Escolar Documentos
Profissional Documentos
Cultura Documentos
1
IPSec Three Functional Areas
IPSec encompasses three functions,
Authentication
Identify the Source address, i.e., against the forgers.
Against alteration (Plaintext transmit only)
Confidentiality
Prevent eavesdropping by 3rd party (ciphertext transmit)
Key management
Exchange the secret keys securely.
2
IPSec Overview
Flexibility
Not a sigle protocol
Transparent to applications
Encrypt and/or all traffic at the IP level.
All the distributed applications could be secured.
3
Applications
Secure branch office connectivity over the Internet
Secure remote access over the Internet
Establsihing extranet and intranet connectivity with
partners
Enhancing electronic commerce security
4
IPSec Scenario
5
IPSec Document Overview
RFC-2401
RFC-2406 RFC-2402
RFC-2403~5 RFC-2403,4
3DES-CBC HMAC-SHA-1
CAST HMAC-MD5
Domain of Interpretation
6
Security Association (SA)
7
Identified by three parameters:
8
Security Association Database (SAD)
Defines the parameters associated within each SA.
9
SA 8-Parameter in SAD
Anti-Replay Window
Determine whether an inbound AH or ESP packet is
replay.
10
AH Information
All the details of authentication algorithm within this SA.
ESP Information
All the details of the Encryption algorithm within this
SA.
Path MTU
11
Anti-Replay Mechanism
Sequence number (Sender)
1. The sender initialized a sequence number counter once a
new SA is established.
2. The sender will increase the sequence number by one once
a packet is sent on this SA till the limit, (232 – 1), is reached.
12
Sliding receive window (Receiver)
Advance the window if the valid
packet to the “right” is received
irretrievably lost
Unmarked if valid
packet not yet received
13
Security Policy Database (SPD)
15
SA 10-Selector in SPD
Destination IP address
Source IP address
UserID
Data Sensitivity level
Transport layer protocol
IPSec protocol
Source and Destination ports
IPv6 class
IPv6 Flow label
IPv4 Type of Service(TOS)
16
IPSec
SA
AH or ESP or ESP/AH
AH
Authenticated only, i.e., the payload of the IP packet will
be transmitted in “plaintext”.
ESP
Authentication is an option.
Ciphertext
17
Transport Mode vs. Tunnel Mode
Transport mode
Only the IP payload will be protected.
Origin IP address is the outbound address.
Tunnel mode
The entire IP packet (including IP address) will be
protected.
A router or firewall’s IP address will be the destination
address instead.
18
Authentication Header (AH)
Design to provide
Integrity
Authentication
19
AH Fields
Next header:
Identify the type of the next header.
IP protocol number for AH is 51.
Payload length:
{[Total length of AH (in word) ] – 2 }
In default case, the length is 4.
Reserved
For future usage.
SPI:
Identifies a SA
Sequence number:
a monotonically increasing counter for anti-replay.
20
Authentication data:
contains Integrity check value (ICV) or message
authentication code (MAC)
HMAC-MD5-96
HMAC-SHA-1-96
21
MAC Calculation
IP header
immutable : available
mutable but predictable : available
mutable but unpredictable : set to zero
TOS, Flags, TTL, IP hdr checksum, fragment offset
AH header
Other than the Authentication Data field.
Namely, set that field to zero.
IP payload
immutabel.
22
Mutable Field in IPv4 Format
0 4 8 16 19 31
23
Mutable Fields in IPv6 Format
0 4 8 16 19 31
4-word
Source Address
4-word
Destination Address
Extension Header
24
IPv6 with Extension Headers
IPv6 Header
Sequence Number
26
Origin IPv4 and IPv6
Orig IP
IPv4 TCP Data
hdr
27
Transport Mode AH
Authenticated except
for mutable fields
IPv4 Orig IP
AH TCP Data
hdr
Authenticated except
for mutable fields
28
Tunnel Mode AH
IP TCP Data
IPv4 Authenticated except for
mutable fields in the new IP hdr
New IP Orig IP
IPv4 hdr
AH
hdr
TCP Data
29
AH Approach
Transport SA
Transport SA
Tunnel SA
30
Encapsulating Security Payload (ESP)
ESP
Provide confidentiality only.
ESP/AH
Support both encryption and authentication
31
ESP Fields
32
ESP Format
0 16 24 31
33
Encryption and Authentication in ESP
Encryption algorithm
The cryptographic synchronization (IV) may be carried at
the beginning of the payload
Although being part of the ciphertext, IV won’t, in
general, be encrypted.
Essential : DES in CBC mode
Others : 3DES, RC5, IDEA, 3IDEA, CAST, Blowfish
symmetric key encryption
Authentication algorithm
The same as in AH.
Ciphertext+ ESP tailer
34
Transport Mode ESP
Authenticated
Authenticated
Encrypted
35
Tunnel Mode ESP
Authenticated
IPv4 IP TCP Data
Encrypted
Authenticated
Encrypted
36
ESP Approach
Transport-level security
37
Functionality of Tunnel and Transport Mode
38
IPSec Services Summary
AH ESP ESP/AH
Access control
Integrity
Authentication
Anti-replay
Confidentiality
Limited traffic flow
confidentiality
39