Presentation Description

No description available.


Presentation Transcript


CS 6262 Fall 03 IP Security


Outline Objectives IPSec architecture andamp; concepts IPSec authentication header IPSec encapsulating security payload

IPSEC Objectives: 

IPSEC Objectives Band-aid for IPv4 Spoofing a problem Not designed with security or authentication in mind IP layer mechanism for IPv4 and IPv6 Not all applications need to be security aware Can be transparent to users

Architecture & Concepts: 

Architecture andamp; Concepts Host or gateway implementation Tunnel vs. Transport mode Security association (SA) Security parameter index (SPI) Security policy database (SPD) SA database (SAD) Encapsulating security payload (ESP) Authentication header (AH)

Hosts & Gateways: 

Hosts andamp; Gateways Hosts can implement IPSec to : Other hosts in transport or tunnel mode Gateways with tunnel mode Gateways to gateways - tunnel mode


A B Encrypted Tunnel Gateway Gateway Encrypted Unencrypted Unencrypted Tunnel Mode

Transport Mode: 

Transport Mode ESP protects higher layer payload only AH can protect IP headers as well as higher layer payload IP header IP options IPSec header Higher layer protocol ESP AH Real IP destination

Tunnel Mode: 

Tunnel Mode ESP applies only to the tunneled packet AH can be applied to portions of the outer header Outer IP header Inner IP header IPSec header Higher layer protocol ESP AH Real IP destination Destination IPSec entity

Security Association - SA: 

Security Association - SA One way relationship Determine IPSec processing for senders Determine IPSec decoding for destination SAs are not fixed! Generated and customized per traffic flows

Security Parameters Index - SPI : 

Security Parameters Index - SPI Can be up to 32 bits large The SPI allows the destination to select the correct SA under which the received packet will be processed (according to the agreement with the sender) The SPI is sent with the packet by the sender SPI + Dest IP address + IPSec Protocol (AH or ESP) uniquely identifies a SA

SA Database - SAD: 

SA Database - SAD Holds parameters for each SA Lifetime of this SA AH and ESP information Tunnel or transport mode Every host or gateway participating in IPSec has their own SA database

SA Bundle: 

SA Bundle More than 1 SA can apply to a packet Example: ESP does not authenticate new IP header. How to authenticate? Use SA to apply ESP w/out authentication to original packet Use 2nd SA to apply AH

Security Policy Database - SPD: 

Security Policy Database - SPD What traffic to protect? Has incoming traffic been properly secured? Policy entries define which SA or SA Bundles to use on IP traffic Each host or gateway has their own SPD Index into SPD by Selector fields Dest IP, Source IP, Transport Protocol, IPSec Protocol, Source andamp; Dest Ports, …

SPD Entry Actions: 

SPD Entry Actions Discard Do not let in or out Bypass Outbound: do not apply IPSec Inbound: do not expect IPSec Protect – will point to an SA or SA bundle Outbound: apply security Inbound: check that security must have been applied

SPD Protect Action: 

SPD Protect Action If the SA does not exist… Outbound processing: use IKE to generate SA dynamically Inbound processing: drop packet

Outbound Processing: 

Is it for IPSec? If so, which policy entry to select? Determine the SA and its SPI IPSec processing Outbound Processing

Inbound Processing: 

Use SPI to index the SAD Original IP Packet Inbound Processing Was packet properly secured? 'un-process'

Authenticated Header: 

Authenticated Header Data integrity Entire packet has not been tampered with Authentication Can 'trust' IP address source Use MAC to authenticate Anti-replay feature Integrity check value

Integrity Check Value - ICV: 

Integrity Check Value - ICV Message authentication code (MAC) calculated over IP header field that do not change or are predictable IPSec protocol header minus where the ICV value goes Upper-level data Code may be truncated to first 96 bits

IPSec Authenticated Header: 

SPI Sequence Number ICV Next Header (TCP/UDP) Payload Length 6-2=4 Reserved IPSec Authenticated Header

Encapsulated Security Protocol - ESP: 

Encapsulated Security Protocol - ESP Confidentiality for upper layer protocol Traffic flow confidentiality Data origin authentication and connectionless integrity (optional)

Outbound Packet Processing: 

Outbound Packet Processing Form ESP payload Pad as necessary Encrypt result [payload, padding, pad length, next header] Apply authentication Allow rapid detection of replayed/bogus packets Allow potential parallel processing - decryption andamp; verifying authentication code

Outbound Packet Processing...: 

Outbound Packet Processing... Sequence number generation Increment then use With anti-replay enabled, check for rollover and send only if no rollover With anti-replay disabled, still needs to increment and use but no rollover checking ICV calculation ICV includes whole ESP packet minus authentication data field Implicit padding of ‘0’s between next header and authentication data is used to satisfy block size requirement for ICV algorithm

ESP Transport Example: 

SPI Sequence Number Original IP Header Integrity Check Value Authentication coverage Encrypted Payload (TCP Header and Data) Variable Length Pad Length Padding (0-255 bytes) Next Header ESP Transport Example

Inbound Packet Processing: 

Inbound Packet Processing Sequence number checking Anti-replay is used only if authentication is selected Sequence number should be the first ESP check on a packet upon looking up an SA Duplicates are rejected! 0 Sliding Window size andgt;= 32 reject Check bitmap, verify if new verify

Anti-replay Feature: 

Anti-replay Feature Optional Information to enforce held in SA entry Sequence number counter - 32 bit for outgoing IPSec packets Anti-replay window 32-bit Bit-map for detecting replayed packets

Anti-replay Sliding Window: 

Anti-replay Sliding Window Window should not be advanced until the packet has been authenticated Without authentication, malicious packets with large sequence numbers can advance window unnecessarily Valid packets would be dropped!

Inbound Packet Processing...: 

Inbound Packet Processing... Packet decryption Decrypt quantity [ESP payload,padding,pad length,next header] per SA specification Processing (stripping) padding per encryption algorithm; In case of default padding scheme, the padding field SHOULD be inspected Reconstruct the original IP datagram Authentication verification (option)

ESP Processing - Header Location...: 

ESP Processing - Header Location... Tunnel mode IPv4 and IPv6 New IP hdr Orig IP hdr TCP Data ESP trailer ESP Auth ESP hdr New ext hdr New IP hdr TCP Data ESP trailer ESP Auth Orig IP hdr ESP hdr Orig ext hdr IPv4 IPv6

authorStream Live Help