![Page 1: L3A: A Protocol for Layer Three Accounting Alwyn Goodloe, Matthew Jacobs, Gaurav Shah University of Pennsylvania Carl A. Gunter University of Illinois](https://reader034.vdocuments.mx/reader034/viewer/2022051315/56649e605503460f94b5b6c5/html5/thumbnails/1.jpg)
L3A: A Protocol for Layer Three Accounting
Alwyn Goodloe, Matthew Jacobs, Gaurav ShahUniversity of Pennsylvania
Carl A. GunterUniversity of Illinois
![Page 2: L3A: A Protocol for Layer Three Accounting Alwyn Goodloe, Matthew Jacobs, Gaurav Shah University of Pennsylvania Carl A. Gunter University of Illinois](https://reader034.vdocuments.mx/reader034/viewer/2022051315/56649e605503460f94b5b6c5/html5/thumbnails/2.jpg)
SOHO to Enterprise Example
Home Internet Office
C AP VPN SWPA to AP
Ipsec to Office
SSH to Server
Three levels ofAuthentication andEncryption!
Address TranslatorsAnd Firewalls
![Page 3: L3A: A Protocol for Layer Three Accounting Alwyn Goodloe, Matthew Jacobs, Gaurav Shah University of Pennsylvania Carl A. Gunter University of Illinois](https://reader034.vdocuments.mx/reader034/viewer/2022051315/56649e605503460f94b5b6c5/html5/thumbnails/3.jpg)
Multi-Tunnel Configuration
Application
Protocols to set upTunnels/
Security Objectives Of Tunnels
N/W Security/Key Exchange
![Page 4: L3A: A Protocol for Layer Three Accounting Alwyn Goodloe, Matthew Jacobs, Gaurav Shah University of Pennsylvania Carl A. Gunter University of Illinois](https://reader034.vdocuments.mx/reader034/viewer/2022051315/56649e605503460f94b5b6c5/html5/thumbnails/4.jpg)
Cramming Attacks
Client Server
AccountingSystem
SD
Professional Workstation 6000
PRO
Attacker
E2E SecurityTunnel
NetworkAccessServer(NAS)
NAS SecurityTunnel
UnauthenticatedIngress
![Page 5: L3A: A Protocol for Layer Three Accounting Alwyn Goodloe, Matthew Jacobs, Gaurav Shah University of Pennsylvania Carl A. Gunter University of Illinois](https://reader034.vdocuments.mx/reader034/viewer/2022051315/56649e605503460f94b5b6c5/html5/thumbnails/5.jpg)
Countermeasures
Add difficult-to-discover state to return port. Problematic: On-path attackers Establishing sufficient state
Example: Network Address Translation (NAT) Determined by four flow parameters Well known destinations give strategies for server ports
and addresses Weaknesses in NAT parameter selections Brute force: 10,000 pkts/sec on stock machine Observed 7 minutes for timeout
![Page 6: L3A: A Protocol for Layer Three Accounting Alwyn Goodloe, Matthew Jacobs, Gaurav Shah University of Pennsylvania Carl A. Gunter University of Illinois](https://reader034.vdocuments.mx/reader034/viewer/2022051315/56649e605503460f94b5b6c5/html5/thumbnails/6.jpg)
Tunnel as Countermeasure
NAS
Client ServerEncrypted and
Authenticated E2E Tunnel
AuthenticatedClient2NAS
Tunnel
AuthenticatedNAS2Server
Tunnel
Challenge: Coordinate the creation of the tunnels
![Page 7: L3A: A Protocol for Layer Three Accounting Alwyn Goodloe, Matthew Jacobs, Gaurav Shah University of Pennsylvania Carl A. Gunter University of Illinois](https://reader034.vdocuments.mx/reader034/viewer/2022051315/56649e605503460f94b5b6c5/html5/thumbnails/7.jpg)
Related Work
Accounting Simple Network
Management Protocol (SNMP)
RADIUS Juniper Networks:
GPRS gateway provides protection against “over-billing” attacks
Tunnel Configuration Solsoft Policy Server Z. Fu and S.F. Wu
2001 Cisco Dynamic
Multipoint VPN (DM VPN)
Cisco Tunnel Endpoint Discovery (TED)
![Page 8: L3A: A Protocol for Layer Three Accounting Alwyn Goodloe, Matthew Jacobs, Gaurav Shah University of Pennsylvania Carl A. Gunter University of Illinois](https://reader034.vdocuments.mx/reader034/viewer/2022051315/56649e605503460f94b5b6c5/html5/thumbnails/8.jpg)
L3A Set-Up
Client NAS Server
Req(cred)
Ack(cred)
Fin
SPD CS:(CN)
SPD CS:(CN)
SPD SC:(SN)
SPD:SC:(SN)
![Page 9: L3A: A Protocol for Layer Three Accounting Alwyn Goodloe, Matthew Jacobs, Gaurav Shah University of Pennsylvania Carl A. Gunter University of Illinois](https://reader034.vdocuments.mx/reader034/viewer/2022051315/56649e605503460f94b5b6c5/html5/thumbnails/9.jpg)
L3A Set-Up With Reuse
Client
Server1
Server2
NAS
Req(Cred)
SPD CS2:(CN)
SPD CS2:(CN)
SPD S2C:(S2N)
SPD S2C:(S2N)
Ack(cred)
![Page 10: L3A: A Protocol for Layer Three Accounting Alwyn Goodloe, Matthew Jacobs, Gaurav Shah University of Pennsylvania Carl A. Gunter University of Illinois](https://reader034.vdocuments.mx/reader034/viewer/2022051315/56649e605503460f94b5b6c5/html5/thumbnails/10.jpg)
L3A Tear-Down
eb d
f
1.delete(e)
remove e
remove f
2.delete(e,f)
3.TD-Req(n-s)
6.TD-Ack(n,s)
4.delete(c)
5.delete(c,d)
remove c
remove e, f
remove dremove c, d
remove a
remove bremove a, b
7.delete(a)
8.delete(a,b)
a c
Client NAS
Server
![Page 11: L3A: A Protocol for Layer Three Accounting Alwyn Goodloe, Matthew Jacobs, Gaurav Shah University of Pennsylvania Carl A. Gunter University of Illinois](https://reader034.vdocuments.mx/reader034/viewer/2022051315/56649e605503460f94b5b6c5/html5/thumbnails/11.jpg)
Implementation
Micron 600MHz Pentiums, 128 MB memory in C/S and 256 in NAS, 100 Mbps Ethernet links
FreeBSD 4.8, OpenSSL crypto, PF_KEY interface to SPD
IKE- our implementation of IKEv2 with support for nested tunnels
![Page 12: L3A: A Protocol for Layer Three Accounting Alwyn Goodloe, Matthew Jacobs, Gaurav Shah University of Pennsylvania Carl A. Gunter University of Illinois](https://reader034.vdocuments.mx/reader034/viewer/2022051315/56649e605503460f94b5b6c5/html5/thumbnails/12.jpg)
IKE-
Initiator
Update SADB:I->RUpdate SPDB:I->R
Update SADB:R->I
Update SPDB:R->I
Update SADB:I->R
Update SPDB:I->R
Update SADB:R->I
Update SPDB:R->I
1. SPI-i,0,F,KE-i,n-i
2. SPI-i,SPI-r,F, KE-r, n-r
3. SPI-i,SPI-r, E*(Sk-r,M)where M = ID-i,ID-r,Cert-i,Auth-i,TS-i,TS-r
4. SPI-i, SPI-r, E*(SK-r,N)where N = ID-i, Cert-r, Auth-r
SD
Professional Workstation 6000
PRO
SD
Professional Workstation 6000
PRO
Responder
![Page 13: L3A: A Protocol for Layer Three Accounting Alwyn Goodloe, Matthew Jacobs, Gaurav Shah University of Pennsylvania Carl A. Gunter University of Illinois](https://reader034.vdocuments.mx/reader034/viewer/2022051315/56649e605503460f94b5b6c5/html5/thumbnails/13.jpg)
Performance Measurements
Throughput How does L3A bulk transmission compare to no
accounting or other approaches to accounting? Latency
How does L3A set-up compare to other approaches in ms required for set-up and tear-down?
Both measured for a single client and server; NAS was only lightly loaded.
NAS
Client ServerEncrypted and
Authenticated E2E Tunnel
AuthenticatedClient2NAS
Tunnel
AuthenticatedNAS2Server
Tunnel
![Page 14: L3A: A Protocol for Layer Three Accounting Alwyn Goodloe, Matthew Jacobs, Gaurav Shah University of Pennsylvania Carl A. Gunter University of Illinois](https://reader034.vdocuments.mx/reader034/viewer/2022051315/56649e605503460f94b5b6c5/html5/thumbnails/14.jpg)
Throughput Cases
Base – no security End-to-end – IPsec with encryption and
authentication between client and server Typical – IPsec E2E and IPsec with
encryption and authentication between client and NAS
L3A – E2E and authenticated tunnels between client and NAS NAS and server
![Page 15: L3A: A Protocol for Layer Three Accounting Alwyn Goodloe, Matthew Jacobs, Gaurav Shah University of Pennsylvania Carl A. Gunter University of Illinois](https://reader034.vdocuments.mx/reader034/viewer/2022051315/56649e605503460f94b5b6c5/html5/thumbnails/15.jpg)
Throughput
0
10
20
30
40
50
60
70
80
90
Base End-to-end Typical L3A
Mb
/s
79.7
25.4
9.6
19.3
L3A is 100% faster than typical L3A is 32% slower than no accounting
![Page 16: L3A: A Protocol for Layer Three Accounting Alwyn Goodloe, Matthew Jacobs, Gaurav Shah University of Pennsylvania Carl A. Gunter University of Illinois](https://reader034.vdocuments.mx/reader034/viewer/2022051315/56649e605503460f94b5b6c5/html5/thumbnails/16.jpg)
Latency Cases
End-to-end – IPsec IKE- from end to end L3A without reuse L3A with reuse of client to NAS tunnel
![Page 17: L3A: A Protocol for Layer Three Accounting Alwyn Goodloe, Matthew Jacobs, Gaurav Shah University of Pennsylvania Carl A. Gunter University of Illinois](https://reader034.vdocuments.mx/reader034/viewer/2022051315/56649e605503460f94b5b6c5/html5/thumbnails/17.jpg)
Latency
0
20
40
60
80
100
120
140
160
180
End-to-end L3A w/ Reuse L3A w/o Reuse
Tim
e (m
s)
66
97.9
159.5
Latency to establish tunnels for accounting is 142% greater than end-to-end protection alone, but
In the most common case, it will be only 48% longer.
![Page 18: L3A: A Protocol for Layer Three Accounting Alwyn Goodloe, Matthew Jacobs, Gaurav Shah University of Pennsylvania Carl A. Gunter University of Illinois](https://reader034.vdocuments.mx/reader034/viewer/2022051315/56649e605503460f94b5b6c5/html5/thumbnails/18.jpg)
Conclusions
Introduced concept of cramming attacks Reviewed possible countermeasures and did
penetration study of NAT Proposed L3A protocol Implementation shows reasonable
performance Main contribution: progress on how to design
multi-tunnel protocols