Internet Protocol Security part 1

[bogdi19]

Internet Protocol Security (IPSec) - What is IPSec?

This Lesson explains what is Internet Protocol Security (IPSec), goals of Internet Protocol Security (IPSec) and different ways of implemeting Internet Protocol Security (IPSec).

Internet Protocol has many weaknesses. The following points describe some of the weaknesses of Internet Protocol.

• IP data packet (Internet Protocol Datagram) contains the logical addressing information (IP addresses). It is easy to forge the logical addresses of IP datagram.

• It is possible to view the contents of an IP datagram, since there is no inbuilt encryption for IP datagram.

• It is possible to modify the contents of IP datagram.

•Replay attack is a type of network attack in which attackers capture packets whenever packets pass between two hosts on a network. The packets are then analyzed and passwords, encryption keys, or digital signatures are extracted from the captured packets. Later the attacker can send the captured password to the host and gain authentication.

Hence we cannot make sure that the IP datagram’s received by a computer are from the claimed sender, the data received is not tampered by an attacker and the datagram was not inspected by the attacker while the packet was travelling the network.

The purpose of Internet Protocol Security or IPsec is for protecting communications over Internet Protocol (IP) communications using cryptographic security services. IPsec is a security tunneling protocol, de?ning a mechanism that allows a device to encrypt and/or authenticate data packets and encapsulate the data packets. Internet Protocol Security (IPsec) enhances your network security to a very high level.

Goals of Internet Protocol Security (IPSec)

1) Authentication – Prove we are who we say we are.

2) Integrity – The data has not been tampered with.

3) Confidentiality – The confidential data cannot be inspected by others. The term confidentiality means the data expected to remain private should be seen only by those who should see it.

Different ways of implemeting Internet Protocol Security (IPsec)

• IPsec can be integrated into the TCP/IP protocol suit.

• IPsec can be added below the TCP/IP protocol suit.

• IPsec can be implemented as a stand-alone device, and can be implemented as a part of the router or firewall.

Key protocols associated with IPSec

Internet Protocol Security (IPsec) consists of three key protocols.

Authentication Header (AH): AH is a protocol that provides data origin authentication, data integrity, and anti-replay protection.

Encapsulating Security Payload (ESP): ESP is a a protocol that provides data origin authentication, data integrity, and anti-replay protection and it provides confidentiality by encrypting the traffic.

Internet Key Exchange (IKE): IKE is a protocol that provides the key-management function. IKE helps in setting up Security Associations.

In this lesson you have learned what is Internet Protocol Security (IPsec), why we need Internet Protocol Security (IPsec), the goals of Internet Protocol Security (IPsec) and the ways Internet Protocol Security (IPsec) can be implemented. Authentication Header (AH), Encapsulating Security Payload (ESP and Internet Key Exchange (IKE) are the key protocols associated with Internet Protocol Security (IPSec). Click "Next" to continue.

Security Association

Security Association (SA) form the basis of Internet Protocol Security (IPSec).

A Security Association (SA) is a simplex (one-way channel) and logical connection that provides relationship between two or more systems to build a unique secure connection. A Security Association (SA) can be viewed as an agreement between two devices about how to protect information during transit.

The Security Association (SA) are one way (simplex). If two devices, Dev-A and Dev-B, are communicating using IPSec, then the DevA will have two Security Association's. One Security Association is used for processing out-bound packets and other Security Association is used for processing inbound packets.

A Security Association (SA) consists of three things.

1) A Security Parameter Index (SPI)

2) An IP destination address

3) A IPSec Protocol Identifier. IPSec protocols are Authentication Header (AH) and Encapsulating Security Payload (ESP).

The protocol Internet Key Exchange (IKE or IKEv2) is used to set up Security Associations (SAs) between two devices. IKE uses a Diffie-Hellman key exchange to set up a shared secret key, from which cryptographic keys are derived. Diffie-Hellman (developed by Whitfield Diffie and Martin Hellman) algorithm is a method for securely exchanging a shared secret (key) between two devices over an untrusted network. The secret key is generated at two devices and it is never transmitted over the network.

Internet Key Exchange (IKE) protocol used for generating Security Association is a two-phase process.

The first phase (also known as Main Mode negotiation) is a policy negotiation phase in which four parameters are negotiated.

• The encryption algorithm (DES or 3DES).

• The hash algorithm (MD5 (Message Digest 5) or SHA (Secure Hash Algorithm)).

• The authentication method (Certificate, Pre-shared key, or Kerberos).

• The exchange of DH material for key generation.

In the second phase (also known as Quick Mode negotiation), the following parameters are negotiated.

• The IPSec protocol (AH or ESP).

• The hash algorithm (MD5 of SHA).

• The algorithm for encryption, if requested (DES or 3DES).

After Main Mode and Quick Mode negotiations, common agreement is reached, and two Security Associations (SAs) are established. One Security Association (SA) is for inbound communication and the other Security Association (SA) is for outbound communication. As part of the second phase (Quick Mode), session key material is refreshed, and a new pair of keys is generated. This can prevent the cracking of session key by an attacker.

The Security Parameter Index (SPI) is a very important element in the SA. An SPI is a 32-bit number that is used to uniquely identify a particular SA for any connected device.

A Security Association (SA) is an agreement between two devices about how to protect information during communication. It also indicates the parameters, such as keys and algorithms. SPI provides a mechanism for the destination to identify which SA to use to check the security of the received packet. The SPI is provided to map the incoming packet to an SA at the destination

The SPI is a 32-bit random number generated by the sender to identify the SA to the recipient.

It is worth knowing two other terms related with IPSec.

Security Policy Database (SPD)

IPSec Policies are maintained in the Security Policy Database (SPD). IPSec Policies de?ne which traffic to be protected, how it is to be protected, and with whom to protect it. The sending host determines what policy is appropriate for the packet, depending on various "Selectors" by checking in the Security Policy Database (SPD). "Selectors" can include Source and Destination IP Addresses, Name (User ID ir a System Name), Transport Layer Protocols (TCP or UDP) or Source and Destination Ports. The Security Policy Database (SPD) indicates what the policy is for a particular packet. If the packet requires IPsec processing, it will be it is passed to the IPsec module for the required processing.

Security Association Database (SAD)

IPSec Security Associations are stored in the Security Association Database (SAD). Each Security Association has an entry in the Security Association Database (SAD). The Security Association entries in the Security Association Database (SAD) are indexed by the three Security Association properties.

1) Destination IP address 2) IPSec protocol 3) Security Parameter Index (SPI).

In this lesson, you will learn what is Transport Mode, what type of data can be protected using Transport Mode.

IPsec Transport mode protects upper-layer protocols (Ex: TCP or UDP) and Transport mode is used to secure end-to-end (device to device) communications.

Figure 1: End-to-end data transmission security using Transport Mode

When IPSec is enabled, the transport layer packets (TCP Segments and UDP Datagrams) reach the IPSec module. When IPSec is implemented as a part of TCP/IP protocol suit, the IPSec module is a of the network layer (OSI Layer 3). The IPSec then adds the Authentication Header (AH), Encapsulating Security Payload (ESP), or both headers, and then IP header is added.

IPSec Transport Mode

When IPSec is operating at Transport mode, IPSec header is inserted between the IP header and the Transport Layer protocol header (TCP or UDP).

Figure 2: In Transport mode, IPSec Header is inserted between IP header and TCP Header

In Transport Mode, if the packet needs to be secured using both Authentication Header (AH) and Encapsulating Security Payload (ESP), the packet is first protected using Encapsulating Security Payload (ESP) and then it is secured using Authentication Header. This helps to bring the data integrity to the Encapsulating Security Payload (ESP) payload also.

Figure 3: Transport mode - AH and ESP together

IPSec Tunnel mode is used to secure gateway-to-gateway traffic. IPSec Tunnel mode is used when the final destination of the data packet is different from the security termination point. IPsec Tunnel mode protects the entire contents of the tunneled packets.

As we learned in previous lesson, Transport mode is a good option securing host-to-host communication and Tunnel mode is the option for Virtual Private Network (VPN).

The IPSec Tunnel mode data packets sent from the source device are accepted by the security gateway (a router or a server) and forwarded to the other end of the tunnel, where the original packets are extracted and then forwarded to their final destination device.

Figure 4: Gateway-to-gateway security using IPSec Tunnel mode

When we use IPSec Tunnel mode, the IP datagram is encapsulated in another IP datagram and an IPSec header is inserted between two IP headers.

Figure 5: IP Datagram secured using IPSec Tunnel mode.

An IPSec tunneled mode packet has outer IP header and inner IP header. The inner header is the host IP header itself and the outer header is added by the security gateway.

The Authentication Header (AH) is an IPSec protocol that provides data integrity, data origin authentication, and optional anti-replay services to IP. Authentication Header (AH) does not provide any data confidentiality (Data encryption). Since Authentication Header (AH) does not provide confidentiality, there is no need for an encryption algorithm. AH protocol is specified in RFC 2402.

Authentication Header (AH) is an IP protocol and has been assigned the protocol number 51 by IANA. In the IP header of Authentication Header (AH) protected datagram, the 8-bit protocol field will be 51, indicating that following the IP header is an Authentication Header (AH) header.

Figure 6: Authentication Header (AH) - Header

Next Header: Next header field points to next protocol header that follows the AH header. It can be a Encapsulating Security Payload (ESP) header, a TCP header or a UDP header (depending on the network application).

Payload Length: specifies the length of AH in 32-bit words (4-byte units), minus 2.

RESERVED: This field is currently set to 0, reserved for future use.

Security Parameter Index (SPI): The Security Parameter Index (SPI) field contains the Security Parameter Index, is used to identify the security association used to authenticate this packet.

Sequence Number: Sequence Number field is the number of messages sent from the sender to the receiver using the current SA. The initial value of the counter is 1. The function of this field is to enable replay protection, if required.

Authentication Data: The Authentication Data field contains the result of the Integrity Check Value calculation, that can be used by the receiver to check the authentication and integrity of the packet. This field is padded to make total length of the AH is an exact number of 32-bit words. RFC 2402 requires that all AH implementations support at least HMAC-MD5-96 and HMAC-SHA1-96.

This lesson explains Encapsulating Security Payload (ESP), Encapsulating Security Payload (ESP) Header and trailer, Encapsulating Security Payload (ESP) Header and trailer fields description.

The Encapsulating Security Payload (ESP) protocol provides all the functions of Authentication Header (Authentication, Data Integrity, and anti-replay protection). The difference here is that the Encapsulating Security Payload (ESP) provides the most critical security function, data confidentiality. The benifits of using Encapsulating Security Payload (ESP) are listed below.

1) Confidentiality of Datagrams through encryption.

2) Traffic flow confidentiality using security gateways.

3) Authentication of data origin using digital certificates.

4) Anti-replay services using sequence number mechanism.

Figure 7: Encapsulating Security Payload (ESP) Header

Security Parameter Index (SPI): Security Parameter Index (SPI) field in the Encapsulating Security Payload (ESP) header along with the destination address, and the IPsec protocol are used to uniquely identify the SA that applies to this packet.

Sequence Number: The sequence number in the Encapsulating Security Payload (ESP) header provides antireplay services to Encapsulating Security Payload (ESP).

Protected Data: Protected Data field in the Encapsulating Security Payload (ESP) heade is the actual data being protected by Encapsulating Security Payload (ESP). The length of this field is variable and depends on the size of the data. The protected data field also contain any initialization vector for encryption algorithm.

Padding: Block ciphers require that plaintext be padded to a multiple of the block size. If any padding is needed, it follows immediately after the payload data in the padding field.

Pad Length: Pad Length specifies the length of the padding.

Next Header: The next header field indicates what type of data is in the payload data field.

Authentication Data: The authentication data field contains an integrity check value for the Encapsulating Security Payload (ESP) packet.

Following are some of the features of Windows 2003 IPSec implementaion.

Windows 2003 IPSec implementaion is policy based. Administrators need to work in Group Policy to configure IPSec in Windows 2003.

Windows 2003 IPSec implementaion can use Kerberos v5, a digital certificate, or a shared secret (string) for user authentication.

IPSec mutually authenticates computers prior to any data being exchanged.

Windows 2003 IPSec implementaion uses Data Encryption Standard (DES) or Triple DES (3DES) for encryption.

Windows 2003 IPSec implementaion uses MD5 (Message Digest) or SHA1 (Secure Hash Algorithm) algorithm for data hashing.

IPSec is transparant to users. IPSec operate at OSI Layer 3 and there is no need for users and applications to directly interact with IPSec.

IPSec Monitor tool is available as a MMC snap-in.

Windows 2003 IPSec implementaion supports 2048 bit Diffie-Hellman key exchange, generating more secure keys.

Sursa: Free Networking tutorials, System Administration Tutorials and Security Tutorials