security architecture for the internet protocol(ipsec)
DESCRIPTION
INTERNET PROTOCOL SECURITY ISSUES AND ATTACKSTRANSCRIPT
INTERNET PROTOCOL SECURITY
BY-
SWAPNIL B. PATIL
INTRODUCTION
Internet Protocol Security (IPsec) is a protocol suite for securing internet protocol communications by authentication and encryption each IP packet of a communication session. IPsec includes protocols for establishing mutual authentication between agents at the beginning of the session and negotiation of cryptographic key to be used during the session. IPsec can be used in protecting data flows between a pair of hosts (host-to-host), between a pair of security gateways (network-to-network), or between a security gateway and a host (network-to-host)
OBJECTIVE IPsec is designed to provide interoperable, high quality,
cryptographically-based security for IPv4 and IPv6. The set of security services offered includes access
control, connectionless layer protocols, integrity, data origin authentication, protection against replays, confidentiality and limited traffic flow confidentiality.
These objectives are met through the use of two traffic security protocols, the Authentication Header (AH) and the Encapsulating Security Payload (ESP), and through the use of cryptographic key management procedures and protocols.
ABSTRACTThe goal of this architecture is to provide various security services
for traffic at the IP layer, in both the IPv4 and IPv6 Environments. IPSec security properties are critically depend on the underlying
key exchange protocols, known as IKE (Internet Key Exchange).The IP security protocols (IPsec) may be used via security
gateways that apply cryptographic operations to provide security services to datagrams, and this mode of use is supported by an increasing number of commercial products. Goal that IPsec is capable of achieving, and we provide criteria that entail that a network with particular IPsec processing achieves its security goals.
SECURITY AT DIFFERENT LAYERS
Link layer: WEP / 802.11iApplication layer: PGPTransport layer: SSLNetwork layer: IPsec
IP SECURITY IP datagrams have no inherent security
IP source address can be spoofed Content of IP datagrams can be sniffed, modified and replayed.
IPSec is a method for protecting IP datagrams Standardized by IETF: dozens of RFCs. Only sender and receiver have to be IPsec compliant Rest of network can be regular IP
IPSEC ARCHITECTURE
PROS AND CONS OF IPSEC
PROS
Transparency to applications
Diffie-Hellman groups
Authentication method
Firewall packet filtering
CONS
IPSec Remote-Access Approach
No Portable Transmission
SECURITY ISSUES WITH IP
Eavesdropping
Data modification
Identity spoofing (IP address spoofing)
Denial-of-service attack
Man-in-the-middle attack
Sniffer attack
PROTECTION AGAINST ATTACKS ESP
Checksum
Mutual Verification
Mutual Authentication
Filtering Methodology
REFERENCES http://docs.oracle.com/cd/E19683-01/817-2694/ipsec-ov-1/index.html
http://technet.microsoft.com/en-us/library/cc700826.aspx
http://en.wikipedia.org/wiki/IPsec
www.sans.org/.../vulnerabilitys-ipsec-discussion-weaknesses-ipsec-imple
THANK YOU