Network Security and Protocols (CSec15321) PDF

Document Details

NicerSloth1430

Uploaded by NicerSloth1430

PSUT

2017

Dr. Qasem Abu Al-Haija

Tags

network security ipsec network layer security computer science

Summary

This document is an overview of network security and protocols, specifically focusing on network layer security (NLS) and IPsec. It covers learning objectives, introductions, and different aspects of IPsec, including its applications and benefits. The document is from 2017.

Full Transcript

CSec15321 Network Security and Protocols Network Layer Security (NLS) Dr. Qasem Abu Al-Haija, Department of Cybersecurity, PSUT © 2017 Pearson Education, Ltd., All rights reserved. Overview of IPsec Introduction The IPv4 protocol and the whole...

CSec15321 Network Security and Protocols Network Layer Security (NLS) Dr. Qasem Abu Al-Haija, Department of Cybersecurity, PSUT © 2017 Pearson Education, Ltd., All rights reserved. Overview of IPsec Introduction The IPv4 protocol and the whole Internet started when Internet users trusted each other. No security was provided for the IPv4 protocol. Today, however, the situation is different. The Internet is not secure anymore. Three security issues are particularly applicable to IP protocol: 1. Packet Sniffing (require encryption mechanisms). 2. Packet Modification (require data integrity mechanisms). 3. IP Spoofing (require origin authentication mechanisms). Introduction Several applications have specific security mechanisms, such as: ― Electronic mail (S/MIME, PGP), ― Client/server (Kerberos), ― Web access (Secure Sockets Layer) However, users have security concerns that cut across protocol layers. Implementing security at the IP level can ensure secure networking for all applications (security-specific and security-ignorant applications). ― This is normally known as IPsec. © 2017 Pearson Education, Ltd., All rights reserved. Introduction IP-level security encompasses three functional areas: ― Authentication: Assures (1) the received packet was, in fact, transmitted by the party identified as the source in the packet header, (2) the packet has not been altered in transit. ― Confidentiality: enables communicating nodes to encrypt messages to prevent eavesdropping by third parties. ― Key Management: concerned with the secure exchange of keys. © 2017 Pearson Education, Ltd., All rights reserved. IP Security Overview RFC 1636 “Security in the Internet Architecture” Issued in 1994 by the Internet Architecture Board (IAB) Identifies key areas for security mechanisms Need to secure the network infrastructure from unauthorized monitoring and control of network traffic Need to secure end-user-to-end-user traffic using authentication and encryption mechanisms IAB included authentication and encryption as necessary security features in the next-generation IP (IPv6) The IPsec specification now exists as a set of Internet standards © 2017 Pearson Education, Ltd., All rights reserved. Applications of IPsec IPsec provides the capability to secure communications across a LAN, private and public WANs, and the Internet Secure branch office connectivity over the Internet Secure remote access over the Examples Internet include: Establishing extranet and intranet connectivity with partners Enhancing electronic commerce security Principal feature of IPsec is that it can encrypt and/or authenticate all traffic at the IP level Thus, all distributed applications (remote login, client/server, e-mail, file transfer, Web access) can be secured © 2017 Pearson Education, Ltd., All rights reserved. © 2017 Pearson Education, Ltd., All rights reserved. Benefits of IPSec Some of the benefits of IPsec: When IPsec is implemented in a firewall or router, it provides strong security that can be applied to all traffic crossing the perimeter Traffic within a company or workgroup does not incur the overhead of security-related processing IPsec in a firewall is resistant to bypass if all traffic from the outside must use IP and the firewall is the only means of entrance from the Internet into the organization IPsec is below the transport layer (TCP, UDP) and so is transparent to applications There is no need to change software on a user or server system when IPsec is implemented in the firewall or router IPsec can be transparent to end users There is no need to train users on security mechanisms, issue keying material on a per-user basis, or revoke keying material when users leave the organization IPsec can provide security for individual users if needed This is useful for offsite workers and for setting up a secure virtual subnetwork within an organization for sensitive applications © 2017 Pearson Education, Ltd., All rights reserved. Routing Applications IPsec can play a vital role in the routing architecture required for internetworking IPsec can assure that: A router seeking to establish or A redirect message A router maintain a neighbor comes from the advertisement A routing update is relationship with a router to which the comes from an not forged router in another initial IP packet was authorized router routing domain is sent an authorized router © 2017 Pearson Education, Ltd., All rights reserved. Encapsulating Security Internet Key Exchange (IKE) Payload (ESP) A collection of documents Consists of an encapsulating describing the key header and trailer used to management schemes for use provide encryption or with IPsec combined encryption/authentication The main specification is RFC 7296, Internet Key Exchange The current specification is (IKEv2) Protocol, but there are a RFC 4303, IP Encapsulating number of related RFCs Security Payload (ESP) Authentication Header Cryptographic algorithms (AH) This category encompasses An extension header to a large set of documents provide message that define and describe authentication cryptographic algorithms The current specification is for encryption, message RFC 4302, IP authentication, Authentication Header pseudorandom functions (PRFs), and cryptographic key exchange Architecture IPsec Covers the general concepts, security requirements, Documents Other definitions, and mechanisms There are a variety of defining IPsec technology other IPsec-related The current specification is RFCs, including those RFC4301, Security dealing with security Architecture for the Internet policy and management Protocol information base (MIB) content © 2017 Pearson Education, Ltd., All rights reserved. IPsec Services IPsec provides security services at the IP layer by enabling a system to: Select required security protocols Determine the algorithm(s) to use for the service(s) Put in place any cryptographic keys required to provide the requested services RFC 4301 lists the following services: Access control Connectionless integrity Data origin authentication Rejection of replayed packets (a form of partial sequence integrity) Confidentiality (encryption) Limited traffic flow confidentiality RFC 4301 Security Architecture for the Internet Protocol IPsec Modes of Operation Transport and Tunnel Modes Transport Mode Provides protection primarily for upper-layer protocols Tunnel Mode Examples include a TCP or UDP segment or an ICMP packet Provides protection to the entire IP packet Typically used for end-to-end Used when one or both ends of a security communication between two hosts association (SA) are a security gateway ESP in transport mode encrypts and A number of hosts on networks behind optionally authenticates the IP firewalls may engage in secure payload but not the IP header communications without implementing AH in transport mode authenticates IPsec the IP payload and selected portions ESP in tunnel mode encrypts and of the IP header optionally authenticates the entire inner IP packet, including the inner IP header AH in tunnel mode authenticates the entire inner IP packet and selected portions of the outer IP header © 2017 Pearson Education, Ltd., All rights reserved. Table 9.1 Tunnel Mode and Transport Mode Functionality © 2017 Pearson Education, Ltd., All rights reserved. Transport Mode In transport mode, IPSec protects what is delivered from the transport layer to the network layer. Note IPSec in transport mode does not protect the IP header; it only protects the information coming from the transport layer. 18.17 Transport Mode IPSec in transport mode 18.18 Transport Mode Transport mode in action 18.19 Tunnel Mode In tunnel mode, IPSec protects the entire IP packet. It takes an IP packet, including the header, applies IPSec security methods to the entire packet, and then adds a new IP header. Note IPSec in tunnel mode protects the original IP header. 18.20 Tunnel Mode IPSec in tunnel mode 18.21 Tunnel Mode Tunnel mode in action 18.22 Transport mode versus tunnel mode 18.23 IPsec Security Protocols IPsec defines TWO SECURITY PROTOCOLs Authentication Header (AH) Protocol o Provides authentication only for packets at IP level. Encapsulating Security Payload (ESP) Protocol o Provides authentication and/or encryption for packets at IP level. IPSec supports both IPv4 and IPv6. o In IPv6, however, AH and ESP are part of the extension header. The ESP designed after AH protocol was already in use. o ESP does whatever AH does with additional functionality (privacy). AH Protocol AH protocol provides source authentication and data integrity, but not privacy. ESP Protocol ESP provides source authentication, data integrity, and privacy. 18.27 Services Provided by IPSec 18.28 More about: Encapsulating Security Payload (ESP) © 2017 Pearson Education, Ltd., All rights reserved. Encapsulating Security Payload (ESP) Used to encrypt the Payload Data, Padding, Pad Length, and Next Header fields If the algorithm requires cryptographic synchronization data, then these data may be carried explicitly at the beginning of the Payload Data field An optional ICV field is present only if the integrity service is selected and is provided by either a separate integrity algorithm or a combined mode algorithm that uses an ICV ICV is computed after the encryption is performed This order of processing facilitates reducing the impact of DoS attacks Because the ICV is not protected by encryption, a keyed integrity algorithm must be employed to compute the ICV The Padding field serves several purposes: If an encryption algorithm requires the plaintext to be a multiple of some number of bytes, the Padding field is used to expand the plaintext to the required length Used to assure alignment of Pad Length and Next Header fields Additional padding may be added to provide partial traffic-flow confidentiality by concealing the actual length of the payload © 2017 Pearson Education, Ltd., All rights reserved. Anti-Reply Mechanism © 2017 Pearson Education, Ltd., All rights reserved. © 2017 Pearson Education, Ltd., All rights reserved. © 2017 Pearson Education, Ltd., All rights reserved. © 2017 Pearson Education, Ltd., All rights reserved. IPsec Architecture © 2017 Pearson Education, Ltd., All rights reserved. Security Association (SA) IPSec requires a logical Uniquely identified by three parameters: relationship, called a Security Association (SA), between two hosts Security Parameters A one-way logical connection Index (SPI) between a sender and a receiver A 32-bit unsigned integer assigned to this SA and that affords security services to having local significance only the traffic carried on it In any IP packet, the SA is uniquely identified by the IP Destination Destination Address in the IPv4 Security protocol Address identifier or IPv6 header and the SPI in Indicates whether the Address of the destination endpoint of the enclosed extension header association is an AH or the SA, which may be ESP security an end-user system or a (AH or ESP) association network system such as a firewall or router © 2017 Pearson Education, Ltd., All rights reserved. Idea of Security Association Simple SA 18.39 Security Association Database (SAD) Defines the parameters associated with each SA Normally defined by the following parameters in a SAD entry: Security parameter index Sequence number counter Sequence counter overflow Anti-replay window AH information ESP information Lifetime of this security association IPsec protocol mode Path MTU © 2017 Pearson Education, Ltd., All rights reserved. Security Association Database (SAD) 18.41 Typical SA Parameters Parameters Description 18.42 Security Policy Database (SPD) SPD defines the type of security applied to a packet when it is to be sent or when it has arrived The means by which IP traffic is related to specific SAs Contains entries, each of which defines a subset of IP traffic and points to an SA for that traffic In more complex environments, there may be multiple entries that potentially relate to a single SA or multiple SAs associated with a single SPD entry Each SPD entry is defined by a set of IP and upper-layer protocol field values called selectors These are used to filter outgoing traffic in order to map it into a particular SA © 2017 Pearson Education, Ltd., All rights reserved. SPD Entries The following selectors determine an SPD entry: Remote IP Local IP Next layer Local and Name address address protocol remote ports This may be a This may be a single IP single IP address, an address, an A user enumerated list enumerated list identifier from or range of or range of the operating addresses, or a addresses, or a system wildcard (mask) wildcard (mask) The IP protocol These may be address address header includes individual TCP a field that or UDP port designates the values, an protocol Not a field in the enumerated list The latter two The latter two operating over IP or upper-layer of ports, or a are required to are required to IP headers but is wildcard port support more support more available if IPsec than one than one source is running on the destination system sharing same operating system sharing the same SA system as the the same SA user © 2017 Pearson Education, Ltd., All rights reserved. Connection identifiers Table 9.2 Host SPD Example © 2017 Pearson Education, Ltd., All rights reserved. Outbound processing © 2017 Pearson Education, Ltd., All rights reserved. Outbound processing Inbound processing © 2017 Pearson Education, Ltd., All rights reserved. Inbound processing 18.50 Combining Security Associations Combining Security Associations An individual SA can implement either the AH or ESP protocol but not both Security association bundle Refers to a sequence of SAs through which traffic must be processed to provide a desired set of IPsec services The SAs in a bundle may terminate at different endpoints or at the same endpoint May be combined into bundles in two ways: Transport Refers to applying more than one security protocol to the same IP packet without invoking tunneling adjacency This approach allows for only one level of combination Iterated Refers to the application of multiple layers of security protocols effected through IP tunneling tunneling This approach allows for multiple levels of nesting © 2017 Pearson Education, Ltd., All rights reserved. ESP with Authentication Option In this approach, the first user applies ESP to the data to be protected and then appends the authentication data field Transport mode ESP Authentication and encryption apply to the IP payload delivered to the host, but the IP header is not protected Tunnel mode ESP Authentication applies to the entire IP packet delivered to the outer IP destination address and authentication is performed at that destination The entire inner IP packet is protected by the privacy mechanism for delivery to the inner IP destination For both cases authentication applies to the ciphertext rather than the plaintext © 2017 Pearson Education, Ltd., All rights reserved. Transport Adjacency Another way to apply authentication after encryption is to use two bundled transport SAs, with the inner being an ESP SA and the outer being an AH SA In this case ESP is used without its authentication option Encryption is applied to the IP payload AH is then applied in transport mode Advantage of this approach is that the authentication covers more fields Disadvantage is the overhead of two SAs versus one SA © 2017 Pearson Education, Ltd., All rights reserved. Transport-Tunnel Bundle The use of authentication One approach is to use a prior to encryption might be bundle consisting of an preferable for several inner AH transport SA and reasons: an outer ESP tunnel SA It is impossible for anyone to Authentication is applied to intercept the message and the IP payload plus the IP alter the authentication data header without detection The resulting IP packet is It may be desirable to store then processed in tunnel the authentication mode by ESP information with the The result is that the message at the destination entire authenticated inner for later reference packet is encrypted and a new outer IP header is added © 2017 Pearson Education, Ltd., All rights reserved. © 2017 Pearson Education, Ltd., All rights reserved. Internet Key Exchange (IKE) Internet Key Exchange The key management portion of IPsec involves the The IPsec Architecture document mandates support for two types of key management: determination and distribution of secret keys A system administrator A typical requirement is four manually configures each system with its own keys and keys for communication with the keys of other communicating systems between two applications This is practical for small, relatively static environments Transmit and receive pairs for both integrity and confidentiality Manual Automated Enables the on-demand creation of keys for SAs and facilitates the use of keys in a large distributed system with an evolving configuration © 2017 Pearson Education, Ltd., All rights reserved. ISAKMP/Oakley The default automated key management protocol of IPsec Consists of: Oakley Key Determination Protocol A key exchange protocol based on the Diffie-Hellman algorithm but providing added security Generic in that it does not dictate specific formats Internet Security Association and Key Management Protocol (ISAKMP) Provides a framework for Internet key management and provides the specific protocol support, including formats, for negotiation of security attributes Consists of a set of message types that enable the use of a variety of key exchange algorithms © 2017 Pearson Education, Ltd., All rights reserved. Features of IKE Key Determination Algorithm is characterized by five important features: It employs a mechanism known as cookies to thwart clogging attacks 1. It enables the two parties to negotiate a group; this, in essence, 2. specifies the global parameters of the Diffie-Hellman key exchange It uses nonces to ensure against replay attacks 3. It enables the exchange of Diffie-Hellman public key values 4. It authenticates the Diffie-Hellman exchange to thwart man-in-the- 5. middle-attacks © 2017 Pearson Education, Ltd., All rights reserved. © 2017 Pearson Education, Ltd., All rights reserved. © 2017 Pearson Education, Ltd., All rights reserved. © 2017 Pearson Education, Ltd., All rights reserved. Table 9.3 IKE Payload Types © 2017 Pearson Education, Ltd., All rights reserved. (Table 9.4 can be found on page 318 in the textbook) © 2017 Pearson Education, Ltd., All rights reserved. Summary IP security overview Encapsulating security payload Applications of IPsec ESP format Benefits of IPsec Encryption and authentication Routing applications algorithms IPsec documents Padding IPsec services Anti-replay service Transport and tunnel modes Transport and tunnel modes IP security policy Combining security associations Security associations Authentication plus Security association database confidentiality Security policy database Basic combinations of security IP traffic processing associations Cryptographic suites Internet key exchange Key determination protocol Header and payload formats © 2017 Pearson Education, Ltd., All rights reserved.

Use Quizgecko on...
Browser
Browser