Presentation is loading. Please wait.

Presentation is loading. Please wait.

IP Security Lawrence Taub IPSEC IP security — security built into the IP layer Provides host-to-host (or router-to-router) encryption and.

Published byErin Moody Modified over 8 years ago

Similar presentations

Presentation on theme: "IP Security Lawrence Taub IPSEC IP security — security built into the IP layer Provides host-to-host (or router-to-router) encryption and."— Presentation transcript:

1 IP Security Lawrence Taub taub@ufl.edu

2 IPSEC IP security — security built into the IP layer Provides host-to-host (or router-to-router) encryption and authentication Required for IPv6, optional for IPv4 Comprised of two parts: –IPSEC proper (authentication and encryption) –IPSEC key management

3 IPSEC Authentication header (AH) — integrity protection of header only Inserted into IP datagram Integrity check value (ICV) is 96-bit HMAC

4 IPSEC Proper The AH authenticates entire datagram Mutable fields (time-to-live, IP checksums) are zeroed before AH is added Sequence numbers provide replay protection –Receiver tracks packets within a 64-entry sliding window

5 IPSEC Proper Encapsulating security protocol (ESP) — authentication (optional) and confidentiality Inserted into IP datagram Contains sequence numbers and optional ICV as for AH

6 IPSEC Proper ESP secures data payload in datagram Encryption protects payload –Authentication protects header and encryption Security Association bundling is possible –ESP without authentication inside AH –Authentication covers more fields this way than just ESP with authentication

7 IPSEC Key Management Key management establishes a security association (SA) for a session –SA used to provide authentication/confidentiality for that session –SA is referenced via a security parameter index (SPI) in each IP datagram header

8 IPSEC Processing Use SPI to look up security association (SA) Perform authentication check using SA Perform decryption of authenticated data using SA Operates in two modes –Transport mode (secure IP), protects payload –Tunneling mode (secure IP inside standard IP), protects entire packet Popular in routers Communicating hosts don’t have to implement IPSEC themselves Nested tunneling possible

9 IPSEC Key Management ISAKMP –Internet Security Association and Key Management Protocol Oakley –DH-based key management protocol Photuris –DH-based key management protocol SKIP –Sun’s DH-based key management protocol Protocols changed considerably over time, most borrowed ideas from each other

10 Photuris Latin for “firefly”, Firefly is the NSA’s key exchange protocol for STU-III secure phones Three-stage protocol –1. Exchange cookies –2. Use D-H to establish a shared secret Agree on security parameters –3. Identify other party Authenticate data exchanged in steps 1 and 2 –n. Change session keys or update security parameters

11 Photuris Cookie based on IP address and port, stops flooding attacks –Attacker requests many key exchanges and bogs down host (clogging attack) Cookie depends on –IP address and port –Secret known only to host –Cookie = hash( source and dest IP and port + local secret ) Host can recognize a returned cookie –Attacker can’t generate fake cookies Later adopted by other IPSEC key management protocols

12 Photuris Client Server Client cookie   Server cookie Offered schemes Chosen scheme  D-H keygen  D-H keygen Client identity Authentication for previous data   Server identity Authentication for previous data

13 SKIP Each machine has a public DH value authenticated via –X.509 certificates –PGP certificates –Secure DNS Public D-H value is used as an implicit shared key calculation parameter –Shared key is used once to exchange encrypted session key –Session key is used for further encryption/authentication Clean-room non-US version developed by Sun partner in Moscow –US government forced Sun to halt further work with non-US version

14 Oakley Exchange messages containing any of –Client/server cookies –DH information –Offered/chosen security parameters –Client/server ID’s until both sides are satisfied Oakley is extremely open-ended, with many variations possible –Exact details of messages exchange depends on exchange requirements Speed vs thoroughness Identification vs anonymity New session establishment vs rekey D-H exchange vs shared secrets vs PKC-based exchange

15 ISAKMP NSA-designed protocol to exchange security parameters (but not establish keys) –Protocol to establish, modify, and delete IPSEC security associations –Provides a general framework for exchanging cookies, security parameters, and key management and identification information –Exact details left to other protocols Two phases –1. Establish secure, authenticated channel (“SA”) –2. Negotiate security parameters (“KMP”)

16 IKE (ISAKMP/Oakley) ISAKMP merged with Oakley –ISAKMP provides the protocol framework –Oakley provides the security mechanisms Combined version clarifies both protocols, resolves ambiguities

17 IKE (ISAKMP/Oakley) Phase 1 example Client Server Client cookie Client ID Key exchange information   Server cookie Server ID Key exchange information Server signature Client signature  Other variants possible (data spread over more messages, authentication via shared secrets) –Above example is aggressive exchange which minimizes the number of messages

18 IKE (ISAKMP/Oakley) Phase 2 example Client Server Encrypted, MAC’d Client nonce Security parameters Offered   Encrypted, MAC’d Server nonce Security parameters accepted Encrypted, MAC’d Client nonce Server nonce 

19 IPSEC Algorithms DES in CBC mode for encryption HMAC/MD5 and HMAC/SHA (truncated to 96 bits) for authentication Later versions added optional, DOI-dependent algorithms –3DES –Blowfish –CAST-128 –IDEA –RC5 –Triple IDEA (!!!)

Download ppt "IP Security Lawrence Taub IPSEC IP security — security built into the IP layer Provides host-to-host (or router-to-router) encryption and."

Similar presentations

IP Security have considered some application specific security mechanisms –eg. S/MIME, PGP, Kerberos, SSL/HTTPS however there are security concerns that.

IP Security have considered some application specific security mechanisms –eg. S/MIME, PGP, Kerberos, SSL/HTTPS however there are security concerns that.
Internet Protocol Security (IP Sec)

Internet Protocol Security (IP Sec)
IPSec In Depth. Encapsulated Security Payload (ESP) Must encrypt and/or authenticate in each packet Encryption occurs before authentication Authentication.

IPSec In Depth. Encapsulated Security Payload (ESP) Must encrypt and/or authenticate in each packet Encryption occurs before authentication Authentication.
IPSec: Authentication Header, Encapsulating Security Payload Protocols CSCI 5931 Web Security Edward Murphy.

IPSec: Authentication Header, Encapsulating Security Payload Protocols CSCI 5931 Web Security Edward Murphy.
IP Security. n Have a range of application specific security mechanisms u eg. S/MIME, PGP, Kerberos, SSL/HTTPS n However there are security concerns that.

IP Security. n Have a range of application specific security mechanisms u eg. S/MIME, PGP, Kerberos, SSL/HTTPS n However there are security concerns that.
Security at the Network Layer: IPSec

Security at the Network Layer: IPSec
NAT TRAVERSAL FOR IPSEC Research Seminar on Datacommunications Software HIIT 09.11.2005.

NAT TRAVERSAL FOR IPSEC Research Seminar on Datacommunications Software HIIT
Network Security Essentials Chapter 8 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.

Network Security Essentials Chapter 8 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.
Information System Security AABFS-Jordan Summer 2006 IP Security Supervisor :Dr. Lo'ai Ali Tawalbeh Done by: Wa’el Musa Hadi.

Information System Security AABFS-Jordan Summer 2006 IP Security Supervisor :Dr. Lo'ai Ali Tawalbeh Done by: Wa’el Musa Hadi.
Network Layer Security: IPSec

Network Layer Security: IPSec
Cryptography and Network Security Chapter 16 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Chapter 16 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.
Chapter 5 Network Security Protocols in Practice Part I

Chapter 5 Network Security Protocols in Practice Part I
Chapter 13 IPsec. IPsec (IP Security)  A collection of protocols used to create VPNs  A network layer security protocol providing cryptographic security.

Chapter 13 IPsec. IPsec (IP Security)  A collection of protocols used to create VPNs  A network layer security protocol providing cryptographic security.
ECE 454/CS 594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall.

ECE 454/CS 594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall.
1 Lecture 15: IPsec AH and ESP IPsec introduction: uses and modes IPsec concepts –security association –security policy database IPsec headers –authentication.

1 Lecture 15: IPsec AH and ESP IPsec introduction: uses and modes IPsec concepts –security association –security policy database IPsec headers –authentication.
Henric Johnson1 Ola Flygt Växjö University, Sweden +46 470 70 86 49 IP Security.

Henric Johnson1 Ola Flygt Växjö University, Sweden IP Security.
Henric Johnson1 Chapter 6 IP Security. Henric Johnson2 Outline Internetworking and Internet Protocols IP Security Overview IP Security Architecture Authentication.

Henric Johnson1 Chapter 6 IP Security. Henric Johnson2 Outline Internetworking and Internet Protocols IP Security Overview IP Security Architecture Authentication.
IP Security IPSec 2 * Essential Network Security Book Slides. IT352 | Network Security |Najwa AlGhamdi 1.

IP Security IPSec 2 * Essential Network Security Book Slides. IT352 | Network Security |Najwa AlGhamdi 1.
CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.

CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.
Crypto – chapter 16 - noack Introduction to network stcurity Chapter 16 - Stallings.

Crypto – chapter 16 - noack Introduction to network stcurity Chapter 16 - Stallings.

Similar presentations

Ads by Google