network security (contd.)

04/19/23 Tutorial on Network Security: Sep 2003

1

Network Security (contd.)Network Security (contd.)

Bijendra Jain([email protected])


2

Lecture 5: IPSecLecture 5: IPSec


3

IPSec: IP SecurityIPSec: IP Security An IETF standard

– IPSec architecture and related standards published as refer RFC 1825 thru RFC 1829

Adrresses security issues arising from– authentication and confidentiality– connecting a remote host to a server– Interconnecting two LANs using a public network

Applications:– wide-area networking of branch offices using Internet– Interconnecting supplier/distributor extranets to enterprise network– Telecommuting– E-commerce

Implemented in clients, servers or in routers


4

IPSec ScenarioIPSec Scenario

Public Network

Enterprise LAN#1

Enterprise LAN#2

PC Server

Router Router

PC

PC


5

Security functions covered by IPSecSecurity functions covered by IPSec Authenticatio

n header (AH)Encapsulating security payload (ESP), without AH

Encapsulating security payload, with AH

Access control Yes Yes Yes

Connection-less integrity Yes Yes

Data origin authentication Yes Yes

Rejection of replayed packets Yes Yes Yes

Confidentiality Yes Yes

(Limited) Flow Confidentiality Yes Yes


6

Modes in IPSecModes in IPSec Transport Mode

– The payload in an IP packet is secured E.g. TCP, UDP, ICMP headers, data

Tunnel Mode– The complete IP packet

including its header is secured


7

Transport Mode IPSecTransport Mode IPSec

Public Network

Enterprise LAN#1

Enterprise LAN#2

PC Server

Router Router

PC

PC

End-to-end authentication and/or encryption

End-to-end authentication and/or encryption


8

Tunnel Mode IPSecTunnel Mode IPSec

Public Network

Enterprise LAN#1

Enterprise LAN#2

PC Server

Router Router

PC

PC

End-system to ROUTER authentication and/or encryption

Router-to-router authentication and/or encryption


9

Transport vs. Tunnel modesTransport vs. Tunnel modes

? Transport mode Tunnel Mode

AH: Authentication function

authenticates TCP/UDP/ICMP header and data

authenticates IP header and data

ESP: Encryption function

encrypts TCP/UDP/ICMP header and data

encrypts IP header and data

ESP with AH

encrypts and authenticates TCP/UDP/ICMP header and

encrypts IP header and data


10

IPSec Tunnel modeIPSec Tunnel mode Advantages:

– Only routers need to implement IPSec functions– Implement VPN (Virtual private network)

Public Network

Enterprise LAN

Router Router

RouterRouterEnterprise LAN

Enterprise LAN

Enterprise LAN


11

IPSec: Authentication HeaderIPSec: Authentication Header

Original IP packet

Encoded packet in “transport mode”?

Encoded packet in “tunnel mode”?

Original IP hdr

TCP header

TCP data

Original IP hdr

TCP header

TCP data

Authen. hdr

Original IP hdr

TCP header

TCP data

Authen. hdr

NEW IP hdr


12

IPSec: packet format for AHIPSec: packet format for AH

Reserved (16 bits)Payload length

Next header

Identifier (32 bits)

Sequence number (32 bits)

AH (variable length, default 96 bits)

Based on: MD5, or SHA-1

Covers TCP/UDP/ICMP header, data and portions of “non-mutable” IP headers

Payload (IP or TCP packet)

Original/new IP header


13

IPSec: ESP (Encryption)IPSec: ESP (Encryption)

Original IP packet

Encoded packet in “transport mode”?

Encoded packet in “tunnel mode”?

Original IP hdr

TCP header

TCP data

Original IP hdr

TCP header

TCP data

ESP hdr ESP trailer

AH (optional)

Original IP hdr

TCP header

TCP data

ESP hdrNEW IP hdr

ESP trailer

AH (optional)


14

IPSec: packet format for ESPIPSec: packet format for ESP

Identifier (32 bits)

Sequence number (32 bits)

Payload (TCP, or IP packet with padding, pad length, next header), suitably encrypted using 3DES, RC5 or …

Original/new IP header

Authentication Header based on MD5, etc.

encrypted

authenticated

Pad length, …


15

Combining security functionsCombining security functions Authentication with confidentiality

– ESP, with AH

An AH inside a ESP (both in transport mode)

PC

Server

Public Network

Enterprise LAN

Router

Router

Enterprise LAN


16

Combining security functionsCombining security functions An AH inside a ESP (both in transport mode), and all

this within a ESP tunnel across the routers

PC

Server

Public Network

Enterprise LAN

Router

Router

Enterprise LAN


17

Key exchangeKey exchange Key generation and exchange using some “physical

means” Automated generation of keys

– Oakley key determination and exchange Based on Diffie-Hellman key generation algorithm Oakley key exchanged protocol


18

Diffie-Hellman key generationDiffie-Hellman key generation A distributed key generation scheme Given q - a large prime number

a – a primitive root of q

(1 <= ak mod q < q, and distinct for all 1 <= k < q)

A:– picks XA (keeps it secret),– computes and sends YA aXA mod q to B

B:– picks XB (keeps it secret),– computes and sends YB aXB mod q A

A and B compute the secret shared key aXA XB

YBXA or YAXB


19

Diffie-Hellman key generationDiffie-Hellman key generation Man-in-the-middle attack

– Assumes ability to intercept, and spoof

A

E

BXA, A2B XE, A2B

XE, B2A XB, B2A

aXA*XE aXB*XE


20

Diffie-Hellman key generationDiffie-Hellman key generation Issues with the algorithm:

– What is the value of q, a? Make available several sets, and let the parties negotiate

– Man-in-the-middle attack Use some form of authentication

– Denial of service attack, arises from address-spoofing Use cookies:

– Replay attacks Use nonces


21

CookiesCookies Cookies:

A requests B’s attentionB responds with a “cookie” (a random number), KA must return K in its subsequent messages

Characteristics of cookies:– Should depend upon data specific to B– Should use some secret information– Cookie generation and verification must be fast– B should not have to save the cookie

Example method used:– Hash sender/receiver IP address TCP port nos. and a secret

value


22

Oakley Key exchangeOakley Key exchange


23

Oakley Key exchange: part 1Oakley Key exchange: part 1 A to B

ID of A, ID of B

Initiator cookie, CK-A

Encryption, hash, authentication algorithms

Specific Diffie Hellman group (q, a)

public key yA = aXA mod q

Nonce NA

SignedKR(A)[ID of A, ID of B, NA, q, a, yA]


24

Oakley Key exchange: part 2Oakley Key exchange: part 2 B to A

ID of B, ID of A

Responder cookie, CK-B, Returned initiator cookie, CK-A



public key yB = aXB mod q

Nonce NA, NB

SignedKR(B)[ID of B, ID of A, NA, NB, q, a, yB yA]


25

Oakley Key exchange: part 3Oakley Key exchange: part 3 A to B

ID of A, ID of B

Returned cookie, CK-B, initiator cookie, CK-A



public key yA = aXA mod q

Nonce NA, NB

SignedKR(A)[ID of A, ID of B, NA, NB, q, a, yB yA]


26

ThanksThanks

network security (contd.)

Documents

network security contd

security functionsan

adrresses security issues

transport mode ipsectutorial

tunnel mode ipsectutorial

dataauthenticates ip

esp tunnel

packet format