1 / 28

IPsec

IPsec. 18.1 Introduction 18.2 Security associations 18.3 Internet Security Association and Key Management Protocol (ISAKMP) 18.4 Internet Key Exchange (IKE) 18.5 Encapsulated Security Payload (ESP) 18.6 Summary. 18.1 Introduction.

gabe
Télécharger la présentation

IPsec

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. IPsec

  2. 18.1 Introduction 18.2 Security associations 18.3 Internet Security Association and Key Management Protocol (ISAKMP) 18.4 Internet Key Exchange (IKE) 18.5 Encapsulated Security Payload (ESP) 18.6 Summary

  3. 18.1 Introduction • Internet Protocol Security (IPsec) provides for various security services on the IP layer, in IPv4 as well as IPv6, thus offering protection for protocols in the upper layers • IPsec is typically used to secure communications between hosts and security gateways

  4. The set of security services that IPsec provides includes • access control • data integrity protection • data origin authentication • anti-replay protection • confidentiality • limited traffic flow confidentiality

  5. IPsec can operate in two modes • tunnel mode • typically used to tunnel IP traffic between two security gateways • IPsec protects the full IP datagram • transport mode • mainly used to provide security services for upper layer protocols • IPsec offers limited protection to IP headers

  6. The components of the IPsec security architecture [RFC2401] • Security protocols • Authentication Header (AH) [RFC2402] • extends protection to some parts of the IP header • Encapsulated Security Payload (ESP) [RFC2406] • no security services provided for the IP headers that precede the ESP header

  7. Security associations • definition of the Security Policy Database (SPD) and the Security Association Database (SAD) as well as the management and usage of security associations • Key management • the distribution of cryptographic keys for use with the security protocols (namely, the Internet Key Exchange, or IKE [RFC2409]) • Algorithms used for encryption and authentication

  8. 18.2 Security associations • Security protocols make use of security associations (SAs) as they provide security services • SA • a relationship between two entities that defines how they are going to use security services to secure their communications • it includes information on authentication and/or encryption algorithms, cryptographic keys and key lengths as well as the initialization vectors (IV) that are shared between the entities

  9. an SA is unidirectional • typically two SAs are needed for a bidirectional flow of traffic • one for inbound (read) traffic and one for outbound (write) traffic

  10. An SA is uniquely identified by the following three items • security parameter index (SPI) • destination IP address • security protocol (either AH or ESP)

  11. The management of SAs involves two databases • SPD (Security Policy Database) • contains the policies by which all inbound and outbound traffic is categorized on a host or a security gateway • a set of selectors—IP layer and upper layer (e.g., TCP and UDP) protocol field values—is used by the SPD to map traffic to a specific SA • SAD (Security Association Database) • a container for all active SAs, and related parameters

  12. 18.3 Internet Security Association and Key Management Protocol (ISAKMP) • ISAKMP • used for negotiating, establishing, modification, and deletion of SAs and related parameters • it defines the procedures and packet formats for peer authentication creation and management of SAs and techniques for key generation • it also includes mechanisms that mitigate certain threats (e.g., denial-of-service, or DOS, and anti-replay protection)

  13. ISAKMP • an "abstract" protocol—it provides a IPsec framework for authentication and key management, and supports many actual key exchange protocols (e.g., IKE) • defines header and payload formats

  14. ISAKMP • operates in two phases • phase 1 • the peers establish an ISAKMP SA (namely, they authenticate and agree on the used mechanisms to secure further communications) • phase 2 • this ISAKMP SA is used to negotiate further protocol SAs (e.g., an IPsec/ESP SA)

  15. 18.4 Internet Key Exchange (IKE) • IKE • a key exchange protocol which, in conjunction with ISAKMP, negotiates authenticated keying material for SAs • can use two modes to establish a phase 1 ISAKMP SA • main mode • the identities of the negotiating entities are protected

  16. aggressive mode • the identities are revealed to the outside world • both modes use the Ephemeral Diffie-Hellman key exchange algorithm to generate keying material for the ISAKMP SA

  17. 18.5 Encapsulated Security Payload (ESP) • ESP • used to provide security services in IPv4 and IPv6. • can be used alone or in unison with an AH • can "provide either confidentiality (i.e., encryption) or integrity protection (i.e., authentication), or both. • can operate in transport mode and in tunnel mode

  18. The ESP header is inserted • into the IP datagram after the IP header and before any upper layer protocol headers in transport mode, or • before an encapsulated IP datagram in tunnel mode • Figure 18.1 illustrates the ESP packet format

  19. The fields in the ESP header • The sequence number • a monotonically increasing 32-bit counter used to protect against replay attacks • when an SA is established the sequence number is reset to zero

  20. Payload data • a variable length field that typically contains the data payload, whose type is denoted by the next header field • it may also contain cryptographic synchronization data, such as an IV

  21. Padding • used to fill the payload data to a specific block size multiple required by a particular encryption algorithm, or to randomize the length of the payload in order to protect against traffic flow analysis • Pad length • an 8-bit field whose value indicates in bytes the length of the padding field

  22. Next header • an 8-bit field whose value indicates the type of data contained in the payload data field • Authentication data • a variable length field containing an integrity check value (ICV), which is computed (using an authentication algorithm) from the rest of the ESP packet, to provide data integrity protection

  23. To process outbound traffic, a host or security gateway first uses a set of selectors in the SPD to determine the outbound SA used • It then follows a set of steps to process the outbound packet • Either the entire original outbound IP datagram is encapsulated in an ESP payload field (tunnel mode) or just the original upper layer protocol information from the outbound IP datagram is encapsulated (transport mode) • Appropriate padding is added to the payload data

  24. The results are encrypted using an encryption key and an algorithm • The sequence number is incremented as appropriate • If authentication is enabled, then the ICV is calculated • Possible fragmentation of the IP datagram is performed

  25. On receiving an IP datagram the recipient follows the following steps to process the packet • Possible reassembly of the IP datagram is performed • Using the SPI, security protocol and destination IP address, an appropriate SA is looked up from the SAD • If anti-replay protection is enabled, the sequence number is inspected

  26. If authentication is enabled, then the ICV is verified • The packet is decrypted, padding is removed and the original IP datagram is reconstructed

  27. 18.6 Summary • IPsec provides security services in the IP layer, in both IPv4 and IPv6, offering protection for protocols at higher layers • IKE is used for key exchange • creating and managing SAs and related security parameters • ESP is used for confidentiality and integrity protection

More Related