Prof. Dr. Andreas Steffen Institute for Internet Technologies and Applications.

Published byBrenda St. ives Modified over 8 years ago

Similar presentations

Presentation on theme: "Andreas Steffen, 5.12.2011, 13-VPN.pptx 1 Internet Security 1 (IntSi1) Prof. Dr. Andreas Steffen Institute for Internet Technologies and Applications."— Presentation transcript:

1

2 Andreas Steffen, 5.12.2011, 13-VPN.pptx 1 Internet Security 1 (IntSi1) Prof. Dr. Andreas Steffen Institute for Internet Technologies and Applications (ITA) 13 Virtual Private Networks

3 Andreas Steffen, 5.12.2011, 13-VPN.pptx 2 Layer 2 versus Layer 3 versus Layer 4 Application layerssh, S/MIME, PGP, Kerberos, WSSTransport layerTLS, [SSL]Network layerIPsecData Link layer[PPTP, L2TP], IEEE 802.1X, IEEE 802.1AE, IEEE 802.11i (WPA2) Physical layerQuantum CommunicationsCommunication layersSecurity protocols

4 Andreas Steffen, 5.12.2011, 13-VPN.pptx 3 Internet Security 1 (IntSi1) 13.1 Point-to-Point Protocol (PPP)

5 Andreas Steffen, 5.12.2011, 13-VPN.pptx 4 PPP PPP Encapsulation IP, IPX Payload PSTN (POTS / ISDN) IP, IPX Payload Private Network Public Switched Telephone Network Remote ClientRemote Access Server Authentication using PAP (password), CHAP (challenge/response), or the Extensible Authentication Protocol (EAP) supporting e.g. token cards Optional PPP packet encryption (ECP) using preshared secrets Individual PPP packets are not authenticated The Link Control Protocol (LCP), as well as EAP and ECP are not protected !! PPP–based Remote Access using Dial–In

6 Andreas Steffen, 5.12.2011, 13-VPN.pptx 5 The PPP Encryption Control Protocol (ECP) The Encryption Control Protocol (ECP, RFC 1968) uses the same packet exchange mechanism as the Link Control Protocol (LCP, RFC 1661). ECP packets may not be exchanged until PPP has reached the Network- Layer Protocol phase and should wait for an optional Authentication phase. Exactly one ECP packet is encapsulated in the PPP Information field, where the PPP Protocol field indicates type 0x8053. An encrypted packet is encapsulated in the PPP Information field, where the PPP Protocol field indicates type 0x0053 (Encrypted datagram). Compression may also be negotiated using the Compression Control Protocol (CCP, RFC 1962). ECP implementations should use the PPP Triple-DES Encryption Protocol (3DESE, RFC 2420). DES-EDE3-CBC with a 168 bit key is used. 0x8053 Code ID Length ECP Options (algorithm, IV) Seq. Nr 0x0053 Ciphertext

7 Andreas Steffen, 5.12.2011, 13-VPN.pptx 6 The PPP Extensible Authentication Protocol (EAP) Some of the authentication types supported by EAP (RFC 2284): 1 Identity 4 MD5-Challenge 5 One-Time Password (OTP, RFC 2289) 6 Generic Token Card 9 RSA Public Key Authentication 13 EAP-TLS (RFC 2716, supported by Windows XP) 15 RSA Security SecurID EAP 17 EAP-Cisco Wireless 18 Nokia IP smart card authentication 23 UMTS Authentication and Key Argreement 24 EAP-3Com Wireless 25 PEAP (Protected EAP, supported by Windows XP) 29 EAP-MSCHAP-V2 (supported by Windows XP) 35 EAP-Actiontec Wireless 36 Cogent Systems Biometrics Authentication EAP 0xC227 Code ID Length Type Data

8 Andreas Steffen, 5.12.2011, 13-VPN.pptx 7 Internet Security 1 (IntSi1) 13.2 Layer 2/3/4 VPNs

9 Andreas Steffen, 5.12.2011, 13-VPN.pptx 8 Layer 2 Tunneling Protocol (L2TP) IP, IPX Payload Private Network Internet IP ISP NAS Remote ClientNetwork Access Server PSTN PPP over PSTN PPP IP, IPX Payload PSTN Layer 2 IP UDP Port 1701 over IP UDP L2TP PPP IP, IPX Payload Layer 3 L2TP LNSLAC L2TP Tunnel PPP IP, IPX Payload Compulsory Mode

10 Andreas Steffen, 5.12.2011, 13-VPN.pptx 9 Layer 2 Tunneling Protocol (L2TP) Voluntary Mode UDP Port 1701 over IP IP UDP L2TP PPP IP, IPX Payload IP, IPX Payload Private Network Internet IP ISP NAS Remote ClientNetwork Access Server PSTN L2TP LNSLAC L2TP Tunnel PPP IP, IPX Payload Layer 2 Connection (Wire) PPP PPP over PSTN IP UDP L2TP PPP IP, IPX Payload PSTN

11 Andreas Steffen, 5.12.2011, 13-VPN.pptx 10 Layer 3 Tunnel based on IPSec IP Payload Private Network Internet IP ISP VPN ClientVPN Gateway PSTN IPsec Tunnel IP ESP IP Payload PPP PSTN IP ESP IP Payload

12 Andreas Steffen, 5.12.2011, 13-VPN.pptx 11 L2TP over IPsec (RFC 3193) – Voluntary Mode IP ESP IPSec Transport Mode UDP L2TP PPP IP, IPX Payload IP, IPX Payload Private Network Internet IP ISP NAS Remote ClientNetwork Access Server PSTN L2TP LNSLAC L2TP Tunnel PPP IP, IPX Payload Layer 2 Connection (Wire) PPP PPP over PSTN IP ESP UDP L2TP PPP IP, IPX Payload

13 Andreas Steffen, 5.12.2011, 13-VPN.pptx 12 IP Payload Private Network Internet IP ISP SSL/TLS Browser with Plugin SSL/TLS Proxy Server PSTN PPP IP PSTN TCP* SSL IP Payload SSL/TLS Tunnel IP TCP* SSL IP Payload Layer 4 Tunnel based on SSL/TLS *OpenVPN uses SSL over UDP

14 Andreas Steffen, 5.12.2011, 13-VPN.pptx 13 Layer 2 – L2TP  Same login procedure as PPP (preshared secrets, RADIUS, etc.)  Same auxiliary information as with PPP (virtual IP, DNS/WINS servers)  No strong security without IPsec, LCP can be cheated into establishing no encryption. Non-authenticated L2TP packets prone to replay attacks. Layer 3 – IPSec  Cryptographically strong encryption and authentication of VPN tunnel  Can negotiate and enforce complex VPN access control policies  XAUTH and IKEv2-EAP authentication offer PPP-like features  Does not allow the tunneling of non-IP protocols (IPX, etc.)  Complex connection setup, PKI management overhead Layer 4 - TLS  Clientless and simple: Internet Browser plus Java Applets or Plugin.  Cryptographically strong encryption and authentication of VPN tunnel  Access to certain applications need special plugin (still clientless?) Layer 2/3/4 VPNs – Pros and Cons

15 Andreas Steffen, 5.12.2011, 13-VPN.pptx 14 Internet Security 1 (IntSi1) 13.3 Multi-Protocol Label Switching (MPLS)

16 Andreas Steffen, 5.12.2011, 13-VPN.pptx 15 IP-Network of a Service Provider MPLS based Virtual Private Networks IPL A IPL AL 1 IPL AL 3 IPL AL 5 IPL B IPL B IPL BL 2 IPL BL 4 IPL BL 6 IPL A User B E1 E2 E3 E4 N1N3 User A User B User A

17 Andreas Steffen, 5.12.2011, 13-VPN.pptx 16 MPLS Layer 2 Shim Header (RFC 3032) 20 Bits Class of Service, 3 Bits Bottom of Stack, 1 Bit Time to Live, 8 Bits LabelCoSBTTL 4 Bytes

18 Andreas Steffen, 5.12.2011, 13-VPN.pptx 17 Internet Security 1 (IntSi1) 13.4 IPsec Transport Mode

19 Andreas Steffen, 5.12.2011, 13-VPN.pptx 18 Internet IPsec – Transport Mode 194.230.203.86 160.85.128.3 IP connection secure IP datagrams should be authenticated IP datagrams should be encrypted and authenticated

20 Andreas Steffen, 5.12.2011, 13-VPN.pptx 19 IPsec – Transport Mode IP Authentication Header (AH) IP protocol number for AH: 51 Mutable fields: Type of Service (TOS), Fragment Offset, Flags, Time to Live (TTL), IP header checksum Original IP Header TCP Header Data IPv4 Before applying AH AH: RFC 4302 After applying AH IPv4 authenticated except for mutable fields Original IP Header AH Header TCP Header Data

21 Andreas Steffen, 5.12.2011, 13-VPN.pptx 20 IPsec – Transport Mode IP Encapsulating Security Payload (ESP) IP protocol number for ESP: 50 ESP authentication is optional With ESP authentication the IP header is not protected. Original IP Header TCP Header Data IPv4 Before applying ESP ESP: RFC 4303 Original IP Header ESP Header IPv4 After applying ESP encrypted authenticated TCP Header Data ESP Trailer ESP Auth

22 Andreas Steffen, 5.12.2011, 13-VPN.pptx 21 Internet Security (IntSi1) 13.5 IPsec Tunnel Mode

23 Andreas Steffen, 5.12.2011, 13-VPN.pptx 22 Internet IPsec – Tunnel Mode Virtual Private Network (VPN) 10.1.0.2 10.1.0.3 10.1.0.1 Subnet 10.1.0.0/16 10.2.0.2 10.2.0.3 10.2.0.1 Subnet 10.2.0.0/16 194.230.203.86 160.85.180.0 Security Gateway secure IP tunnel

24 Andreas Steffen, 5.12.2011, 13-VPN.pptx 23 IPsec Tunnel Mode using ESP Original IP Header TCP Header Data IPv4 Before applying ESP IP protocol number for ESP: 50 ESP authentication is optional but often used in place of AH Original IP Header is encrypted and therefore hidden Outer IP Header ESP Header IPv4 After applying ESP encrypted authenticated Original IP Header TCP Header Data ESP Trailer ESP Auth Encapsulating Security Payload (ESP): RFC 4303

25 Andreas Steffen, 5.12.2011, 13-VPN.pptx 24 ESP Header (Initial Header / Payload / Trailer) encrypted authenticated After applying ESP Security Parameters Index (SPI) Anti-Replay Sequence Number Payload Data (variable, including IV) Padding (0-255 bytes) Authentication Data (variable) 01234 bytes Next HeaderPad Length

26 Andreas Steffen, 5.12.2011, 13-VPN.pptx 25 IPsec Tunnel Mode CBC Packet Overhead Outer IP Header AES_XCBC_96 HMAC_SHA1_96 SPI / Seq. Number 3DES_CBC IV AES_CBC IV 3DES_CBC max Pad AES_CBC max Pad Pad Len / Next Header HMAC_SHA2_256_128 HMAC_SHA2_384_192 HMAC_SHA2_512_256 20 8 8 16 7 15 12 2 16 24 32 12 16 24 32 12 16 24 32 20 8888888888 88888 16 77 777 15 2222222222 50 54Best Case Overhead627058 627078 Bytes Worst Case Overhead57 61697773 778593

27 Andreas Steffen, 5.12.2011, 13-VPN.pptx 26 Authenticated Encryption with Associated Data (AEAD) AEAD is based on special block cipher modes: Block size: 128 bits Key size: 128/256 bits Tag size : 128/96/64 bits Nonce size: 96 bits 32 bits 64 bits 32 bits Recommended AEAD Modes: AES-Galois/Counter Mode AES-GMAC (auth. only) Alternative AEAD Modes: AES-CCM CAMELLIA-GCM CAMELLIA-CCM SaltIVCounter SaltIV0SaltIV1 SaltIV2 Key K Hash Subkey H 0………………..0 Key K Hash Subkey Derivation

28 Andreas Steffen, 5.12.2011, 13-VPN.pptx 27 IPsec Tunnel Mode AEAD Packet Overhead Outer IP Header AES_GCM_96 Tag AES_GCM_64 Tag Security Parameter Index AES_GCM IV AES_CNT max Pad Pad Len / Next Header 20 8 8 3 8 2 12 8 20 888 888 222 465054Best Case Overhead Bytes Worst Case Overhead495357 333 AES_GCM_128 Tag 16 Additional Authenticated Data: Sequence Number 0123 Security Parameter Index Extended Sequence Number 0123 SPI / Seq. Number or

29 Andreas Steffen, 5.12.2011, 13-VPN.pptx 28 IPsec Tunnel Mode using AH Original IP Header TCP Header Data IPv4 Before applying AH IP protocol number for AH: 51 Mutable fields: Type of Service (TOS), Fragment Offset, Flags, Time to Live (TTL), IP header checksum ESP can be encapsulated in AH Outer IP Header AH Header IPv4 After applying AH authenticated Original IP Header TCP Header Data Authentication Header (AH): RFC 4302

Download ppt "Andreas Steffen, 5.12.2011, 13-VPN.pptx 1 Internet Security 1 (IntSi1) Prof. Dr. Andreas Steffen Institute for Internet Technologies and Applications."

Similar presentations

Encrypting Wireless Data with VPN Techniques

Encrypting Wireless Data with VPN Techniques
Internet Protocol Security (IP Sec)

Internet Protocol Security (IP Sec)
CS470, A.SelcukIPsec – AH & ESP1 CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.

CS470, A.SelcukIPsec – AH & ESP1 CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.
1 Chapter 2: Networking Protocol Design Designs That Include TCP/IP Essential TCP/IP Design Concepts TCP/IP Data Protection TCP/IP Optimization.

1 Chapter 2: Networking Protocol Design Designs That Include TCP/IP Essential TCP/IP Design Concepts TCP/IP Data Protection TCP/IP Optimization.
ITA, 2.11.2011, 8-TLS.pptx 1 Internet Security 1 (IntSi1) Prof. Dr. Andreas Steffen Institute for Internet Technologies and Applications (ITA) 8 Transport.

ITA, , 8-TLS.pptx 1 Internet Security 1 (IntSi1) Prof. Dr. Andreas Steffen Institute for Internet Technologies and Applications (ITA) 8 Transport.
IPSec In Depth. Encapsulated Security Payload (ESP) Must encrypt and/or authenticate in each packet Encryption occurs before authentication Authentication.

IPSec In Depth. Encapsulated Security Payload (ESP) Must encrypt and/or authenticate in each packet Encryption occurs before authentication Authentication.
IPSec: Authentication Header, Encapsulating Security Payload Protocols CSCI 5931 Web Security Edward Murphy.

IPSec: Authentication Header, Encapsulating Security Payload Protocols CSCI 5931 Web Security Edward Murphy.
Securing Remote PC Access to UNIX/Linux Hosts with VPN or SSH Charles T. Moetului WRQ, Inc. (206) 217-7048

Securing Remote PC Access to UNIX/Linux Hosts with VPN or SSH Charles T. Moetului WRQ, Inc. (206)
Network Security Essentials Chapter 8 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.

Network Security Essentials Chapter 8 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.
Network Layer Security: IPSec

Network Layer Security: IPSec
Cryptography and Network Security Chapter 16 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Chapter 16 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.
IP SECURITY – Chapter 16 IP SECURITY – Chapter 16 Security Mechanisms: email – S/MIME, PGP client/server - Kerberos web access - Secure Sockets Layer network.

IP SECURITY – Chapter 16 IP SECURITY – Chapter 16 Security Mechanisms: – S/MIME, PGP client/server - Kerberos web access - Secure Sockets Layer network.
Chapter 13 IPsec. IPsec (IP Security)  A collection of protocols used to create VPNs  A network layer security protocol providing cryptographic security.

Chapter 13 IPsec. IPsec (IP Security)  A collection of protocols used to create VPNs  A network layer security protocol providing cryptographic security.
Virtual Private Networks. Why VPN Fast, secure and reliable communication between remote locations –Use leased lines to maintain a WAN. –Disadvantages.

Virtual Private Networks. Why VPN Fast, secure and reliable communication between remote locations –Use leased lines to maintain a WAN. –Disadvantages.
ECE 454/CS 594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall.

ECE 454/CS 594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall.
1 Lecture 15: IPsec AH and ESP IPsec introduction: uses and modes IPsec concepts –security association –security policy database IPsec headers –authentication.

1 Lecture 15: IPsec AH and ESP IPsec introduction: uses and modes IPsec concepts –security association –security policy database IPsec headers –authentication.
IPSec Isaac Ghansah.

IPSec Isaac Ghansah.
CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.

CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.
1 Pertemuan 11 IPSec dan SSL Matakuliah: H0242 / Keamanan Jaringan Tahun: 2006 Versi: 1.

1 Pertemuan 11 IPSec dan SSL Matakuliah: H0242 / Keamanan Jaringan Tahun: 2006 Versi: 1.
1 IPsec Youngjip Kim 2004. 05. 24. 2 Objective Providing interoperable, high quality, cryptographically-based security for IPv4 and IPv6 Services  Access.

1 IPsec Youngjip Kim Objective Providing interoperable, high quality, cryptographically-based security for IPv4 and IPv6 Services  Access.

Similar presentations

Ads by Google