lecture 05 ip security

Lecture 05 IP Security

Asst.Prof.Supakorn Kungpisdan, [email protected]

NETE0519-ITEC4614 2

Motivation IPSec Architecture How IPSec Works IPSec Security Protocols IPSec Modes Combining Security Associations IPSec Key Exchange and Management Protocol IPSec benefits and limitations

Outline

NETE0519-ITEC4614 3

Originally authentication and confidentiality were not enforced at the IP level Source/Destination IP address spoofing Inspection of IP payload Replay

Motivations

NETE0519-ITEC4614 4

a.b.c.100NFS server

x.y.z.200 - shutdownFor maintenance

x.y.x.201 -> x.y.x.200Authorized NFS clientMasquerading as authorisedclient

router

a.b.c.100NFS server

x.y.z.200Authorized NFS client

x.y.x.201UNAuthorized NFS client

router

IP Spoofing Attack

NETE0519-ITEC4614 5

Ping Of Death Attack

ICMP, an integral part of IP, is utilized to report network errors.

PING (Packet InterNet Grouper) utilizes ICMP echo request and reply packets to test host reachability.

ICMP messages normally consist of the IP Header and enclosed ICMP data with a default size of 64 bytes. If the Hacker sends an ICMP Echo request that is

greater than 65,536 bytes, this can crash or reboot the system.

A newer attack method modifies the header to indicate that there is more data in the packet than there actually is.

NETE0519-ITEC4614 6

Smurf Attack

Hacker sends an ICMP echo request to the target network with a destination broadcast address and a spoofed source address of the target

The network serves as a "bounce site" and returns an echo reply packet for each station on the network The network serves to multiply the effect of the "ping". The echo

request packet could be sent to multiple networks

NETE0519-ITEC4614 7

Why look for security at IP level?

Below Transport Layer Not specific to network applications no need to change software at Application Layer

Transparent to users no need to train users

Enhance security when used with higher-level applications Enhance security of firewalls

Easily identify authorised access to the network

NETE0519-ITEC4614 8

What can be done at IP Layer?

Authentication: Allows the receiver to validate the identity of a sender,

client/server machine or process. Integrity:

Provides assurance to the receiver that the transmitted data has not been changed.

Confidentiality: Preventing the unwanted disclosure of information during

transit.

NETE0519-ITEC4614 9

SSL, TLS

IPSec

Kerboros, HTTPS, S/MIME, PGP… Application

Transport(TCP, UDP)

Data Link

Physical

Network (IP)

TCP/IP & Possible Security Enhancement

NETE0519-ITEC4614 10

IPSec

A type of VPN (Virtual Private Network) Types of VPNs

VPN over SSH (Secure Shell) and PPP (Point-to-point Protocol)

VPN over SSL/TLS (Secure Socket Layer/Transport Layer Security) and PPP

IPSec PPTP (Point-to-point Tunneling Protocol) etc.



Roadmap


An IP Security Scenario


Applications of IPSec

Secure branch office connectivity over the Internet Save cost no need to have leased line

Secure remote access over the Internet Establishing extranet and intranet connectivity with partners Enhancing electronic commerce security

Extranet enables B2B ecommerce transactions among business partners


IP Security Architecture


IP Security Architecture (cont.) Architecture:

general concepts, requirements, definitions, and mechanisms defining IPSec technology

Encapsulating Security Payload (ESP) Generally provide encryption to IP Payload (data) and optionally provide authentication

Authentication Header (AH) Provide authentication to IP headers

Encryption algorithm Describe encryption algo used for ESP

Authentication algorithm Describe authentication algo. For AH and ESP

Key Management Involve determination and distribution of secret keys

Domain of interpretation (DOI) Contains identifiers for approved encryption and authentication algorithms, key lifetime

parameters, etc.


Motivation IPSec Architecture How IPSec Works IPSec Modes IPSec Security Protocols Combining Security Associations IPSec Key Exchange and Management Protocol IPSec benefits and limitations

Roadmap


Security Associations

a one-way relationship between sender & receiver that affords security for traffic flow A party who wants to send and receive data needs 2 SAs

defined by 3 parameters: Security Parameters Index (SPI) IP Destination Address Security Protocol Identifier (AH or ESP)

has a number of other parameters seq no, AH & ESP info, lifetime etc

have a database of Security Associations (SADs) Security services are afforded to an SA for the use of AH or ESP,

but not both


SAD Example

Incoming packet contains SPI, dest IP, security protocol used to refer to an entry in SAD

Can configure to specific app. E.g. http traffic

192.168.1.1


Security Policy Database (SPD)

Make higher-level decision on what to do with IP packet SPD enforces protection policy, whereas SAD supplies the

necessary parameters and makes it possible.


How IPSec Works

SPD

SAD

SAD

SPD

IPSec needed? If so, pass to SAD

If so, check header to see how IPSec is implemented

Check header to see if IPSec packet is receivedRemove IPSec header

Decide to allow or drop incoming packet

Sender

Recipient

How IPSec Works (cont.)

Outbound Traffic: Send packet out to the network IPSec checks Security Policy Database (SPD) to decide to

Let the packet go through without IPSec protected Drop packet Protect packet using IPSec

21NETE0519-ITEC4614


How IPSec Works (cont.)

Inbound Traffic: Incoming packet from the network1. System determines Security Association (SA) for the packet.

SA is composed of: Security Parameters Index (SPI): served as an index in Security

Association Database (SAD) Destination IP Address IPSec Data Manipulation Protocol (Authentication Header (AH) or

Encapsulation Security Payload (ESP))

2. Determine appropriate SA, then perform authentication/decryption to extract data from IPSec data

3. Once original header is extract, look up SPD rules to see if it matches any rule or not.

Example: Outbound Traffic

SPD

SAD


Rule#

Src IP Dst IP Src Port

Dst Port

Action IPSec Protocol

Mode Outbound SA Index

1 192.168.1.1 192.168.2.1 Any 80 IPSec AH Tunnel 400

2 192.168.1.23 192.168.2.5 Any 22 Accept - - 8500

SPI Src IP Dst IP Src Port

Dst Port

Parameter Type Pointer to SPD

400 192.168.1.1 192.168.2.1 Any 80 ..... Outbound 1

8500 192.168.1.23 192.168.2.5 Any 22 - - 2



Roadmap


Authentication Header (AH)

provides support for data integrity & authentication of IP packets end system/router can authenticate user/app prevents address spoofing attacks by tracking sequence

numbers based on use of a MAC

HMAC-MD5-96 or HMAC-SHA-1-96 parties must share a secret key


Authentication Header

Contain MAC of the packet

AH Frame


Mutable fields: fields that can be changed during transmission e.g. TTLImmutable fields: source address, header length, destination address, upper-layer protocol data e.g. TCP or UDP segments


Encapsulating Security Payload (ESP)

provides message content confidentiality & limited traffic flow confidentiality

can optionally provide the same authentication services as AH supports range of ciphers, modes, padding

incl. DES, Triple-DES, RC5, IDEA, CAST etc CBC & other modes padding needed to fill blocksize, fields, for traffic flow Current specs supports CBC-DES encryption


ESP (cont.)

ESP Frame



Motivation IPSec Architecture How IPSec Works IPSec Modes IPSec Security Protocols Combining Security Associations IPSec Key Exchange and Management Protocol IPSec benefits and limitations

Roadmap


Typically used in peer-to-peer communications, especially for internal networks

Data packet is encrypted but the IP header is not. IP Payload and parts of IP header are authenticated No modification of original IP header. Only

authentication can be provided at header

Transport Mode


Transport AH

Transport ESP



Tunnel Mode

Used for remote access and site-to-site security Entire packet (header & payload) is encrypted and treated

as a Payload Then a new header is added to establish a “tunnel” for

original IP datagram Generally used between firewalls or gateways -> hosts in

network do not need to implement IPSec ESP encrypts entire inner IP datagram AH authenticates entire inner datagram and parts of outer

IP header

Tunnel AH and ESP



Transport VS Tunnel ESP

Transport ESP mode is used to encrypt & optionally authenticate IP data Data is protected but header is left in clear Can do traffic analysis but is efficient Good for ESP host-to-host traffic

Tunnel ESP mode encrypts the entire IP packet Add new header for next hop Good for VPNs, gateway-to-gateway security


Transport Mode and Tunnel Mode Functionality

Inner IP -> hostOuter IP -> gateway


Transport & Tunnel Modes

Transport: end-to-endTunnel: end-to-intermediate or intermediate-to-intermediate



Roadmap


Security Association Bundles

SAs can implement either AH or ESP To implement both, we need to combine SA’s

Form a security association (SA) bundle May terminate at different or same endpoints Combined by

Transport adjacency Iterated tunneling

issue of authentication & encryption order Authentication before encryption or encryption before

authentication?


Transport Adjacency

Applying more than one security protocol to the same IP packet.

Combining AH & ESP -> performing at only one IPSec instance


Transport Adjacency (cont.)

Use two bundled transport SAs Inner SA ESP without authentication option

Payload is encrypted Outer SA AH

Authentication covers header + ESP

However, need two SAs comparing to one SA


Iterated Tunneling

Allow multiple levels of nesting Each tunnel can originate or terminate at different

IPSec site along the path


Iterated Tunneling (cont.)


Combining Security AssociationsEnd-to-end IPSec connection

Added confidentiality btw gateways from Case2

Simple VPN

Remote access to host through firewall



Roadmap


Key Management

Handles key generation & distribution Typically need 2 pairs of shared keys

2 per direction for AH & ESP Manual key management

System admin manually configures every system Automated key management

Automated system for on demand creation of keys for SA’s in large distribution systems

Has Oakley & ISAKMP elements


Oakley

A key exchange protocol Based on Diffie-Hellman key exchange Adds features to address weaknesses

cookies, groups (global parameters), nonces, DH key exchange with authentication

Can use arithmetic in prime fields or elliptic curve fields


ISAKMP

Internet Security Association and Key Management Protocol provides framework for key management defines procedures and packet formats to establish, negotiate,

modify, and delete SAs independent of key exchange protocol, encryption alg, &

authentication method Initial version of ISAKMP deploys Oakley as its key exchange protocol Alternatively, Oakley protocol operates on top of ISAKMP protocol


ISAKMP


IPSec vs Firewalls

Allow traffic on UDP port 500 (ISAKMP) to and from the IPSec device

If using IPSec in ESP mode, allow IP protocol 50 (ipv6-crypt) to and from the IPSec device

If using IPSec in AH mode, allow IP protocol 51 (ipv6-auth) to and from the IPSec device


Testing IPSec

Using traceroute Host-to-host: traceroute should show display only one hop: the

other end of the VPN Network-to-network: traceroute should show only gateways

and the host in the internet network. Using Telnet

Sniffing telnet connection should not be able to read username and password



Roadmap


Benefits of IPSec Enable business to rely heavily on the Internet and reduce its need

for private networks saving costs & network management

Provide secure network access over the Internet An end-user whose system is equipped with IPSec can make a

local call to ISP and gain secure access to her/his company Provide secure communications between organisations by ensuring

authentication and confidentiality IPSec can be used to create secure tunnel through untrusted

(especially the Internet) networks Sites connected by these tunnels form Virtual Private Networks

(VPN)


Benefits of IPSec (cont.)

Packet authentication makes various attacks harder Address masquerading Address spoofing

IPSec tunnels can be very useful for secure remote administration In a non-end-to-end service, IPSec can ensure that messages

between a pair or a group of sites are encrypted


IPSec cannot provide end-to-end security as systems work at higher levels if you need emails encrypted from the sender’s desktop and decrypt

them at the receiver’s site) Cannot choose what email to by encrypted and not to be encrypted

Specific applications have particular security requirements and IPSec does not provide all security services: IPSec cannot provide total security for credit card payment systems

Some Limitations of IPSec


Cryptography alone is not enough IPSec alone is not enough

E.g: IPSec cannot provide digital signature services

Many factors affect system security. OS security Data management Key management Correctness of implementation

of algorithms Proper system management Human factors

Is IPSec Everything You Need?

Questions?

lecture 05 ip security

Documents

usersenhance security

ip layer

ip header

ip securityasst

icmp echo request

echo request packet

target network

network applicationsno