Internet Security

CS457 SeminarZhao Cheng

Security attacks

• interruption, interception, modification, fabrication

• passive attack, active attack

Security services

• Confidentiality

• Authentication

• Integrity

• Nonrepudiation

IPSec services

SA(Security Association): one way relationship, identified by

• SPI(Security Parameter Index).

• IP Destination Address.

• Security Protocol Identifier:

AH(authentication Header)

ESP(Encapsulation Security Payload)

Two modes

• Transport mode: protection for upper layer protocol.

• Tunnel mode: protection to entire IP packet.

Authentication header

• Header definition.

• Anti-Replay service

• Integrity check value

Encapsulating Security Payload

• Format.

• Encryption and authentication.

Key management

• Manual: configured by system administrator with its own keys and keys of other systems.

• Automated: on demand creation of keys for SAs, ISAKMP(Internet Security Association and Key Management Protocol) by default.

Benefit of IPSec

• Strong and easy security for group behind firewall.

• Transparent to applications.

• Transparent to end users.

• Security for individual users can be provided.

TLS(transport layer security)

• Object: reliable end to end security over TCP.

• Construction: two layers of protocols.

SSL Record Protocol

• Record Protocol Operation and format.

SSL Handshake Protocol

Phases:

1. Establish Security Capabilities.

2. Server Authentication and Key Exchange.

3. Client Authentication and Key Exchange.

4. Finish.

Example on handshake protocol

Services of TSL

1. Integrity: by cryptographic checksums.

2. Confidentiality: by encryption on SSL payloads.

3. Authentication: by handshake protocol.

Summary

• Attacks on network security and corresponding security services.

• IPSec: Services approaches on IP layer.

• TLS: Services approaches on transport layer.