IP Security PDF: Overview, Applications, and Protocols

IP Security IP SECURITY OVERVIEW ▪ RFC 1636. Issued in 1994 by the Internet Architecture Board (IAB) ▪ Identifies key areas for security mechanisms  Need to secure the network infrastructure from unauthorized monitoring and control of network traffic  Need to secure end-user-to-end-user traffic using authentication and encryption mechanisms ▪ IAB included authentication and encryption as necessary in IPv6  The IPsec specification now exists as a set of Internet standards APPLICATIONS OF IPSEC ▪ IPsec can provide security between any two network-layer entities  host-host, host-router, router-router ▪ Examples include: ▪ Secure branch office connectivity over the Internet ▪ Secure remote access over the Internet ▪ Establishing extranet and intranet connectivity with partners ▪ Used widely to establish VPNs ▪ The principal feature of IPsec is that it can encrypt and/or authenticate all traffic at the IP level  Thus, all distributed applications (remote login, client/server, e-mail, file transfer, Web access) can be secured BENEFITS OF IPSEC Some of the benefits of IPsec: 1. When IPsec is implemented in a firewall or router, it provides strong security that can be applied to all traffic crossing the perimeter 2. IPsec in a firewall is resistant to bypass if all traffic from the outside must use IP and the firewall is the only means of entrance from the Internet into the organization 3. IPsec is below the transport layer (TCP, UDP) and so is transparent to applications 4. End-to-end or hop-by-hop security. 5. IPsec is transparent to end users  There is no need to train users on security mechanisms, issue keying material on a per-user basis, or revoke keying material when users leave the organization 6. IPsec can provide security for individual users’ machines if needed  This is useful for offsite workers and for setting up a secure virtual subnetwork within an organization for sensitive applications ROUTING APPLICATIONS ▪ IPsec can play a vital role in the routing architecture required for internetworking ▪ IPsec can assure that: 1. A router advertisement (a new router advertises its presence) comes from an authorized router 2. A router seeking to establish or maintain a neighbor relationship with a router in another routing domain is an authorized router 3. A routing update is not forged IPSEC SERVICES ▪ IPsec provides security services at the IP layer by enabling a system to: 1. Select required security protocols 2. Determine the algorithm(s) to use for the service(s) 3. Put in place any cryptographic keys required to provide the requested services Two protocols are used to provide security: 1. Authentication Header (AH): provides authentication service only; and 2. Encapsulating Security Payload (ESP): provides combined encryption/authentication services. TRANSPORT AND TUNNEL MODES Transport Mode Tunnel Mode Provides protection primarily for upper- Provides protection to the entire IP packet layer protocols Used when one or both ends of a security association (SA) are a security gateway Typically used for end-to-end Therefore, a number of hosts on communication between two hosts networks behind firewalls may engage in secure communications without implementing IPsec ESP in transport mode encrypts and ESP in tunnel mode encrypts and optionally optionally authenticates the IP payload but authenticates the entire inner IP packet, not the IP header including the inner IP header AH in transport mode authenticates the IP AH in tunnel mode authenticates the entire payload and selected portions of the IP inner IP packet and selected portions of the header outer IP header AH HEADER TRANSPORT VS. TUNNEL MODE ▪ Transport mode: original IP header not touched; IPsec information added between IP header and packet body  IP header | IPsec | [ packet ]  Most logical when IPsec used end-to-end TRANSPORT VS. TUNNEL MODE ▪ Tunnel mode: keep original IP packet intact but protect it; add new header information outside  New IP header | IPsec | [ old IP header | packet ]  Can be used when IPSec is applied at an intermediate point along path (e.g., for firewall-to-firewall traffic)  Treat the link as a secure tunnel  Results in slightly longer packet ESP HEADER AND TRAILER Padding is used If an encryption / Hash algorithm requires the plaintext to be a multiple of some number of bytes. IPsec policy is determined primarily by the interaction of two databases, security association database (SAD) and security policy database (SPD). SECURITY ASSOCIATION (SA) ▪ A one-way connection between a sender and a receiver that affords security services to the traffic carried on it. ▪ In any IP packet, the SA is uniquely identified by three parameters: 1. Security Parameters Index (SPI)  A 32-bit unsigned integer selected by the receiving end of an SA to uniquely identify the SA, having local significance only. 2. IP Destination Address  Address of the destination endpoint of the SA, which may be an end-user system or a network system such as a firewall or router 3. Security protocol identifier  Indicates whether the association is an AH or ESP security association SECURITY ASSOCIATION DATABASE (SAD) SECURITY ASSOCIATION DATABASE (SAD) ▪ Defines the parameters associated with each SA ▪ Normally defined by the following parameters in a SAD entry:  Sequence number counter: Generate the Sequence Number field in AH or ESP headers (32 bits, anti-replay)  Sequence counter overflow: flag indicating overflow of the Sequence Number Counter to prevent further transmission of packets on this SA.  Anti-replay window: To know received packet is replayed SECURITY ASSOCIATION DATABASE (SAD) ▪ Defines the parameters associated with each SA ▪ Normally defined by the following parameters in a SAD entry:  AH information (auth alg, keys, key lifetime, and AH parameters)  ESP information (Auth and Enc alg, Keys, key lifetimes, other parameters)  Lifetime of this security association: A time interval or byte count after which an SA must be replaced with a new SA (and new SPI) or terminated.  IPsec protocol mode (tunnel, transport)  Path MTU SECURITY POLICY DATABASE ▪ Nodes maintain a table specifying what is required for each incoming packet  Discard  Bypass without IPsec protection  Require IPsec protection  Auth only  Enc only  Both ▪ As with firewalls, decisions can be based on any information in the packet SECURITY POLICY DATABASE (SPD) ▪ Each SPD entry is defined by a set of IP and upper- layer protocol field values called selectors (Index) ▪ These are used to filter outgoing traffic in order to map it into a particular SA ▪ In complex environments: ▪ there may be multiple entries that potentially relate to a single SA or SPD SELECTORS The following selectors determine an SPD entry: Remote IP address single IP, an enumerated list or range of addresses, or a wildcard (mask) address The latter two are required to support more than one destination system sharing the same SA Local IP address single IP, an enumerated list or range of addresses, or a wildcard (mask) address The latter two are required to support more than one source system sharing the same SA Next layer protocol IP protocol header includes a field that designates the protocol operating over IP Name This field is optional, descriptive identifier that administrators can assign to each security policy entry for easier identification and management of security policies. Local and remote ports These may be individual TCP or UDP port values, an enumerated list of ports, or a wildcard port Table 20.2 Host SPD Example COMBINING SECURITY ASSOCIATIONS ▪ An individual SA can implement either the AH or ESP protocol but not both ▪ Security association bundle  A sequence of SAs through which traffic must be processed to provide a desired set of IPsec services ▪ May be combined into bundles in two ways: 1. Transport adjacency: Refers to applying more than one security protocol to the same IP packet without invoking tunneling. This approach allows for only one level of combination 2. Iterated tunneling: Refers to the application of multiple layers of security protocols effected through IP tunneling. This approach allows for multiple levels of nesting TRANSPORT ADJACENCY ▪ A way to apply authentication after encryption in ESP is to use two bundled transport SAs, with the inner being an ESP SA and the outer being an AH SA  In this case ESP is used without its authentication option  Encryption is applied to the IP payload  AH is then applied in transport mode  Advantage of this approach is that the authentication covers more fields  Disadvantage is the overhead of two SAs versus one SA TRANSPORT-TUNNEL BUNDLE The use of authentication prior One approach is to use a bundle to encryption might be consisting of an inner AH preferable for several reasons: transport SA and an outer ESP  It is impossible for anyone to intercept tunnel SA the message and alter the authentication  Authentication is applied to the IP payload data without detection plus the IP header  It may be desirable to store the  The resulting IP packet is then processed authentication information with the in tunnel mode by ESP message at the destination for later  The result is that the entire authenticated inner reference packet is encrypted and a new outer IP header is added INTERNET KEY EXCHANGE ▪ The key management portion of IPsec involves the determination and distribution of secret keys  A typical requirement is four keys for communication between two applications: Transmit and receive pairs for both integrity and confidentiality ▪ The IPsec Architecture document mandates support for two types of key management: 1. Manual ▪ A system administrator manually configures each system with its own keys and with the keys of other communicating systems ▪ This is practical for small, relatively static environments 2. Automated ▪ Enables the on-demand creation of keys for SAs and facilitates the use of keys in a large distributed system with an evolving configuration ISAKMP/OAKLEY ▪ The default automated key management protocol of IPsec consists of:  Oakley Key Determination Protocol  A key exchange protocol based on the Diffie-Hellman algorithm but providing added security  Generic in that it does not dictate specific formats  Internet Security Association and Key Management Protocol (ISAKMP)  Provides a framework for Internet key management and provides specific protocol support, including formats, for the negotiation of security attributes  Consists of a set of message types that enable the use of a variety of key exchange algorithms

IP Security PDF: Overview, Applications, and Protocols

Document Details

Tags

Related

Summary

Full Transcript