SlideShare a Scribd company logo

Ipsec 2

Download as PPTX, PDF
Sourabh Badve, profile picture
Sourabh Badve

This document provides an overview of IP Security (IPSec) including its architecture, protocols, and concepts. IPSec provides authentication, confidentiality, and key management for IP packets across local area networks, private and public wide area networks, and the Internet. It operates below the transport layer, making it transparent to applications. IPSec uses security associations, security policy databases, and authentication header and encapsulating security payload protocols to secure IP traffic. While useful, it has some challenges with network address translation devices.

Engineering
1 of 44
Downloaded 156 times
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
IP Security Mr. Sourabh S. Badve
IP Security  Have a range of application specific security mechanisms  eg. S/MIME, PGP, Kerberos, SSL/HTTPS  However there are security concerns that cut across protocol layers  Would like security implemented by the network for all applications
IPSec  General IP Security mechanisms  Provides  authentication  confidentiality  key management  Applicable to use over LANs, across public & private WANs, & for the Internet
IPSec Uses Transparency
Benefits of IPSec  In a firewall/router provides strong security to all traffic crossing the perimeter  In a firewall/router is resistant to bypass  Is below transport layer, hence transparent to applications  Can be transparent to end users  Can provide security for individual users  Secures routing architecture
IP Security Architecture  Specification is quite complex  Defined in numerous RFC’s  incl. RFC 2401/2402/2406/2408  many others, grouped by category  Mandatory in IPv6, optional in IPv4  Have two security header extensions:  Authentication Header (AH)  Encapsulating Security Payload (ESP)
Architecture & Concepts  Tunnel vs. Transport mode  Security association (SA)  Security parameter index (SPI)  Security policy database (SPD)  SA database (SAD)  Authentication header (AH)  Encapsulating security payload (ESP)  Practical Issues w/ NAT
A B Encrypted Tunnel Gateway 1 Gateway 2 New IP Header AH or ESP Header TCP DataOrig IP Header Encrypted Transport Mode vs. Tunnel Mode  Transport mode: host -> host  Tunnel mode: host->gateway or gateway->gateway
Transport Mode  ESP protects higher layer payload only  AH can protect IP headers as well as higher layer payload IP header IP options IPSec header Higher layer protocol ESP AH Real IP destination
Tunnel Mode  ESP applies only to the tunneled packet  AH can be applied to portions of the outer header Outer IP header Inner IP header IPSec header Higher layer protocol ESP AH Real IP destinationDestination IPSec entity
Security Association - SA  Defined by 3 parameters:  Security Parameters Index (SPI)  IP Destination Address  Security Protocol Identifier  Have a database of Security Associations  Determine IPSec processing for senders  Determine IPSec decoding for destination  SAs are not fixed! Generated and customized per traffic flows
Security Parameters Index - SPI  Can be up to 32 bits large  The SPI allows the destination to select the correct SA under which the received packet will be processed  According to the agreement with the sender  The SPI is sent with the packet by the sender  SPI + Dest IP address + IPSec Protocol (AH or ESP) uniquely identifies a SA
SA Database - SAD  Holds parameters for each SA  Lifetime of this SA  AH and ESP information  Tunnel or transport mode  Every host or gateway participating in IPSec has their own SA database
Security Policy Database - SPD  What traffic to protect?  Policy entries define which SA or SA bundles to use on IP traffic  Each host or gateway has their own SPD  Index into SPD by Selector fields  Dest IP, Source IP, Transport Protocol, IPSec Protocol, Source & Dest Ports, …
SPD Entry Actions  Discard  Do not let in or out  Bypass  Outbound: do not apply IPSec  Inbound: do not expect IPSec  Protect – will point to an SA or SA bundle  Outbound: apply security  Inbound: check that security must have been applied
SPD Protect Action  If the SA does not exist…  Outbound processing: use IKE to generate SA dynamically  Inbound processing: drop packet
Is it for IPSec? If so, which policy entry to select? … SPD (Policy) … SA Database IP Packet Outbound packet (on A) A B SPI & IPSec Packet Send to B Determine the SA and its SPI IPSec processing Outbound Processing
Use SPI to index the SAD … SA Database Original IP Packet SPI & Packet Inbound packet (on B) A B From A Inbound Processing … SPD (Policy) Was packet properly secured? “un-process”
Architecture & Concepts  Tunnel vs. Transport mode  Security association (SA)  Security parameter index (SPI)  Security policy database (SPD)  SA database (SAD)  Authentication header (AH)  Encapsulating security payload (ESP)  Practical Issues w/ NAT
Authenticated Header  Data integrity  Entire packet has not been tampered with  Authentication  Can “trust” IP address source  Use MAC to authenticate  Symmetric encryption, e.g, DES  One-way hash functions, e.g, HMAC-MD5-96 or HMAC-SHA-1-96  Anti-replay feature  Integrity check value
… SAD SPI Sequence Number ICV Next Header (TCP/UDP) Payload Length Reserved IPSec Authenticated Header Length of the authentication header
Integrity Check Value - ICV  Keyed Message authentication code (MAC) calculated over  IP header field that do not change or are predictable  Source IP address, destination IP, header length, etc.  Prevent spoofing  Mutable fields excluded: e.g., time-to-live (TTL), IP header checksum, etc.  IPSec protocol header except the ICV value field  Upper-level data  Code may be truncated to first 96 bits
AH: Tunnel and Transport Mode  Original  Transport Mode  Cover most of the original packet  Tunnel Mode  Cover entire original packet
Encapsulating Security Payload (ESP)  Provide message content confidentiality  Provide limited traffic flow confidentiality  Can optionally provide the same authentication services as AH  Supports range of ciphers, modes, padding  Incl. DES, Triple-DES, RC5, IDEA, CAST etc  A variant of DES most common  Pad to meet blocksize, for traffic flow
ESP: Tunnel and Transport Mode  Original  Transport Mode  Good for host to host traffic  Tunnel Mode  Good for VPNs, gateway to gateway security
Outbound Packet Processing  Form ESP header  Security parameter index (SPI)  Sequence number  Pad as necessary  Encrypt result [payload, padding, pad length, next header]  Apply authentication (optional)  Allow rapid detection of replayed/bogus packets  Integrity Check Value (ICV) includes whole ESP packet minus authentication data field
SPI Sequence Number Original IP Header Integrity Check Value Authenticationcoverage Encrypted Payload (TCP Header and Data) Variable Length Pad Length Padding (0-255 bytes) Next Header ESPTransportExample
Inbound Packet Processing...  Sequence number checking  Duplicates are rejected!  Packet decryption  Decrypt quantity [ESP payload,padding,pad length,next header] per SA specification  Processing (stripping) padding per encryption algorithm  Reconstruct the original IP datagram  Authentication verification (optional)  Allow potential parallel processing - decryption & verifying authentication code
Architecture & Concepts  Tunnel vs. Transport mode  Security association (SA)  Security parameter index (SPI)  Security policy database (SPD)  SA database (SAD)  Authentication header (AH)  Encapsulating security payload (ESP)  Practical Issues w/ NAT
NATs Network address translation = local, LAN-specific address space translated to small number of globally routable IP addresses Motivation: Scarce address space Security: prevent unsolicited inbound requests Prevalence of NATs Claim: 50% of broadband users are behind NATs All Linksys/D-Link/Netgear home routers are NATs
NAT types  All use net-10/8 (10.*.*.*) or 192.168/16  Address translation  Address-and-port translation (NAPT)  most common form today, still called NAT  one external (global) IP address  Change IP header and TCP/UDP headers
NAT ExampleIAP’s Point of Presence Router with NAT External IP: 68.40.162.3 Internal IP: 192.168.0.0 Router assigns internal IPs to hosts on LAN : A: 192.168.0.100 B: 192.168.0.101 C: 192.168.0.102 A B C Messages sent between host B to another host on the Internet Host B original source socket: 192.168.0.101 port 1341 Host B translated socket: 68.40.162.3 port 5280
Will IPSec Work with NAT ?  Consider both AH and ESP protocols.  Consider both transport and tunnel modes. For tunnel mode, consider the following two cases  Sender – NAT – IPSec Gateway 1 – IPSec Gateway 2 – Receiver  Sender – IPSec Gateway 1 – NAT – IPSec Gateway 2 – Receiver  What about w/o port # translation?
Backup Slides
Combining Security Associations  SA’s can implement either AH or ESP  to implement both need to combine SA’s  form a security association bundle  may terminate at different or same endpoints  combined by  transport adjacency  iterated tunneling  issue of authentication & encryption order
Combining Security Associations
SA Bundle  More than 1 SA can apply to a packet  Example: ESP does not authenticate new IP header. How to authenticate?  Use SA to apply ESP w/o authentication to original packet  Use 2nd SA to apply AH
Outbound Packet Processing...  Integrity Check Value (ICV) calculation  ICV includes whole ESP packet minus authentication data field  Implicit padding of ‘0’s between next header and authentication data is used to satisfy block size requirement for ICV algorithm
Inbound Packet Processing  Sequence number checking  Anti-replay is used only if authentication is selected  Sequence number should be the first ESP check on a packet upon looking up an SA  Duplicates are rejected! 0 Sliding Window size >= 32 reject Check bitmap, verify if new verify
Anti-replay Feature  Optional  Information to enforce held in SA entry  Sequence number counter - 32 bit for outgoing IPSec packets  Anti-replay window  32-bit  Bit-map for detecting replayed packets
Anti-replay Sliding Window  Window should not be advanced until the packet has been authenticated  Without authentication, malicious packets with large sequence numbers can advance window unnecessarily  Valid packets would be dropped!
ESP Processing - Header Location...  Tunnel mode IPv4 and IPv6 New IP hdr Orig IP hdr TCP Data ESP trailer ESP Auth ESP hdr New ext hdr New IP hdr TCP Data ESP trailer ESP Auth Orig IP hdr ESP hdr Orig ext hdr IPv4 IPv6
Key Management  Handles key generation & distribution  Typically need 2 pairs of keys  2 per direction for AH & ESP  Manual key management  Sysadmin manually configures every system  Automated key management  Automated system for on demand creation of keys for SA’s in large systems
Thank you

More Related Content

PPT
Overview of ip_security by JetArvind kumar Madhukar
ALLCAD Services Pvt Limited
 
PPT
Ipsec
Baidyanath Dutta
 
PPTX
IP Sec - Basic Concepts
Avadhesh Agrawal
 
PPT
IPSec Overview
davisli
 
PPTX
IPSec VPN & IPSec Protocols
NetProtocol Xpert
 
PPT
Ip Sec
Ram Dutt Shukla
 
PPTX
IP security
shraddha mane
 
PPT
Ipsec
Rupesh Mishra
 
Overview of ip_security by JetArvind kumar Madhukar
ALLCAD Services Pvt Limited
 
Ipsec
Baidyanath Dutta
 
IP Sec - Basic Concepts
Avadhesh Agrawal
 
IPSec Overview
davisli
 
IPSec VPN & IPSec Protocols
NetProtocol Xpert
 
Ip Sec
Ram Dutt Shukla
 
IP security
shraddha mane
 
Ipsec
Rupesh Mishra
 

What's hot (19)

PPTX
ip security
Chirag Patel
 
PPT
IP security Part 1
CAS
 
PPTX
Ip security
Naveen Dubey
 
PPTX
Ipsecurity
Chinmay Patel
 
PPT
Ip security
Dr.K.Sreenivas Rao
 
PPT
Ip sec talk
anoean
 
PPTX
Ip security
JithuK6
 
PPTX
IPSec VPN tunnel
ArunKumar Subbiah
 
PPTX
IP Security
sahilshah200
 
PDF
BAIT1103 Chapter 6
limsh
 
PPT
IP Sec by Amin Pathan
aminpathan11
 
PPTX
IPSec and VPN
Abdullaziz Tagawy
 
PDF
IPSec VPN Tutorial Part1
Abdallah Abuouf
 
PPT
Ip sec and ssl
Mohd Arif
 
PPTX
Keymanagement of ipsec
PACHIYAPPAN PACHIYAPPAS
 
PPTX
Ipsec (network security)
AhmadRahmanian1
 
PPTX
IP Security
Keshab Nath
 
PDF
IP Security
Ambo University
 
PPTX
IPsec with AH
jtlevesque
 
ip security
Chirag Patel
 
IP security Part 1
CAS
 
Ip security
Naveen Dubey
 
Ipsecurity
Chinmay Patel
 
Ip security
Dr.K.Sreenivas Rao
 
Ip sec talk
anoean
 
Ip security
JithuK6
 
IPSec VPN tunnel
ArunKumar Subbiah
 
IP Security
sahilshah200
 
BAIT1103 Chapter 6
limsh
 
IP Sec by Amin Pathan
aminpathan11
 
IPSec and VPN
Abdullaziz Tagawy
 
IPSec VPN Tutorial Part1
Abdallah Abuouf
 
Ip sec and ssl
Mohd Arif
 
Keymanagement of ipsec
PACHIYAPPAN PACHIYAPPAS
 
Ipsec (network security)
AhmadRahmanian1
 
IP Security
Keshab Nath
 
IP Security
Ambo University
 
IPsec with AH
jtlevesque
 
Ad

Viewers also liked (20)

PPT
IP Security in Network Security NS6
koolkampus
 
PPT
Ip security in i psec
Mohd Arif
 
PPTX
Rfc5996(internet key exchange protocol version 2 (ik ev2))
Tetsuya Hasegawa
 
PPTX
I psecurity
ZainabNoorGul
 
PPTX
Multilayer Security Architecture for Internet Protocols
Nasir Bhutta
 
PPTX
View, Act, and React: Shaping Business Activity with Analytics, BigData Queri...
Srinath Perera
 
PPTX
Internet Key Exchange Protocol
Prateek Singh Bapna
 
PDF
Implementing AutoComplete for Freemarker and Velocity languages in ACE Editor
peychevi
 
PDF
Object Oriented Programming in JavaScript
zand3rs
 
PPTX
Mandatory access control for information security
Ajit Dadresa
 
PPTX
Redis vs Aerospike
Sayyaparaju Sunil
 
PPT
IPsec
Ivandro Ismael
 
PPT
Lecture 5 ip security
rajakhurram
 
PDF
Esper - CEP Engine
Aparna Chaudhary
 
PDF
Big Data Day LA 2016/ Big Data Track - Portable Stream and Batch Processing w...
Data Con LA
 
PPTX
Firewall, Trusted Systems,IP Security ,ESP Encryption and Authentication
Gopal Sakarkar
 
PDF
Protocole IKE/IPsec
Thomas Moegli
 
PPTX
Siddhi: A Second Look at Complex Event Processing Implementations
Srinath Perera
 
PDF
Bigdata based fraud detection
Mk Kim
 
PDF
DTS Solution - Building a SOC (Security Operations Center)
Shah Sheikh
 
IP Security in Network Security NS6
koolkampus
 
Ip security in i psec
Mohd Arif
 
Rfc5996(internet key exchange protocol version 2 (ik ev2))
Tetsuya Hasegawa
 
I psecurity
ZainabNoorGul
 
Multilayer Security Architecture for Internet Protocols
Nasir Bhutta
 
View, Act, and React: Shaping Business Activity with Analytics, BigData Queri...
Srinath Perera
 
Internet Key Exchange Protocol
Prateek Singh Bapna
 
Implementing AutoComplete for Freemarker and Velocity languages in ACE Editor
peychevi
 
Object Oriented Programming in JavaScript
zand3rs
 
Mandatory access control for information security
Ajit Dadresa
 
Redis vs Aerospike
Sayyaparaju Sunil
 
IPsec
Ivandro Ismael
 
Lecture 5 ip security
rajakhurram
 
Esper - CEP Engine
Aparna Chaudhary
 
Big Data Day LA 2016/ Big Data Track - Portable Stream and Batch Processing w...
Data Con LA
 
Firewall, Trusted Systems,IP Security ,ESP Encryption and Authentication
Gopal Sakarkar
 
Protocole IKE/IPsec
Thomas Moegli
 
Siddhi: A Second Look at Complex Event Processing Implementations
Srinath Perera
 
Bigdata based fraud detection
Mk Kim
 
DTS Solution - Building a SOC (Security Operations Center)
Shah Sheikh
 
Ad

Similar to Ipsec 2 (20)

PPT
ipsec internet security in network and system.ppt
ubaidullah75790
 
PPT
IS Unit-4 .ppt
NamanRockzz
 
PPTX
Module3 rnbtybtybntrbnbrtrg56g56h6yh6yh7yh5h655PPT.pptx
ThanushB1
 
PPTX
chAPTER 19 INTERNET PROTOCOL SECURITY PRESENTATION
PragyanshuParadkar1
 
PDF
IP Security
Dr.Florence Dayana
 
PPTX
Unit 6
KRAMANJANEYULU1
 
PDF
ipsec.pdfgvdgvdgdgdgddgdgdgdgdgdgdgdgdgd
zmulani8
 
PPTX
IP SEC.ptx
MamoonKhan40
 
PPTX
EOC MODULE 3 IP security - SR.pptx engineering college
komalsingh2444
 
PPT
Chapter No 19 - Network and Security-by-MIT
KamranHussainAwan
 
PPT
IP Security Part 2
CAS
 
PPTX
IP addresse Security in Data Communication & Networks
abdualarg0
 
PDF
Lecture14..pdf
AlaaElhaddad3
 
PDF
Network IP Security.pdf
georgejustymirobi1
 
PPT
2 - IP Security2 - IP Security2 - IP Security
lixir25483
 
PDF
IPsec for IMS
Hossein Yavari
 
PDF
18CS2005 Cryptography and Network Security
Kathirvel Ayyaswamy
 
PPTX
Cryptography and network security
PriyadharshiniVS
 
PPTX
Cryptography and Network security # Lecture 8
Kabul Education University
 
DOCX
[removed]Cryptography and Network Security Principles a.docx
hanneloremccaffery
 
ipsec internet security in network and system.ppt
ubaidullah75790
 
IS Unit-4 .ppt
NamanRockzz
 
Module3 rnbtybtybntrbnbrtrg56g56h6yh6yh7yh5h655PPT.pptx
ThanushB1
 
chAPTER 19 INTERNET PROTOCOL SECURITY PRESENTATION
PragyanshuParadkar1
 
IP Security
Dr.Florence Dayana
 
Unit 6
KRAMANJANEYULU1
 
ipsec.pdfgvdgvdgdgdgddgdgdgdgdgdgdgdgdgd
zmulani8
 
IP SEC.ptx
MamoonKhan40
 
EOC MODULE 3 IP security - SR.pptx engineering college
komalsingh2444
 
Chapter No 19 - Network and Security-by-MIT
KamranHussainAwan
 
IP Security Part 2
CAS
 
IP addresse Security in Data Communication & Networks
abdualarg0
 
Lecture14..pdf
AlaaElhaddad3
 
Network IP Security.pdf
georgejustymirobi1
 
2 - IP Security2 - IP Security2 - IP Security
lixir25483
 
IPsec for IMS
Hossein Yavari
 
18CS2005 Cryptography and Network Security
Kathirvel Ayyaswamy
 
Cryptography and network security
PriyadharshiniVS
 
Cryptography and Network security # Lecture 8
Kabul Education University
 
[removed]Cryptography and Network Security Principles a.docx
hanneloremccaffery
 

More from Sourabh Badve (8)

PPTX
Ip routing
Sourabh Badve
 
PPTX
Cyber crime
Sourabh Badve
 
PPTX
Basic ip traffic management with access control lists
Sourabh Badve
 
PPT
Cryptography
Sourabh Badve
 
PPTX
Basic router configuration
Sourabh Badve
 
PDF
Corporate security
Sourabh Badve
 
PPT
Cyber laws
Sourabh Badve
 
PPT
Ethical hacking
Sourabh Badve
 
Ip routing
Sourabh Badve
 
Cyber crime
Sourabh Badve
 
Basic ip traffic management with access control lists
Sourabh Badve
 
Cryptography
Sourabh Badve
 
Basic router configuration
Sourabh Badve
 
Corporate security
Sourabh Badve
 
Cyber laws
Sourabh Badve
 
Ethical hacking
Sourabh Badve
 

Recently uploaded (20)

PDF
August 2025 - Top 10 Read Articles in Network Security & Its Applications
IJNSA Journal
 
PDF
Level 2 – IBM Data and AI Fundamentals (1)_v1.1.PDF
KSRIHARISASANKA
 
PDF
Artificial Superintelligence (ASI) Alliance Vision Paper.pdf
SonaliPatil325517
 
PPTX
Feature types and data preprocessing steps
deepalishinkar1
 
PPTX
Management Information system : MIS-e-Business Systems.pptx
ShankarGowda22
 
PDF
UNIT no 1 INTRODUCTION TO DBMS NOTES.pdf
pawarbhaktiit
 
PDF
PREDICTION OF DIABETES FROM ELECTRONIC HEALTH RECORDS
ijaia
 
PPTX
Nature of X-rays, X- Ray Equipment, Fluoroscopy
DJERALDINAUXILLIAECE
 
PPTX
Information Storage and Retrieval Techniques Unit III
jeyamohan2519
 
PPTX
Artificial Intelligence
dikshendrasarpate2
 
PDF
Exploratory_Data_Analysis_Fundamentals.pdf
Ashutosh Satapathy
 
PDF
Categorization of Factors Affecting Classification Algorithms Selection
IJDKP
 
PPT
Total quality management ppt for engineering students
juleeyadav818
 
PPTX
Graph Data Structures with Types, Traversals, Connectivity, and Real-Life App...
usham61
 
PPTX
Current and future trends in Computer Vision.pptx
Subramanyam Natarajan
 
PDF
R24 SURVEYING LAB MANUAL for civil enggi
MNANDITHACIVILSTAFF
 
PDF
A SYSTEMATIC REVIEW OF APPLICATIONS IN FRAUD DETECTION
IJNSA Journal
 
PPT
INTRODUCTION -Data Warehousing and Mining-M.Tech- VTU.ppt
Subramanyam Natarajan
 
PDF
BIO-INSPIRED HORMONAL MODULATION AND ADAPTIVE ORCHESTRATION IN S-AI-GPT
ijaia
 
PDF
Visual Aids for Exploratory Data Analysis.pdf
Ashutosh Satapathy
 
August 2025 - Top 10 Read Articles in Network Security & Its Applications
IJNSA Journal
 
Level 2 – IBM Data and AI Fundamentals (1)_v1.1.PDF
KSRIHARISASANKA
 
Artificial Superintelligence (ASI) Alliance Vision Paper.pdf
SonaliPatil325517
 
Feature types and data preprocessing steps
deepalishinkar1
 
Management Information system : MIS-e-Business Systems.pptx
ShankarGowda22
 
UNIT no 1 INTRODUCTION TO DBMS NOTES.pdf
pawarbhaktiit
 
PREDICTION OF DIABETES FROM ELECTRONIC HEALTH RECORDS
ijaia
 
Nature of X-rays, X- Ray Equipment, Fluoroscopy
DJERALDINAUXILLIAECE
 
Information Storage and Retrieval Techniques Unit III
jeyamohan2519
 
Artificial Intelligence
dikshendrasarpate2
 
Exploratory_Data_Analysis_Fundamentals.pdf
Ashutosh Satapathy
 
Categorization of Factors Affecting Classification Algorithms Selection
IJDKP
 
Total quality management ppt for engineering students
juleeyadav818
 
Graph Data Structures with Types, Traversals, Connectivity, and Real-Life App...
usham61
 
Current and future trends in Computer Vision.pptx
Subramanyam Natarajan
 
R24 SURVEYING LAB MANUAL for civil enggi
MNANDITHACIVILSTAFF
 
A SYSTEMATIC REVIEW OF APPLICATIONS IN FRAUD DETECTION
IJNSA Journal
 
INTRODUCTION -Data Warehousing and Mining-M.Tech- VTU.ppt
Subramanyam Natarajan
 
BIO-INSPIRED HORMONAL MODULATION AND ADAPTIVE ORCHESTRATION IN S-AI-GPT
ijaia
 
Visual Aids for Exploratory Data Analysis.pdf
Ashutosh Satapathy
 

Ipsec 2

  • 2. IP Security  Have a range of application specific security mechanisms  eg. S/MIME, PGP, Kerberos, SSL/HTTPS  However there are security concerns that cut across protocol layers  Would like security implemented by the network for all applications
  • 3. IPSec  General IP Security mechanisms  Provides  authentication  confidentiality  key management  Applicable to use over LANs, across public & private WANs, & for the Internet
  • 5. Benefits of IPSec  In a firewall/router provides strong security to all traffic crossing the perimeter  In a firewall/router is resistant to bypass  Is below transport layer, hence transparent to applications  Can be transparent to end users  Can provide security for individual users  Secures routing architecture
  • 6. IP Security Architecture  Specification is quite complex  Defined in numerous RFC’s  incl. RFC 2401/2402/2406/2408  many others, grouped by category  Mandatory in IPv6, optional in IPv4  Have two security header extensions:  Authentication Header (AH)  Encapsulating Security Payload (ESP)
  • 7. Architecture & Concepts  Tunnel vs. Transport mode  Security association (SA)  Security parameter index (SPI)  Security policy database (SPD)  SA database (SAD)  Authentication header (AH)  Encapsulating security payload (ESP)  Practical Issues w/ NAT
  • 8. A B Encrypted Tunnel Gateway 1 Gateway 2 New IP Header AH or ESP Header TCP DataOrig IP Header Encrypted Transport Mode vs. Tunnel Mode  Transport mode: host -> host  Tunnel mode: host->gateway or gateway->gateway
  • 9. Transport Mode  ESP protects higher layer payload only  AH can protect IP headers as well as higher layer payload IP header IP options IPSec header Higher layer protocol ESP AH Real IP destination
  • 10. Tunnel Mode  ESP applies only to the tunneled packet  AH can be applied to portions of the outer header Outer IP header Inner IP header IPSec header Higher layer protocol ESP AH Real IP destinationDestination IPSec entity
  • 11. Security Association - SA  Defined by 3 parameters:  Security Parameters Index (SPI)  IP Destination Address  Security Protocol Identifier  Have a database of Security Associations  Determine IPSec processing for senders  Determine IPSec decoding for destination  SAs are not fixed! Generated and customized per traffic flows
  • 12. Security Parameters Index - SPI  Can be up to 32 bits large  The SPI allows the destination to select the correct SA under which the received packet will be processed  According to the agreement with the sender  The SPI is sent with the packet by the sender  SPI + Dest IP address + IPSec Protocol (AH or ESP) uniquely identifies a SA
  • 13. SA Database - SAD  Holds parameters for each SA  Lifetime of this SA  AH and ESP information  Tunnel or transport mode  Every host or gateway participating in IPSec has their own SA database
  • 14. Security Policy Database - SPD  What traffic to protect?  Policy entries define which SA or SA bundles to use on IP traffic  Each host or gateway has their own SPD  Index into SPD by Selector fields  Dest IP, Source IP, Transport Protocol, IPSec Protocol, Source & Dest Ports, …
  • 15. SPD Entry Actions  Discard  Do not let in or out  Bypass  Outbound: do not apply IPSec  Inbound: do not expect IPSec  Protect – will point to an SA or SA bundle  Outbound: apply security  Inbound: check that security must have been applied
  • 16. SPD Protect Action  If the SA does not exist…  Outbound processing: use IKE to generate SA dynamically  Inbound processing: drop packet
  • 17. Is it for IPSec? If so, which policy entry to select? … SPD (Policy) … SA Database IP Packet Outbound packet (on A) A B SPI & IPSec Packet Send to B Determine the SA and its SPI IPSec processing Outbound Processing
  • 18. Use SPI to index the SAD … SA Database Original IP Packet SPI & Packet Inbound packet (on B) A B From A Inbound Processing … SPD (Policy) Was packet properly secured? “un-process”
  • 19. Architecture & Concepts  Tunnel vs. Transport mode  Security association (SA)  Security parameter index (SPI)  Security policy database (SPD)  SA database (SAD)  Authentication header (AH)  Encapsulating security payload (ESP)  Practical Issues w/ NAT
  • 20. Authenticated Header  Data integrity  Entire packet has not been tampered with  Authentication  Can “trust” IP address source  Use MAC to authenticate  Symmetric encryption, e.g, DES  One-way hash functions, e.g, HMAC-MD5-96 or HMAC-SHA-1-96  Anti-replay feature  Integrity check value
  • 21. … SAD SPI Sequence Number ICV Next Header (TCP/UDP) Payload Length Reserved IPSec Authenticated Header Length of the authentication header
  • 22. Integrity Check Value - ICV  Keyed Message authentication code (MAC) calculated over  IP header field that do not change or are predictable  Source IP address, destination IP, header length, etc.  Prevent spoofing  Mutable fields excluded: e.g., time-to-live (TTL), IP header checksum, etc.  IPSec protocol header except the ICV value field  Upper-level data  Code may be truncated to first 96 bits
  • 23. AH: Tunnel and Transport Mode  Original  Transport Mode  Cover most of the original packet  Tunnel Mode  Cover entire original packet
  • 24. Encapsulating Security Payload (ESP)  Provide message content confidentiality  Provide limited traffic flow confidentiality  Can optionally provide the same authentication services as AH  Supports range of ciphers, modes, padding  Incl. DES, Triple-DES, RC5, IDEA, CAST etc  A variant of DES most common  Pad to meet blocksize, for traffic flow
  • 25. ESP: Tunnel and Transport Mode  Original  Transport Mode  Good for host to host traffic  Tunnel Mode  Good for VPNs, gateway to gateway security
  • 26. Outbound Packet Processing  Form ESP header  Security parameter index (SPI)  Sequence number  Pad as necessary  Encrypt result [payload, padding, pad length, next header]  Apply authentication (optional)  Allow rapid detection of replayed/bogus packets  Integrity Check Value (ICV) includes whole ESP packet minus authentication data field
  • 27. SPI Sequence Number Original IP Header Integrity Check Value Authenticationcoverage Encrypted Payload (TCP Header and Data) Variable Length Pad Length Padding (0-255 bytes) Next Header ESPTransportExample
  • 28. Inbound Packet Processing...  Sequence number checking  Duplicates are rejected!  Packet decryption  Decrypt quantity [ESP payload,padding,pad length,next header] per SA specification  Processing (stripping) padding per encryption algorithm  Reconstruct the original IP datagram  Authentication verification (optional)  Allow potential parallel processing - decryption & verifying authentication code
  • 29. Architecture & Concepts  Tunnel vs. Transport mode  Security association (SA)  Security parameter index (SPI)  Security policy database (SPD)  SA database (SAD)  Authentication header (AH)  Encapsulating security payload (ESP)  Practical Issues w/ NAT
  • 30. NATs Network address translation = local, LAN-specific address space translated to small number of globally routable IP addresses Motivation: Scarce address space Security: prevent unsolicited inbound requests Prevalence of NATs Claim: 50% of broadband users are behind NATs All Linksys/D-Link/Netgear home routers are NATs
  • 31. NAT types  All use net-10/8 (10.*.*.*) or 192.168/16  Address translation  Address-and-port translation (NAPT)  most common form today, still called NAT  one external (global) IP address  Change IP header and TCP/UDP headers
  • 32. NAT ExampleIAP’s Point of Presence Router with NAT External IP: 68.40.162.3 Internal IP: 192.168.0.0 Router assigns internal IPs to hosts on LAN : A: 192.168.0.100 B: 192.168.0.101 C: 192.168.0.102 A B C Messages sent between host B to another host on the Internet Host B original source socket: 192.168.0.101 port 1341 Host B translated socket: 68.40.162.3 port 5280
  • 33. Will IPSec Work with NAT ?  Consider both AH and ESP protocols.  Consider both transport and tunnel modes. For tunnel mode, consider the following two cases  Sender – NAT – IPSec Gateway 1 – IPSec Gateway 2 – Receiver  Sender – IPSec Gateway 1 – NAT – IPSec Gateway 2 – Receiver  What about w/o port # translation?
  • 35. Combining Security Associations  SA’s can implement either AH or ESP  to implement both need to combine SA’s  form a security association bundle  may terminate at different or same endpoints  combined by  transport adjacency  iterated tunneling  issue of authentication & encryption order
  • 37. SA Bundle  More than 1 SA can apply to a packet  Example: ESP does not authenticate new IP header. How to authenticate?  Use SA to apply ESP w/o authentication to original packet  Use 2nd SA to apply AH
  • 38. Outbound Packet Processing...  Integrity Check Value (ICV) calculation  ICV includes whole ESP packet minus authentication data field  Implicit padding of ‘0’s between next header and authentication data is used to satisfy block size requirement for ICV algorithm
  • 39. Inbound Packet Processing  Sequence number checking  Anti-replay is used only if authentication is selected  Sequence number should be the first ESP check on a packet upon looking up an SA  Duplicates are rejected! 0 Sliding Window size >= 32 reject Check bitmap, verify if new verify
  • 40. Anti-replay Feature  Optional  Information to enforce held in SA entry  Sequence number counter - 32 bit for outgoing IPSec packets  Anti-replay window  32-bit  Bit-map for detecting replayed packets
  • 41. Anti-replay Sliding Window  Window should not be advanced until the packet has been authenticated  Without authentication, malicious packets with large sequence numbers can advance window unnecessarily  Valid packets would be dropped!
  • 42. ESP Processing - Header Location...  Tunnel mode IPv4 and IPv6 New IP hdr Orig IP hdr TCP Data ESP trailer ESP Auth ESP hdr New ext hdr New IP hdr TCP Data ESP trailer ESP Auth Orig IP hdr ESP hdr Orig ext hdr IPv4 IPv6
  • 43. Key Management  Handles key generation & distribution  Typically need 2 pairs of keys  2 per direction for AH & ESP  Manual key management  Sysadmin manually configures every system  Automated key management  Automated system for on demand creation of keys for SA’s in large systems

Editor's Notes

  • #3: The Internet community has developed application-specific security mechanisms in a number of application areas, including electronic mail (S/MIME, PGP), client/server (Kerberos), Web access (Secure Sockets Layer), and others. However users have some security concerns that cut across protocol layers. By implementing security at the IP level, an organization can ensure secure networking not only for applications that have security mechanisms but also for the many security-ignorant applications.
  • #4: IP-level security encompasses three functional areas: authentication, confidentiality, and key management. The authentication mechanism assures that a received packet was transmitted by the party identified as the source in the packet header, and that the packet has not been altered in transit. The confidentiality facility enables communicating nodes to encrypt messages to prevent eavesdropping by third parties. The key management facility is concerned with the secure exchange of keys. IPSec provides the capability to secure communications across a LAN, across private and public WANs, and across the Internet.
  • #5: Stallings Figure 16.1 illustrates a typical IP Security scenario. An organization maintains LANs at dispersed locations. Nonsecure IP traffic is conducted on each LAN. For traffic offsite, through some sort of private or public WAN, IPSec protocols are used. These protocols operate in networking devices, such as a router or firewall, that connect each LAN to the outside world. The IPSec networking device will typically encrypt and compress all traffic going into the WAN, and decrypt and decompress traffic coming from the WAN; these operations are transparent to workstations and servers on the LAN. Secure transmission is also possible with individual users who dial into the WAN. Such user workstations must implement the IPSec protocols to provide security. Security Associations A one-way relationship between sender & receiver that affords security for traffic flow Can be between A pair of hosts A host and a security gateway A pair of security gateways
  • #6: [MARK97] lists the benefits shown for IPSec. It also plays a vital role in the routing architecture required for internetworking.
  • #7: The IPSec specification has become quite complex. The IPSec specification consists of numerous documents. The most important of these,issued in November of 1998, are • RFC 2401: An overview of a security architecture • RFC 2402: Description of a packet authentication extension to IPv4 and IPv6 • RFC 2406: Description of a packet encryption extension to IPv4 and IPv6 • RFC 2408: Specification of key management capabilities In addition to these four RFCs, a number of additional drafts have been published by the IP Security Protocol Working Group set up by the IETF. The documents are divided into seven groups. Support for these features is mandatory for IPv6 and optional for IPv4. In both cases, the security features are implemented as extension headers that follow the main IP header. The extension header for authentication is known as the Authentication Header (AH); that for encryption is known as the Encapsulating Security Payload (ESP) header.
  • #9: Stallings Figure 16.5 shows the difference between end-to-end (transport) mode and end-to-intermediate (tunnel) mode. Transport mode provides protection primarily for upper-layer protocol payloads, by inserting the AH after the original IP header and before the IP payload. Typically, transport mode is used for end-to-end communication between two hosts. Tunnel mode provides protection to the entire IP, after the AH or ESP fields are added to the IP packet, the entire packet plus security fields is treated as the payload of new “outer”IP packet with a new outer IP header. Tunnel mode is used when one or both ends of an SA are a security gateway, such as a firewall or router that implements IPSec.
  • #13: Dest IP can be a security gateway.
  • #14: See page 168, Stallings
  • #15: See page 169, Stallings
  • #16: Doraswamy & Harkins, page 45
  • #17: Doraswamy & Harkins, page 46
  • #18: SA Selectors figure out which policy in SPD applies to traffic
  • #22: Stallings Figure 16.3 shows the Authentication Header fields: • Next Header (8 bits): Identifies the type of header immediately following this header • Payload Length (8 bits): Length of Authentication Header in 32-bit words, minus 2. • Reserved (16 bits): For future use • Security Parameters Index (32 bits): Identifies a security association • Sequence Number (32 bits): A monotonically increasing counter value • Authentication Data (variable): A variable-length field (must be an integral number of 32-bit words) that contains the Integrity Check Value (ICV), or MAC,for this packet
  • #32: No, no matter transport mode, tunnel mode, AH or ESP.
  • #34: Transport mode, AH, no ESP, no (b/c port # and checksum need to be changed) IPsec ESP transport mode is imcompatible with NAT. In the case of TCP/UDP packets, NAT would need to update the checksum in TCP/UDP headers, when an address in IP header is changed. However, as the TCP/UDP header is encrypted by the ESP, NAT would not be able to make this checksum update. As a result, TCP/UDP packets encrypted in transport mode ESP, traversing a NAT device will fail the TCP/UDP checksum validation on the receiving end and will simply not reach the target application. For tunnel modes. For config a: yes for both AH and ESP For config b: No for both AH and ESP (b/c port # cannot be changed), unless specific reasons are given for ESP tunnel modes, e.g., UDP encapsulation. But for NAT w/o port #, config b can work w/ ESP.
  • #36: An individual SA can implement either the AH or ESP protocol but not both. Sometimes a particular traffic flow will call for the services provided by both AH and ESP. Further, a particular traffic flow may require IPSec services between hosts and ,for that same flow, separate services between security gateways, such as firewalls. In all of these cases, multiple SAs must be employed for the same traffic flow to achieve the desired IPSec services. The term security association bundle refers to a sequence of SAs through which traffic must be processed to provide a desired set of IPSec services. The SAs in a bundle may terminate at different endpoints or at the same endpoints. Security associations may be combined into bundles in two ways: • Transport adjacency: more than one security protocol on same IP packet, without invoking tunneling • Iterated tunneling: application of multiple layers of security protocols effected through IP tunneling One interesting issue is the order in which authentication and encryption may be applied between a given pair of endpoints.
  • #37: The IPSec Architecture document lists four examples of combinations of SAs that must be supported by compliant IPSec hosts or security gateways. These are illustrated in Stallings Figure 16.10. Note the *’d devices implement IPSec. The cases are: Case 1 security is provided between end systems that implement IPSec. Case 2 security is provided only between gateways (routers,firewalls,etc.) and no hosts implement IPSec. Case 3 builds on Case 2 by adding end-to-end security .The same combinations discussed for cases 1 and 2 are allowed here. Case 4 provides support for a remote host that uses the Internet to reach an organization’s firewall and then to gain access to some server or workstation behind the firewall. Only tunnel mode is required between the remote host and the firewall.
  • #42: D & H, p 47