8/7/2019 Lecture 11 IPSec
http://slidepdf.com/reader/full/lecture-11-ipsec 1/51
Lecture 11Lecture 11
Security at the IP levelSecurity at the IP level
8/7/2019 Lecture 11 IPSec
http://slidepdf.com/reader/full/lecture-11-ipsec 2/51
8/7/2019 Lecture 11 IPSec
http://slidepdf.com/reader/full/lecture-11-ipsec 3/51
3
IP R eviewIP R eview
What is the role of IP ?What is the role of IP ?TCP/ IP LayersTCP/ IP Layers
ProtocolsProtocolsAttacksAttacksSecurity VulnerabilitiesSecurity Vulnerabilities
8/7/2019 Lecture 11 IPSec
http://slidepdf.com/reader/full/lecture-11-ipsec 4/51
4
IS O LayersIS O Layers ± ± TCP/IP LayersTCP/IP Layers
Application
presentation
Session
Transport
Network
Physical
Application
TCP/UDP
IP
Network access
Data Link
8/7/2019 Lecture 11 IPSec
http://slidepdf.com/reader/full/lecture-11-ipsec 5/51
5
TCP/IP ExampleTCP/IP Example
Logical Link Control (LLC) and Media Access Control (MAC)
8/7/2019 Lecture 11 IPSec
http://slidepdf.com/reader/full/lecture-11-ipsec 6/51
6
N etwork Layer N etwork Layer
provides the functional and procedural means of transferringprovides the functional and procedural means of transferringvariable length data sequences from a source to a destinationvariable length data sequences from a source to a destinationvia one or more networks, while maintaining the quality of via one or more networks, while maintaining the quality of service requested by the Transport layer.service requested by the Transport layer.
performs network routing functions and report delivery errors.performs network routing functions and report delivery errors.
R outers operate at this layer R outers operate at this layer² ²sending data throughout thesending data throughout theextended network and making the Internet possible. This is aextended network and making the Internet possible. This is alogical addressing schemelogical addressing scheme ± ± values are chosen by thevalues are chosen by the
network engineer.network engineer.
The bestThe best- -known example of a layer 3 protocol is theknown example of a layer 3 protocol is theInternet Protocol (IP).Internet Protocol (IP).
8/7/2019 Lecture 11 IPSec
http://slidepdf.com/reader/full/lecture-11-ipsec 7/51
7
IPv4 Header IPv4 Header
8/7/2019 Lecture 11 IPSec
http://slidepdf.com/reader/full/lecture-11-ipsec 8/51
8/7/2019 Lecture 11 IPSec
http://slidepdf.com/reader/full/lecture-11-ipsec 9/51
IP header details:IP header details:Fragment Offset: When fragmentation of a message occurs, thisfield specifies the offset, or position, in the overall message wherethe data in this fragment goes.Time To Live (TTL): Short version: Specifies how long thedatagram is allowed to ³live´ on the network, in terms of router hops.Protocol: Identifies the higher layer protocol .(Generally Transport layer Protocol/encapsulated network layer protocol.)Header Checksum: A checksum computed over the header toprovide basic protection against corruption in transmissionOptions: One or more of several types of options may be includedafter the standard headers in certain IP datagrams.(how IP handlesdatagrams )Padding: If one or more options are included, and the number of bits used for them is not a multiple of 32, enough zero bits areadded to ³pad out´ the header to a multiple of 32 bits (4 bytes).
9
8/7/2019 Lecture 11 IPSec
http://slidepdf.com/reader/full/lecture-11-ipsec 10/51
10
Internet Protocol Version 4 (IPv4) Datagram Format
8/7/2019 Lecture 11 IPSec
http://slidepdf.com/reader/full/lecture-11-ipsec 11/51
11
Transport Layer Transport Layer
It provides transparent transfer of data between endIt provides transparent transfer of data between endusers, providing reliable data transfer services tousers, providing reliable data transfer services tothe upper layers.the upper layers.This layer controls the reliability of a given linkThis layer controls the reliability of a given linkthrough flow control, segmentation/dethrough flow control, segmentation/de- -segmentation, and error control.segmentation, and error control.Some protocols are state and connection oriented.Some protocols are state and connection oriented.This means that the transport layer can keep trackThis means that the transport layer can keep trackof the segments and retransmit those that fail.of the segments and retransmit those that fail.The best known examples are the TransmissionThe best known examples are the TransmissionControl Protocol (TCP) and User Datagram ProtocolControl Protocol (TCP) and User Datagram Protocol(UDP).(UDP).
8/7/2019 Lecture 11 IPSec
http://slidepdf.com/reader/full/lecture-11-ipsec 12/51
1 2
S egment 1
S egment 2
S egment 3
CLIENTS ERVER
S egment 4
S egment 5
S egment 6S egment 7
Three-wayOpen
Four-wayClose
Segment 1 shows the client sending a SYN segment withan Initial Sequence N umber of 141521. The I S N israndomly generated. This is called an Active O pen. Thefield win 4096 shows the advertised window size of thesending station while the field <mss 1024> shows thereceiving maximum segment size specified by thesender.
Segment 2 shows the server responding with a SYN
segment of 181521 and ACKknowledging the clients I S Nwith ISN + 1. This is called a Passive O pen. .
Segment 3 shows the client responding by
ACKnowledging the servers IS
N with ISN
+ 1 .
Segment 4 shows the client sending a FIN segment withan ACKnowledgement of the server's sequence number +1. This is called an Active Close and will start closingone-half the connection.
Segment 5 shows an ACKnowledgement of the clientssequence number + 1 and will complete the closing of thisone-half of the connection.
Segment 6 shows the server sending a FIN segment withan ACKnowledgement of the clients sequence number +1, This is called a Passive Close and starts the closure of this one-half of the connection.
Segment 7 shows the client ACKnowledging the server'ssequence number + 1 and completing the closing of thisone-half of the connection.
THR EE-WAY C ONN ECTI ON
FO UR -WAY TE RM IN ATI ON
Data can now be transmitted.
SYN ± synchronize requestISN - Initial sequence numberACK ± acknowledgement for the I SN Handshake in TCPHandshake in TCP
8/7/2019 Lecture 11 IPSec
http://slidepdf.com/reader/full/lecture-11-ipsec 13/51
1 3
COMMON TCP PORT NUMBER SCOMMON TCP PORT NUMBER S
9 Discard Discard all incoming data port19 Chargen Exchange streams of data port20 FTP-Data File transfer data port21 FTP-CMD File transfer command port23 Telnet Telnet remote login port25 S MTP S imple Mail Transfer Protocol port79 Finger Obtains information about active users80 HTTP Hypertext Transfer Protocol port88 Kerberos Authentication Protocol110 POP3 PC Mail retrieval service port11 9 NNTP Network news access port17 9 BGP Border Gateway Protocol513 Rlogin Remote Login In514 Rexec Remote Execute
Port Application Description
8/7/2019 Lecture 11 IPSec
http://slidepdf.com/reader/full/lecture-11-ipsec 14/51
1 4
IP Vulnerabilities and AttacksIP Vulnerabilities and Attacks
IP Spoofing ± host rename (LA N ) ± D N S(Domain N ame System )Domain N ame System ) ± source routing ± TCP sequence number guessing / splicing
Session hijackingDenial of service ± IC M P bombing, redirects, unreachable ± TCP SY N flooding
8/7/2019 Lecture 11 IPSec
http://slidepdf.com/reader/full/lecture-11-ipsec 15/51
15
IP Vulnerabilities and AttacksIP Vulnerabilities and Attacks
What kind of attacks can occur ?
Interruption: Denial of Service ?Interruption: Denial of Service ?Interception ?Interception ?R eplay ?R eplay ?M asquerading ?M asquerading ?M ITM ?M ITM ?
8/7/2019 Lecture 11 IPSec
http://slidepdf.com/reader/full/lecture-11-ipsec 16/51
16
Security at IP layer Security at IP layer
Security at the IP layer is related to theSecurity at the IP layer is related to thelayer¶s function of endlayer¶s function of end- -toto--endenddatagram delivery.datagram delivery.The security weakness are:The security weakness are:
Authentication issuesAuthentication issuesM essage replayM essage replayM essage alterationM essage alterationM essage delay and denialM essage delay and denialEtc.Etc.
8/7/2019 Lecture 11 IPSec
http://slidepdf.com/reader/full/lecture-11-ipsec 17/51
17
R easonsR easons
Authentication and confidentialityAuthentication and confidentialitywere not enforced at the IP levelwere not enforced at the IP level
IP address from IP header can be forgedIP address from IP header can be forged
by opponents => cannot ensure that aby opponents => cannot ensure that areceived packet was transmitted by thereceived packet was transmitted by theparty identified as the source in theparty identified as the source in thepacket header packet header
Contents of a packet can be inspectedContents of a packet can be inspectedwhen in transitwhen in transitO ld IP packets can be replayedO ld IP packets can be replayed
8/7/2019 Lecture 11 IPSec
http://slidepdf.com/reader/full/lecture-11-ipsec 18/51
18
1.3 S ecurity Attacks
passive attacks:
Reveals what Bob is saying to Alice
8/7/2019 Lecture 11 IPSec
http://slidepdf.com/reader/full/lecture-11-ipsec 19/51
19
8/7/2019 Lecture 11 IPSec
http://slidepdf.com/reader/full/lecture-11-ipsec 20/51
20
Relatively hard to do in TCP
8/7/2019 Lecture 11 IPSec
http://slidepdf.com/reader/full/lecture-11-ipsec 21/51
21
Active attacks:
8/7/2019 Lecture 11 IPSec
http://slidepdf.com/reader/full/lecture-11-ipsec 22/51
22
IP source address spoofing ±easy to do
8/7/2019 Lecture 11 IPSec
http://slidepdf.com/reader/full/lecture-11-ipsec 23/51
23
Address M asquerading attack (e.g)Address M asquerading attack (e.g)
a.b.c.100 NSF server
x.y.z.200 - shutdownFor maintenance
x.y.x.201 -> x.y.x.200 Authorized NFS client Masquerading as authorised client
router
a.b.c.100 NSF server
x.y.z.200 Authorized NFS client
x.y.x.201UNAuthorized NFS client
router
8/7/2019 Lecture 11 IPSec
http://slidepdf.com/reader/full/lecture-11-ipsec 24/51
24
Relatively hard to do in TCP
8/7/2019 Lecture 11 IPSec
http://slidepdf.com/reader/full/lecture-11-ipsec 25/51
25
TCP connection hijacking
8/7/2019 Lecture 11 IPSec
http://slidepdf.com/reader/full/lecture-11-ipsec 26/51
26
³SY N FLOODING´ ± easy to do in TCP
8/7/2019 Lecture 11 IPSec
http://slidepdf.com/reader/full/lecture-11-ipsec 27/51
27
Ping o' Death AttackPing o' Death AttackICM P is a user of IP, and is utilized to report networkICM P is a user of IP, and is utilized to report network
errors.errors.PING (Packet InterNet Grouper)PING (Packet InterNet Grouper) utilizes IC M P Echo andutilizes IC M P Echo and
R eply packets to test host reachability.R eply packets to test host reachability.ICM P messages normally consist of the IP Header andICM P messages normally consist of the IP Header and
enclosed IC M P data with a default size of 64 bytes.enclosed IC M P data with a default size of 64 bytes.If the Hacker sends an IC M P Echo request that isIf the Hacker sends an IC M P Echo request that is greater thangreater than
65,53665,536 this can freeze, crash or reboot the system.this can freeze, crash or reboot the system.AA newer attack methodnewer attack method modifies the header to indicatemodifies the header to indicate
that therethat there is more data in the packet than there actually is.is more data in the packet than there actually is.CountermeasureCountermeasureR outer updates that check the size of the IC M P packet.R outer updates that check the size of the IC M P packet.Block PI NG (ICM P) traffic at the Firewall.Block PI NG (ICM P) traffic at the Firewall.
ICM P ECH O R equest Attack (e.g)
8/7/2019 Lecture 11 IPSec
http://slidepdf.com/reader/full/lecture-11-ipsec 28/51
28
S M UR F AttackS M UR F AttackThe Hacker sends an IC M P Echo request to theThe Hacker sends an IC M P Echo request to the targettarget
networknetwork with a destinationwith a destination broadcast addressbroadcast address and aand a spoofedspoofed
source address of the target.source address of the target.The network serves as aThe network serves as a " bounce site "" bounce site " and returns anand returns anEcho R eply for each station on the network.Echo R eply for each station on the network.
The network serves to multiply the effect of the "ping". The EchoThe network serves to multiply the effect of the "ping". The EchoR equest could be sent to multiple networks.R equest could be sent to multiple networks.
Countermeasures:Countermeasures:DisableDisable IPIP--directed broadcasts at your router.directed broadcasts at your router.Configure the workstation toConfigure the workstation to not respondnot respond to an IP broadcastto an IP broadcast
packet.packet.
ICM P ECH O Flooding (e.g)ICM P ECH O Flooding (e.g)
8/7/2019 Lecture 11 IPSec
http://slidepdf.com/reader/full/lecture-11-ipsec 29/51
29
Why look for security at IP level?Why look for security at IP level?
It is below Transport Layer => no need toIt is below Transport Layer => no need tochange software at Application Layer change software at Application Layer It is transparent to users => no need to trainIt is transparent to users => no need to train
usersusersCan be used to enhance security when usedCan be used to enhance security when usedwith higher with higher- -level applicationslevel applicationsCan provide better security for Can provide better security for
communications viacommunications via untrusteduntrusted networksnetworksCan enhance security of firewallsCan enhance security of firewalls
8/7/2019 Lecture 11 IPSec
http://slidepdf.com/reader/full/lecture-11-ipsec 30/51
30
Authentication: Allows the receiver tovalidate the identity of a sender, clientprocess or server process
Integrity: Provides assurance to thereceiver that the transmitted data has notbeen changed
Confidentiality: Preventing theunwanted disclosure of information duringtransmission
What can be done to improve IP security ?What can be done to improve IP security ?
8/7/2019 Lecture 11 IPSec
http://slidepdf.com/reader/full/lecture-11-ipsec 31/51
31
TCP/IP &TCP/IP & Possible Security EnhancementPossible Security Enhancement
SSL, TLS
IP Sec
Kerboros, SHTTP, S M IN E, P G P« Application
Transport
(TCP, UDP)
Data Link
Physical
Network (IP)
8/7/2019 Lecture 11 IPSec
http://slidepdf.com/reader/full/lecture-11-ipsec 32/51
32
IPSec:IPSec: Security Association (SA)Security Association (SA)
SA is a contract between two nodes onSA is a contract between two nodes onkeys, algorithms, etc.keys, algorithms, etc.It forms the basis for IPSec operationsIt forms the basis for IPSec operations
There are protocols for negotiating aboutThere are protocols for negotiating aboutkeys: IKE(Internet Key Exchange ),keys: IKE(Internet Key Exchange ),ISAK M P(IISAK M P(I nternetnternet SS ecurityecurity AAssociationssociationandand KKeyey MM anagementanagement PP rotocolrotocol ))ISAK M P typically utilizesISAK M P typically utilizes IKEIKE for keyfor keyexchangeexchange
8/7/2019 Lecture 11 IPSec
http://slidepdf.com/reader/full/lecture-11-ipsec 33/51
33
Security Associations (SA)Security Associations (SA)
A one way relationship between aA one way relationship between asender and a receiver.sender and a receiver.Identified by three parameters:Identified by three parameters:
Security Parameter Index (SPI)Security Parameter Index (SPI)IP Destination addressIP Destination addressSecurity Protocol Identifier Security Protocol Identifier
8/7/2019 Lecture 11 IPSec
http://slidepdf.com/reader/full/lecture-11-ipsec 34/51
34
IPSec ArchitectureIPSec Architecture
(borrowed fromS
tallings)(borrowed fromS
tallings)
8/7/2019 Lecture 11 IPSec
http://slidepdf.com/reader/full/lecture-11-ipsec 35/51
35
Authentication Header (AH)Authentication Header (AH) AH makes it possible AH makes it possible to authenticate the sender to authenticate the sender of IPof IPpackets, guarantees connectionlesspackets, guarantees connectionless integrity integrity and dataand dataorigin origin authentication authentication of IPof IP packets.packets.determines the authentication algorithm to be used determines the authentication algorithm to be used
Encapsulating Security Payload (ESP)Encapsulating Security Payload (ESP)ES P makes it possible toES P makes it possible to authenticate the sender authenticate the sender and and ensure confidentialityensure confidentialitydetermines the encryption algorithm to be used determines the encryption algorithm to be used
Policy: determines if two entities will be able toPolicy: determines if two entities will be able tocommunicate with each other communicate with each other DO I (Domain of Interpretation): Contains identifiersDO I (Domain of Interpretation): Contains identifiersfor approved encryption and authenticationfor approved encryption and authenticationalgorithms, key lifetime parameters, etc.algorithms, key lifetime parameters, etc.Key management: involves the determination andKey management: involves the determination anddistribution of secret keysdistribution of secret keys
IPSec ArchitectureIPSec Architecture
8/7/2019 Lecture 11 IPSec
http://slidepdf.com/reader/full/lecture-11-ipsec 36/51
8/7/2019 Lecture 11 IPSec
http://slidepdf.com/reader/full/lecture-11-ipsec 37/51
37
How does IPSec work? (e.g)How does IPSec work? (e.g)
An application on computer A generates outbound packets toAn application on computer A generates outbound packets tosend to computer Bsend to computer BIPSec A checks if the packets need to be securedIPSec A checks if the packets need to be securedIf the packets need to be secured, then A begins securityIf the packets need to be secured, then A begins securitynegotiation with B using either IKE(negotiation with B using either IKE( Internet Key Exchange (Internet Key Exchange ( IKEIKE))Protocol)Protocol) or ISAK M P(or ISAK M P(Internet Security Association and KeyInternet Security Association and KeyM anagement Protocol )M anagement Protocol )The negotiation establishes two SAs with specific securityThe negotiation establishes two SAs with specific securitymethods and keysmethods and keysIPSec A signs the outgoing packets for integrity (generatesIPSec A signs the outgoing packets for integrity (generatesAH), and optionally encrypts them (generates ESP), thenAH), and optionally encrypts them (generates ESP), thentransmits the secured packets to Btransmits the secured packets to BIPSec B checks the packets for integrity and decrypts their IPSec B checks the packets for integrity and decrypts their contents if necessary.contents if necessary.
8/7/2019 Lecture 11 IPSec
http://slidepdf.com/reader/full/lecture-11-ipsec 38/51
38
IP Security ScenarioIP Security Scenario
8/7/2019 Lecture 11 IPSec
http://slidepdf.com/reader/full/lecture-11-ipsec 39/51
39
Transport mode:Transport mode:is typically used in peer is typically used in peer- -toto--peer peer communications, especially for internal networkscommunications, especially for internal networksthe data packet is encrypted but the IP header isthe data packet is encrypted but the IP header is
not.not.Tunnel mode:Tunnel mode:is used for remote access and siteis used for remote access and site- -toto--sitesitesecuritysecuritythe entire packet (header & payload) is encryptedthe entire packet (header & payload) is encrypted
IPSec modesIPSec modes
8/7/2019 Lecture 11 IPSec
http://slidepdf.com/reader/full/lecture-11-ipsec 40/51
40
Transport M odeTransport M ode
SASA
Tunnel M odeTunnel M ode
SASAAHAH Authenticates IPAuthenticates IP
payload and selectedpayload and selectedportions of IP header portions of IP header and IPv6 extensionand IPv6 extension
headersheaders
Authenticates entireAuthenticates entireinner IP packet plusinner IP packet plusselected portions of selected portions of outer IP header outer IP header
ESPESP Encrypts IP payload andEncrypts IP payload andany IPv6 extesionany IPv6 extesionheader header
Encrypts inner IPEncrypts inner IPpacketpacket ± ± data +data +header header
ESP withESP withauthenticationauthentication
Encrypts IP payload andEncrypts IP payload andany IPv6 extesionany IPv6 extesionheader. Authenticates IPheader. Authenticates IPpayload but no IPpayload but no IPheader header
Encrypts inner IPEncrypts inner IPpacket. Authenticatespacket. Authenticatesinner IP packet.inner IP packet.
8/7/2019 Lecture 11 IPSec
http://slidepdf.com/reader/full/lecture-11-ipsec 41/51
8/7/2019 Lecture 11 IPSec
http://slidepdf.com/reader/full/lecture-11-ipsec 42/51
42
IPSec DetailsIPSec Details
IPSec can be used with IPv4 or IPv6IPSec can be used with IPv4 or IPv6IPSec is a set of protocolsIPSec is a set of protocols
It provides a set of securityIt provides a set of securityalgorithms plus a general frameworkalgorithms plus a general frameworkthat allows parties to use appropriatethat allows parties to use appropriatealgorithmsalgorithms
8/7/2019 Lecture 11 IPSec
http://slidepdf.com/reader/full/lecture-11-ipsec 43/51
43
Encryption and AuthenticationEncryption and AuthenticationAlgorithmsAlgorithms
Encryption:Encryption:ThreeThree- -key triple DESkey triple DESR C5R C5IDEAIDEAThreeThree- -key triple IDEAkey triple IDEACASTCASTBlowfishBlowfish
Authentication:Authentication:HM ACHM AC--M D5M D5--9696HM ACHM AC--SHASHA--11--9696
8/7/2019 Lecture 11 IPSec
http://slidepdf.com/reader/full/lecture-11-ipsec 44/51
44
Authentication with AHAuthentication with AH
B orrowed from S tallings
Before applying AH
8/7/2019 Lecture 11 IPSec
http://slidepdf.com/reader/full/lecture-11-ipsec 45/51
8/7/2019 Lecture 11 IPSec
http://slidepdf.com/reader/full/lecture-11-ipsec 46/51
8/7/2019 Lecture 11 IPSec
http://slidepdf.com/reader/full/lecture-11-ipsec 47/51
47
ESP Encryption andESP Encryption and
AuthenticationAuthentication
8/7/2019 Lecture 11 IPSec
http://slidepdf.com/reader/full/lecture-11-ipsec 48/51
48
ESP Encryption andESP Encryption and
AuthenticationAuthentication
8/7/2019 Lecture 11 IPSec
http://slidepdf.com/reader/full/lecture-11-ipsec 49/51
8/7/2019 Lecture 11 IPSec
http://slidepdf.com/reader/full/lecture-11-ipsec 50/51
50
Benefits of IPSecBenefits of IPSec
Enable business to rely heavily on the Internet andEnable business to rely heavily on the Internet andreduce its need for private networks => savingreduce its need for private networks => savingcosts & network managementcosts & network managementProvide secure network access over the InternetProvide secure network access over the Internet
An endAn end- -user whose system is equipped withuser whose system is equipped withIPSec can make a local call to ISP and gainIPSec can make a local call to ISP and gainsecure access to her/his companysecure access to her/his company
Provide secure communications betweenProvide secure communications betweenorganisations by ensuring authentication andorganisations by ensuring authentication andconfidentialityconfidentialityIPSec can be used to createIPSec can be used to create secure tunnelsecure tunnel throughthroughuntrusted (especially the Internet) networksuntrusted (especially the Internet) networks
Sites connected by these tunnels form VirtualSites connected by these tunnels form VirtualPrivate N etworks (VP N )Private N etworks (VP N )
8/7/2019 Lecture 11 IPSec
http://slidepdf.com/reader/full/lecture-11-ipsec 51/51
51
Benefits of IPSecBenefits of IPSec
Packet authentication makes variousPacket authentication makes variousattacks harder attacks harder
address masqueradingaddress masquerading
address spoofingaddress spoofingreplayreplay
IPSec tunnels can be very useful for secureIPSec tunnels can be very useful for secureremote administrationremote administration
In a nonIn a non- -endend- -toto--end service, IPSec canend service, IPSec canensure that messages between a pair or aensure that messages between a pair or agroup of sites are encryptedgroup of sites are encrypted