3. IP is not Secure!
IP protocol was designed in the late 70s to early 80s
– Part of DARPA Internet Project
– Very small network
All hosts are known!
So are the users!
Therefore, security was not an issue
3
4. Security Issues in IP
source spoofing
replay packets
no data integrity or confidentiality
• DOS attacks
• Replay attacks
• Spying
• and more…
Fundamental Issue:
Networks are not (and will never be)
fully secure
4
5. Goals of IPSec
to verify sources of IP packets
– authentication
to prevent replaying of old packets
to protect integrity and/or confidentiality of packets
– data Integrity/Data Encryption
5
11. Various Packets
Original
IP header
TCP header
Transport
mode
IP header
IPSec header TCP header
IP header
IPSec header
Tunnel
mode
data
IP header
data
TCP header
11
data
13. Authentication Header
(AH)
Provides source authentication
– Protects against source spoofing
Provides data integrity
Protects against replay attacks
– Use monotonically increasing sequence
numbers
– Protects against denial of service attacks
NO protection for confidentiality!
13
14. AH Details
Use 32-bit monotonically increasing sequence number to avoid
replay attacks
Use cryptographically strong hash algorithms to protect data
integrity (96-bit)
– Use symmetric key cryptography
– HMAC-SHA-96, HMAC-MD5-96
14
16. ESP Details
Same as AH:
– Use 32-bit sequence number to counter
replaying attacks
– Use integrity check algorithms
Only in ESP:
– Data confidentiality:
Uses symmetric key encryption algorithms
to encrypt packets
16
17. Internet Key Exchange
(IKE)
Exchange and negotiate security policies
Establish security sessions
– Identified as Security Associations
Key exchange
Key management
Can be used outside IPsec as well
17
18. IPsec/IKE Acronyms
Security Association (SA)
– Collection of attribute associated with a
connection
– Is asymmetric!
One SA for inbound traffic, another SA for
outbound traffic
Similar to ciphersuites in SSL
Security Association Database (SADB)
– A database of SAs
18
19. IPsec/IKE Acronyms
Security Parameter Index (SPI)
– A unique index for each entry in the
SADB
– Identifies the SA associated with a
packet
Security Policy Database (SPD)
– Store policies used to establish SAs
19
20. How They Fit Together
SPD
SA-1
SA-2
SADB
SPI
SPI
20
21. SPD and SADB Example
A’s SPD
Transport Mode
A
C
B
D
Tunnel Mode
A’s SADB
From
To
Asub
Bsub
From
To
Asub
Bsub
From
To
Protocol
Port
Policy
A
B
Any
Any
AH[HMAC-MD5]
From
To
Protocol
SPI
SA Record
A
B
AH
12
HMAC-MD5 key
Protocol
Port
Policy
Tunnel Dest
Any
Any
ESP[3DES]
D
Protocol
SPI
SA Record
ESP
14
C’s SPD
3DES key
C’s SADB
21
22. IPsec Policy
Phase 1 policies are defined in terms of
protection suites
Each protection suite
– Must contain the following:
Encryption algorithm
Hash algorithm
Authentication method
Diffie-Hellman Group
– May optionally contain the following:
Lifetime
…
22
23. IPSec Policy
Phase 2 policies are defined in terms of
proposals
Each proposal:
– May contain one or more of the following
AH sub-proposals
ESP sub-proposals
IPComp sub-proposals
Along with necessary attributes such as
– Key length, life time, etc
23
24. Resources
IP, IPsec and related RFCs:
– http://www.ietf.org/html.charters/ipsec-charter.html
– IPsec: RFC 2401, IKE: RFC 2409
– www.freeswan.org
Google search
24