Computer Science IPSec CPSC499 Information Security Management Fall, 2005 CPSC499 Information Security Management Outline • Internet Protocol – – – – Datagram format IPv4 addressing NAT IPv6 • IPSec – – – – Security Association (SA) IPSec Base Protocol (AH,
Download ReportTranscript Computer Science IPSec CPSC499 Information Security Management Fall, 2005 CPSC499 Information Security Management Outline • Internet Protocol – – – – Datagram format IPv4 addressing NAT IPv6 • IPSec – – – – Security Association (SA) IPSec Base Protocol (AH,
Computer Science IPSec CPSC499 Information Security Management Fall, 2005 CPSC499 Information Security Management Outline • Internet Protocol – – – – Datagram format IPv4 addressing NAT IPv6 • IPSec – – – – Security Association (SA) IPSec Base Protocol (AH, ESP) Encapsulation Mode (transport, tunnel) Key Management Fall, 2005 CPSC499 Information Security Management Computer Science The Internet Network layer Computer Science Host, router network layer functions: Transport layer: TCP, UDP Network layer IP protocol •addressing conventions •datagram format •packet handling conventions Routing protocols •path selection •RIP, OSPF, BGP forwarding table ICMP protocol •error reporting •router “signaling” Link layer physical layer Fall, 2005 CPSC499 Information Security Management IP datagram format IP protocol version number header length (bytes) “type” of data max number remaining hops (decremented at each router) upper layer protocol to deliver payload to how much overhead with TCP? • 20 bytes of TCP • 20 bytes of IP • = 40 bytes + app layer overhead Fall, 2005 Computer Science 32 bits head. type of length ver len service fragment 16-bit identifier flgs offset upper time to Internet layer live checksum total datagram length (bytes) for fragmentation/ reassembly 32 bit source IP address 32 bit destination IP address Options (if any) data (variable length, typically a TCP or UDP segment) CPSC499 Information Security Management E.g. timestamp, record route taken, specify list of routers to visit. IP Fragmentation & Reassembly Computer Science • network links have MTU (max.transfer size) - largest possible link-level frame. – different link types, different MTUs fragmentation: in: one large datagram out: 3 smaller datagrams • large IP datagram divided (“fragmented”) within net – one datagram becomes several datagrams – “reassembled” only at final destination – IP header bits used to identify, order related fragments Fall, 2005 reassembly CPSC499 Information Security Management IP Fragmentation and Reassembly Example • 4000 byte datagram • MTU = 1500 bytes 1480 bytes in data field offset = 1480/8 Fall, 2005 Computer Science length ID fragflag offset =4000 =x =0 =0 One large datagram becomes several smaller datagrams length ID fragflag offset =1500 =x =1 =0 length ID fragflag offset =1500 =x =1 =185 length ID fragflag offset =1040 =x =0 =370 CPSC499 Information Security Management Outline • Internet Protocol – – – – Datagram format IPv4 addressing NAT IPv6 • IPSec – – – – Security Association (SA) IPSec Base Protocol (AH, ESP) Encapsulation Mode (transport, tunnel) Key Management Fall, 2005 CPSC499 Information Security Management Computer Science IP Addressing: introduction • IP address: 32-bit identifier for host, router interface • interface: connection between host/router and physical link – router’s typically have multiple interfaces – host may have multiple interfaces – IP addresses associated with each interface 223.1.1.1 223.1.2.1 223.1.1.2 223.1.1.4 223.1.1.3 223.1.2.9 223.1.3.27 223.1.2.2 223.1.3.2 223.1.3.1 223.1.1.1 = 11011111 00000001 00000001 00000001 223 Fall, 2005 Computer Science 1 CPSC499 Information Security Management 1 1 Subnets Computer Science • IP address: – subnet part (high order bits) – host part (low order bits) 223.1.1.1 223.1.2.1 223.1.1.2 223.1.1.4 223.1.2.9 • What’s a subnet ? – device interfaces with same subnet part of IP address – can physically reach each other without intervening router 223.1.1.3 223.1.3.27 223.1.2.2 LAN 223.1.3.1 223.1.3.2 network consisting of 3 subnets Fall, 2005 CPSC499 Information Security Management Subnets Computer Science 223.1.1.0/24 223.1.2.0/24 Recipe • To determine the subnets, detach each interface from its host or router, creating islands of isolated networks. Each isolated network is called a subnet. 223.1.3.0/24 Subnet mask: /24 Fall, 2005 CPSC499 Information Security Management IP addressing: CIDR Computer Science CIDR: Classless InterDomain Routing – subnet portion of address of arbitrary length – address format: a.b.c.d/x, where x is # bits in subnet portion of address subnet part host part 11001000 00010111 00010000 00000000 200.23.16.0/23 Fall, 2005 CPSC499 Information Security Management IP addresses: how to get one? Computer Science Q: How does host get IP address? • hard-coded by system admin in a file – Wintel: control-panel->network->configuration>tcp/ip->properties – UNIX: /etc/rc.config • DHCP: Dynamic Host Configuration Protocol: dynamically get address from as server – “plug-and-play” (more in next chapter) Fall, 2005 CPSC499 Information Security Management IP addresses: how to get one? Computer Science Q: How does network get subnet part of IP addr? A: gets allocated portion of its provider ISP’s address space ISP's block 11001000 00010111 00010000 00000000 200.23.16.0/20 Organization 0 Organization 1 Organization 2 ... 11001000 00010111 00010000 00000000 11001000 00010111 00010010 00000000 11001000 00010111 00010100 00000000 ….. …. 200.23.16.0/23 200.23.18.0/23 200.23.20.0/23 …. Organization 7 11001000 00010111 00011110 00000000 200.23.30.0/23 Fall, 2005 CPSC499 Information Security Management Outline • Internet Protocol – – – – Datagram format IPv4 addressing NAT IPv6 • IPSec – – – – Security Association (SA) IPSec Base Protocol (AH, ESP) Encapsulation Mode (transport, tunnel) Key Management Fall, 2005 CPSC499 Information Security Management Computer Science NAT: Network Address Translation rest of Internet local network (e.g., home network) 10.0.0/24 10.0.0.4 Computer Science 10.0.0.1 10.0.0.2 138.76.29.7 10.0.0.3 All datagrams leaving local network have same single source NAT IP address: 138.76.29.7, different source port numbers Fall, 2005 Datagrams with source or destination in this network have 10.0.0/24 address for source, destination (as usual) CPSC499 Information Security Management NAT: Network Address Translation Computer Science • Motivation: local network uses just one IP address as far as outside word is concerned: – no need to be allocated range of addresses from ISP: just one IP address is used for all devices – can change addresses of devices in local network without notifying outside world – can change ISP without changing addresses of devices in local network – devices inside local net not explicitly addressable, visible by outside world (a security plus). Fall, 2005 CPSC499 Information Security Management NAT: Network Address Translation Computer Science Implementation: NAT router must: – outgoing datagrams: replace (source IP address, port #) of every outgoing datagram to (NAT IP address, new port #) . . . remote clients/servers will respond using (NAT IP address, new port #) as destination addr. – remember (in NAT translation table) every (source IP address, port #) to (NAT IP address, new port #) translation pair – incoming datagrams: replace (NAT IP address, new port #) in dest fields of every incoming datagram with corresponding (source IP address, port #) stored in NAT table Fall, 2005 CPSC499 Information Security Management NAT: Network Address Translation 2: NAT router changes datagram source addr from 10.0.0.1, 3345 to 138.76.29.7, 5001, updates table 2 NAT translation table WAN side addr LAN side addr 1: host 10.0.0.1 sends datagram to 128.119.40, 80 138.76.29.7, 5001 10.0.0.1, 3345 …… …… S: 10.0.0.1, 3345 D: 128.119.40.186, 80 S: 138.76.29.7, 5001 D: 128.119.40.186, 80 138.76.29.7 S: 128.119.40.186, 80 D: 138.76.29.7, 5001 3 3: Reply arrives dest. address: 138.76.29.7, 5001 Fall, 2005 Computer Science 1 10.0.0.4 S: 128.119.40.186, 80 D: 10.0.0.1, 3345 10.0.0.1 10.0.0.2 4 10.0.0.3 4: NAT router changes datagram dest addr from 138.76.29.7, 5001 to 10.0.0.1, 3345 CPSC499 Information Security Management NAT: Network Address Translation Computer Science • 16-bit port-number field: – 60,000 simultaneous connections with a single LANside address! • NAT is controversial: – routers should only process up to layer 3 – violates end-to-end argument • NAT possibility must be taken into account by app designers, eg, P2P applications – address shortage should instead be solved by IPv6 Fall, 2005 CPSC499 Information Security Management Outline • Internet Protocol – – – – Datagram format IPv4 addressing NAT IPv6 • IPSec – – – – Security Association (SA) IPSec Base Protocol (AH, ESP) Encapsulation Mode (transport, tunnel) Key Management Fall, 2005 CPSC499 Information Security Management Computer Science IPv6 Header • Initial motivation: Computer Science – 32-bit address space soon to be completely allocated. – Expands addresses to 128 bits • 430,000,000,000,000,000,000 for every square inch of earth’s surface! • Solves IPv4 problem of insufficient address space • Additional motivation: – header format helps speed processing/forwarding – header changes to facilitate QoS IPv6 datagram format: – fixed-length 40 byte header – no fragmentation allowed Fall, 2005 CPSC499 Information Security Management IPv6 Header (Cont) Computer Science Priority: identify priority among datagrams in flow Flow Label: identify datagrams in same “flow.” (concept of“flow” not well defined). Next header: identify upper layer protocol for data Fall, 2005 CPSC499 Information Security Management Other Changes from IPv4 Computer Science • Checksum: removed entirely to reduce processing time at each hop • Options: allowed, but outside of header, indicated by “Next Header” field • ICMPv6: new version of ICMP – additional message types, e.g. “Packet Too Big” – multicast group management functions Fall, 2005 CPSC499 Information Security Management IPv6 Security – IPsec mandated Computer Science • IPsec is mandated in IPv6 – This means that all implementations (i.e. hosts, routers, etc) must have IPsec capability to be considered as IPv6-conformant • When (If?) IPv6 is in widespread use, this means that IPsec will be installed everywhere – At the moment, IPsec is more common in network devices (routers, etc) than user hosts, but this would change with IPsec • All hosts having IPsec => real end-to-end security possible Fall, 2005 CPSC499 Information Security Management IPv6 Security Computer Science • Enough IP addrs for every imaginable device + Real end-to-end security = Ability to securely communicate from anything to anything Fall, 2005 CPSC499 Information Security Management IPv6 Security – harder to scan networks Computer Science • With IPv4, it is easy to scan a network – With tools like nmap, can scan a typical subnet in a few minutes see: http://www.insecure.org/nmap/ – Returning list of active hosts and open ports – Many worms also operate by scanning • e.g. Blaster, Slammer – Attackers (& worms) scan for proxies, weak services and back doors Fall, 2005 CPSC499 Information Security Management IPv6 Security – harder to scan networks Computer Science • With IPv6, sparse address allocation makes such brute force scanning impractical – It is 4 billion times harder to scan 1 IPv6 subnet than all of IPv4 • No more Blaster, Slammer, … • Use of “dense” address allocations makes it easier though Fall, 2005 CPSC499 Information Security Management Transition From IPv4 To IPv6 Computer Science Transition from IPv4 to IPv6 will take time: • Due to need to support legacy systems and applications, not all system can be upgraded simultaneously • Instead, organisations deploy IPv6 piecewise with pilot/experimental implementations first known as “6to4” • Thus need for IPv4-IPv6 coexistence – Have dual-stack systems (supporting both v4 and v6) – Tunnelling used to deliver IPv6 packets over IPv4 networks • Tunneling: IPv6 carried as payload in IPv4 datagram among IPv4 routers Fall, 2005 CPSC499 Information Security Management Tunneling Computer Science Logical view: Physical view: A B IPv6 IPv6 A B C IPv6 IPv6 IPv4 Flow: X Src: A Dest: F data Fall, 2005 E F IPv6 IPv6 D E F IPv4 IPv6 IPv6 tunnel Src:B Dest: E Src:B Dest: E Flow: X Src: A Dest: F Flow: X Src: A Dest: F data data Flow: X Src: A Dest: F data B-to-C: D-to-E: E-to-F: IPv6 inside IPv6 inside IPv6 CPSC499 Information Security Management IPv4 IPv4 A-to-B: IPv6 Outline • Internet Protocol – – – – Datagram format IPv4 addressing NAT IPv6 • IPSec – – – – Security Association (SA) IPSec Base Protocol (AH, ESP) Encapsulation Mode (transport, tunnel) Key Management Fall, 2005 CPSC499 Information Security Management Computer Science IP Security (IPsec) Computer Science • Suite of protocols from Internet Engineering Task Force (IETF) providing encryption and authentication at the IP layer – Arose from needs identified in RFC 1636 – Specifications in: • • • • RFC 2401: Security architecture RFC 2402: Authentication RFC 2406: Encryption RFC 2408: Key management • Objective is to encrypt and/or authenticate all traffic at the IP level. Fall, 2005 CPSC499 Information Security Management IP Security Issues • • • • Computer Science Eavesdropping Modification of packets in transit Identity spoofing (forged source IP addresses) Denial of service • Many solutions are application-specific – TLS for Web, S/MIME for email, SSH for remote login • IPSec aims to provide a framework of open standards for secure communications over IP – Protect every protocol running on top of IPv4 and IPv6 Fall, 2005 CPSC499 Information Security Management Typical Usage Fall, 2005 CPSC499 Information Security Management Computer Science IPSec Services Computer Science • Data origin authentication • Confidentiality • Connectionless and partial sequence integrity – Connectionless = integrity for a single IP packet – Partial sequence integrity = prevent packet replay • Limited traffic flow confidentiality – Eavesdropper cannot determine who is talking • These services are transparent to applications above transport (TCP/UDP) layer Fall, 2005 CPSC499 Information Security Management Major IPSec Components Computer Science • Security Association (SA) Database • Each SA refers to all the security parameters of one communication direction • For two-way communications, at least two SAs are needed. • Two Protocols • AH – Authentication Header • ESP – Encapsulating Security CCSPayload 1. Encryption only 2. Encryption with authentication • Two Encapsulation modes 1. Transport mode 2. Tunnel mode Fall, 2005 CPSC499 Information Security Management Outline • Internet Protocol – – – – Datagram format IPv4 addressing NAT IPv6 • IPSec – – – – Security Association (SA) IPSec Base Protocol (AH, ESP) Encapsulation Mode (transport, tunnel) Key Management Fall, 2005 CPSC499 Information Security Management Computer Science Security Association (SA) Computer Science • In order to communicate, each pair of hosts must set up SA with each other • Acts as virtual connection for which various parameters are set: – – – – Type of protection Algorithms Keys … • Simplex: a one way relationship between a sender and a receiver. • For either AH or ESP, but not both Fall, 2005 CPSC499 Information Security Management Security Association (SA) • Computer Science Each SA uniquely identified by: – Security Parameters Index (SPI) • 32-bit string assigned to this SA (local meaning only) – IP destination address of packets • May be end user system, or firewall or router – Security Protocol Identifier (e.g. AH, ESP) • For each IP packet, governing SA is identified by: – Destination IP address in packet header – SPI in extension header (AH or ESP) Fall, 2005 CPSC499 Information Security Management Security Association (SA) Computer Science • It contains all the security parameters needed for one way communication – – – – Sequence number counter Anti-replay window Protocol (e.g. AH / ESP) Transform mode (e.g. transport / tunnel mode / wildcard) – Protocol parameters (e.g. AES, 128-bit, CBC mode, SHA-1) – Lifetime of the SA – etc. Fall, 2005 CPSC499 Information Security Management Outline • Internet Protocol – – – – Datagram format IPv4 addressing NAT IPv6 • IPSec – – – – Security Association (SA) IPSec Base Protocol (AH, ESP) Encapsulation Mode (transport, tunnel) Key Management Fall, 2005 CPSC499 Information Security Management Computer Science Two IPSec Base Protocols • Authentication Header (AH) – Provides message authentication and integrity check of IP data payload, but not confidentiality. – Also Provides authentication for as much of the IP header as possible. – Next header: TCP, UDP, etc. – Sequence Number: Starts at 1, never recycle (optional) Fall, 2005 CPSC499 Information Security Management Computer Science Two IPSec Base Protocols • Encapsulating Security Payload (ESP) • Provides confidentiality and authentication. Either is optional. • When not used, the NULL algorithm defined in RFC-2410 is used. • The authentication trailer must be omitted if not used. • Either encryption or authentication (or both) must be enabled (NULL-NULL is an invalid option) Fall, 2005 CPSC499 Information Security Management Computer Science Outline • Internet Protocol – – – – Datagram format IPv4 addressing NAT IPv6 • IPSec – – – – Security Association (SA) IPSec Base Protocol (AH, ESP) Encapsulation Mode (transport, tunnel) Key Management Fall, 2005 CPSC499 Information Security Management Computer Science Two Encapsulation Modes • Computer Science IPsec defines two encapsulation modes for an IP packet – Transport – Tunnel Original IP packet IP header TCP header Transport mode protected packet IP header IPsec header Tunnel mode protected packet IP header IPsec header Fall, 2005 data TCP header IP header data TCP header CPSC499 Information Security Management data Transport mode Computer Science • • Intercept Network layer packets Encrypt / Authenticate these packets preserving most of the original IP header End-to-end security between two hosts – Typically, client to gateway (e.g., PC to remote host) • Requires IPSec support at each host Network A B Original IP packet IP header TCP header Transport mode protected packet IP header IPsec header Fall, 2005 data TCP header CPSC499 Information Security Management data Tunnel Mode Computer Science • Gateway-to-gateway security – Internal traffic behind gateways not protected – Typical application: virtual private network (VPN) • Only requires IPSec support at gateways Fall, 2005 CPSC499 Information Security Management Tunnel Mode Illustration Implements IPSec Computer Science Implements IPSec IPSec protects communication on the insecure part of the network Fall, 2005 CPSC499 Information Security Management Tunnel mode Computer Science • Intercept Network layer packets Encrypt / Authenticate these packets, while encapsulating the original IP packet entirely Original IP IP packet header TCP header Tunnel mode IP protected packet header IPsec header data IP header TCP header • Versatile and has many deployment modes – Host-to-host – Host-to-router (i.e. remote access) – Router-to-router (a.k.a. Gateway-to-gateway) Fall, 2005 CPSC499 Information Security Management data Tunnel mode Computer Science (Router-to-router / Gateway-to-gateway) Secure Tunnel Host A Host B Network RB RA 1.1.1.1 1.1.1.2 2.3.2.2 2.2.2.1 3.3.3.1 Packet flow Nested packet format IP header Src = 2.2.2.1 Dst = 2.3.2.2 Fall, 2005 IPsec header IP header TCP header Src = 1.1.1.1 Dst = 3.3.3.2 CPSC499 Information Security Management data 3.3.3.2 Tunnel mode Computer Science (Host-to-Router / Remote Access) Secure Tunnel Host A Host B Internet / Intranet SGW Fall, 2005 CPSC499 Information Security Management Transport Mode vs. Tunnel Mode Computer Science • Transport mode secures packet payload and leaves IP header unchanged IP header (real dest) IPSec header TCP/UDP header + data • Tunnel mode encapsulates both IP header and payload into IPSec packets IP header (gateway) Fall, 2005 IPSec header IP header TCP/UDP header + data (real dest) CPSC499 Information Security Management Encapsulation Modes Computer Science Transport Mode Tunnel Mode Authenticates IP payload and selected portions of IP header and IPv6 extension headers Authenticates entire inner IP packet plus selected portions of outer IP header ESP Encrypts IP payload and any IPv6 extension header Encrypts inner IP packet ESP with authentication Encrypts IP payload and any IPv6 extesion header. Authenticates IP payload but no IP header Encrypts inner IP packet. Authenticates inner IP packet but no outer IP header AH Fall, 2005 CPSC499 Information Security Management Authentication Header (AH) Computer Science • Adds extra field to traditional IP packet • This is used to verify authenticity & integrity of the packet Before applying AH: Authenticated (Data + parts of IP header) Transport Mode: data is authenticated, as well as parts of IP header Tunnel Mode: Authenticated (Data + orig IP header + parts of new header) entire original packet is authenticated + parts of new header Fall, 2005 CPSC499 Information Security Management Authentication Header (AH) Computer Science • Protection against replay attack with use of sequence number • Why have an Authentication-only protocol (AH)? – May be used where export/import/use of encryption is restricted – Faster implementation – Receiver can choose whether expend the effort to verify authenticity/integrity Fall, 2005 CPSC499 Information Security Management AH: Authentication Header Computer Science • • • • Provides integrity and origin authentication Authenticates portions of the IP header Anti-replay service (to counter denial of service) No confidentiality Next header (TCP) Payload length Reserved Security parameters index (SPI) Sequence number ICV: Integrity Check Value (HMAC of IP header, AH, TCP payload) Fall, 2005 Identifies security association (shared keys and algorithms) Anti-replay Authenticates source, verifies integrity of payload CPSC499 Information Security Management Prevention of Replay Attacks Computer Science • When SA is established, sender initializes 32-bit counter to 0, increments by 1 for each packet – If wraps around 232-1, new SA must be established • Recipient maintains a sliding 64-bit window – If a packet with high sequence number is received, do not advance window until packet is authenticated Fall, 2005 CPSC499 Information Security Management Encapsulating Security Payload (ESP) Computer Science Original IP packet: Encrypted Transport Mode: only data is encrypted & authenticated Encrypted Tunnel Mode: entire packet encrypted & authenticated Fall, 2005 Authenticated (optionally) Authenticated (optionally) CPSC499 Information Security Management ESP Packet Computer Science Identifies security association (shared keys and algorithms) Anti-replay TCP segment (transport mode) or entire IP packet (tunnel mode) Pad to block size for cipher, also hide actual payload length Type of payload HMAC-based Integrity Check Value (similar to AH) Fall, 2005 CPSC499 Information Security Management Encapsulating Security Payload (ESP) Computer Science • Content of IP packet is encrypted and encapsulated between header and trailer fields. • Authentication data optionally added Fall, 2005 CPSC499 Information Security Management Authentication + Confidentiality (ESP) Computer Science • Confidentiality and integrity for packet payload – Symmetric cipher negotiated as part of security assoc • Provides authentication (similar to AH) • Can work in transport… encrypted Original IP header ESP header TCP/UDP segment • …or tunnel mode New IP header Fall, 2005 ESP header Original IP header ESP trailer ESP auth authenticated TCP/UDP segment ESP trailer CPSC499 Information Security Management ESP auth Combining Security Associations • SAs can implement either AH or ESP • to implement both need to combine SAs – form a security bundle • have 4 cases (see next) Fall, 2005 CPSC499 Information Security Management Computer Science Selection of Protocol Modes (Host-to-Host) • Transport Mode • Tunnel Mode Fall, 2005 CPSC499 Information Security Management Computer Science Selection of Protocol Modes (Router-to-Router) • Tunnel Mode Fall, 2005 CPSC499 Information Security Management Computer Science Selection of Protocol Modes (Pass-through IPSec) • Tunnel mode for gateway-to-gateway • Transport mode / tunnel mode for host-to-host Fall, 2005 CPSC499 Information Security Management Computer Science Selection of Protocol Modes (Remote access) • Tunnel mode for host-to-gateway • Transport mode / tunnel mode for gateway-to-host Fall, 2005 CPSC499 Information Security Management Computer Science Outline • Internet Protocol – – – – Datagram format IPv4 addressing NAT IPv6 • IPSec – – – – Security Association (SA) IPSec Base Protocol (AH, ESP) Encapsulation Mode (transport, tunnel) Key Management Fall, 2005 CPSC499 Information Security Management Computer Science Key Management in IPsec Computer Science • Generation and distribution of secret keys • Manual – Sysadmin configures keys (doesn’t scale well) • automated key management – automated system for on demand creation of keys for SA’s in large systems – has Oakley & ISAKMP elements Fall, 2005 CPSC499 Information Security Management Oakley Computer Science • a key exchange protocol • based on Diffie-Hellman key exchange • adds features to address weaknesses – cookies, groups (global params), nonces, DH key exchange with authentication Fall, 2005 CPSC499 Information Security Management Diffie-Hellman Setup • all users agree on global parameters: – large prime integer or polynomial q – α a primitive root mod q • each user (eg. A) generates their key – chooses a secret key (number): xA < q x – compute their public key: yA = α A mod q • each user makes public that key yA Fall, 2005 CPSC499 Information Security Management Computer Science Diffie-Hellman Calculation Computer Science • shared session key for users A & B is KAB: x x KAB = α A. B mod q x = yA B mod q (which B can compute) x = yB A mod q (which A can compute) • KAB is used as session key in private-key encryption scheme between Alice and Bob • if Alice and Bob subsequently communicate, they will have the same key as before, unless they choose new public-keys • attacker know q and public key YA, not possible to calculate private key XA, nor shared session key Fall, 2005 CPSC499 Information Security Management ISAKMP Computer Science • Internet Security Association and Key Management Protocol (ISAKMP) • provides framework for key management • defines procedures and packet formats to establish, negotiate, modify, & delete SAs • independent of key exchange protocol, encryption alg, & authentication method Fall, 2005 CPSC499 Information Security Management ISAKMP Fall, 2005 CPSC499 Information Security Management Computer Science IPsec Benefits Computer Science • Provides a level of security for all applications. – Allows deployment of new/emerging applications that may not have their own security. • Transparent to transport layer • Transparent to end-users – No need for training, key issue, key revocation, etc. • Can be provided to individual users where needed (e.g. off-site workers) • Extensible to new, stronger, cryptographic methods as these become available Fall, 2005 CPSC499 Information Security Management IPsec Drawbacks Computer Science • Processing performance overhead – Protection is applied to all traffic, though only a small portion may be security-sensitive • Blocks access to non-IPsec hosts • Hosts must have security association – Not great for short-lived connections • Not practical for broadcast Fall, 2005 CPSC499 Information Security Management Uses of IPsec Computer Science • Virtual Private Network (VPN) establishment – For connecting remote offices and users using public Internet • Low-cost remote access – e.g. teleworker gains secure access to company network via local call to ISP • Extranet connectivity – Secure communication with partners, suppliers, etc. Fall, 2005 CPSC499 Information Security Management Note on VPN concept Computer Science • Private Network – A set of computers connected together and protected from the Internet (usually with a firewall) – Traditionally made up of LAN(s) within individual locations. If needed, wide area (e.g. inter-branch) connection is made by secure leased telecommunications lines. Fall, 2005 CPSC499 Information Security Management Note on VPN concept Computer Science • Virtual Private Network (VPN) – Uses public (insecure) Internet for parts of network connectivity – Made possible by use of cryptography – Can be enabled by IPsec or SSH tunnelling, among other methods Fall, 2005 CPSC499 Information Security Management Virtual Private Networks (a) A leased-line private network. Fall, 2005 Computer Science (b) A virtual private network. CPSC499 Information Security Management Virtual Private Networks (VPNs) Computer Science • A virtual private network (VPN) is the extension of a private network. • A VPN enables you to send data between two computers across the Internet in a manner that emulates the properties of a point-to-point private link. • To emulate a point-to-point link, data is encapsulated (or wrapped) with a header that provides routing information allowing it to traverse the Internet to reach its endpoint. • To emulate a private link, the data being sent is encrypted for confidentiality. Fall, 2005 CPSC499 Information Security Management Components of a VPN Connection Computer Science • VPN server: A computer that accepts VPN connections from VPN clients. • VPN client: A computer that initiates a VPN connection to a VPN server. • Tunnel: The portion of the connection in which your data is encapsulated (or wrapped) according to a tunneling protocol. • VPN connection: The portion of the connection in which your data is encrypted. Fall, 2005 CPSC499 Information Security Management VPN Connections Computer Science • Remote Access VPN connection • Router-to-Router VPN connection Fall, 2005 CPSC499 Information Security Management Standards Computer Science • • • • • • • • • RFC2401 IPSec RFC2402 AH RFC2403 HMAC MD5 RFC2404 HMAC SHA-1 RFC2405 DES CBC with IV RFC2406 IP ESP RFC2407 DOI for ISAKMP RFC2408 ISAKMP RFC2409 IKE Fall, 2005 CPSC499 Information Security Management Computer Science IPSec Document Overview Fall, 2005 CPSC499 Information Security Management Outline • Internet Protocol – – – – Datagram format IPv4 addressing NAT IPv6 • IPSec – – – – Security Association (SA) IPSec Base Protocol (AH, ESP) Encapsulation Mode (transport, tunnel) Key Management Fall, 2005 CPSC499 Information Security Management Computer Science