Network Security (contd.

Tutorial on Network Security: Sep

02/04/20 1
2003
 IPSec: IP Security
 An IETF standard
– IPSec architecture and related standards published as refer RFC 1825
thru RFC 1829
 Adrresses security issues arising from
– authentication and confidentiality
– connecting a remote host to a server
– Interconnecting two LANs using a public network
 Applications:
– wide-area networking of branch offices using Internet
– Interconnecting supplier/distributor extranets to enterprise network
– Telecommuting
– E-commerce
 Implemented in clients, servers or in routers

Tutorial on Network Security: Sep

02/04/20 2
2003
 IPSec Scenario

PC

Public
Network
PC

Enterprise
Router Router
Enterprise LAN#2
LAN#1

PC Server

Tutorial on Network Security: Sep

02/04/20 3
2003
 Security functions covered by IPSec
Authenticatio Encapsulating Encapsulating
n header (AH) security payload security payload,
(ESP), without with AH
AH
Access control Yes Yes Yes

Connection-less integrity Yes Yes

Data origin authentication Yes Yes

Rejection of replayed packets Yes Yes Yes

Confidentiality Yes Yes

(Limited) Flow Confidentiality Yes Yes

Tutorial on Network Security: Sep

02/04/20 4
2003
 Modes in IPSec
 Transport Mode
– The payload in an IP packet is secured
 E.g. TCP, UDP, ICMP headers, data
 Tunnel Mode
– The complete IP packet
 including its header is secured

Tutorial on Network Security: Sep

02/04/20 5
2003
 Transport Mode IPSec

PC

Public
End-to-end Network
PC
authentication
and/or encryption

Enterprise
Router Router
Enterprise LAN#2
LAN#1
End-to-end
authentication
PC Server and/or encryption

Tutorial on Network Security: Sep

02/04/20 6
2003
 Tunnel Mode IPSec

PC

Public
End-system to Network
ROUTER PC
authentication
and/or encryption
Enterprise
Router Router
Enterprise LAN#2
LAN#1
Router-to-router
authentication
PC Server
and/or encryption

Tutorial on Network Security: Sep

02/04/20 7
2003
 Transport vs. Tunnel modes
Transport
 ? mode Tunnel Mode
authenticates
AH: TCP/UDP/ICM authenticates
Authentication P header and IP header and
function data data
encrypts
ESP: TCP/UDP/ICM encrypts IP
Encryption P header and header and
function data data
encrypts and
authenticates encrypts IP
TCP/UDP/ICM header and
ESP with AH P header and data
Tutorial on Network Security: Sep
02/04/20 8
2003
 IPSec Tunnel mode
 Advantages:
– Only routers need to implement IPSec functions
– Implement VPN (Virtual private network)

Enterprise
LAN
Enterprise
LAN Router Router

Public
Network Enterprise
LAN
Enterprise Router Router
LAN

Tutorial on Network Security: Sep

02/04/20 9
2003
 IPSec: Authentication Header
 Original IP packet
Original TCP TCP
IP hdr header data

 Encoded packet in “transport mode”?

Original Authen. TCP TCP
IP hdr hdr header data

 Encoded packet in “tunnel mode”?

NEW IP Authen. Original TCP TCP
hdr hdr IP hdr header data

Tutorial on Network Security: Sep

02/04/20 10
2003
 IPSec: packet format for AH
Original/new IP header
Next Payload Reserved (16 bits)
header length
Identifier (32 bits)

Sequence number (32 bits)

AH (variable length, default 96 bits)

Based on: MD5, or SHA-1
Covers TCP/UDP/ICMP header, data and
portions of “non-mutable” IP headers

Payload (IP or TCP packet)

Tutorial on Network Security: Sep
02/04/20 11
2003
 IPSec: ESP (Encryption)
 Original IP packet
Original TCP TCP
IP hdr header data

 Encoded packet in “transport mode”?

Original ESP hdr TCP TCP ESP AH
IP hdr header data trailer (optional)

 Encoded packet in “tunnel mode”?

NEW IP ESP hdr Original TCP TCP ESP AH
hdr IP hdr header data trailer (optional)

Tutorial on Network Security: Sep

02/04/20 12
2003
 IPSec: packet format for ESP
Original/new IP header
Identifier (32 bits)

Sequence number (32 bits)

authenticated
Payload (TCP, or IP packet with padding,
pad length, next header), suitably
encrypted encrypted using 3DES, RC5 or …
Pad length, …

Authentication Header based on MD5,

etc.

Tutorial on Network Security: Sep

02/04/20 13
2003
 Combining security functions
 Authentication with confidentiality
– ESP, with AH
 An AH inside a ESP (both in transport mode)

PC
Server

Public
Router Network Enterprise
LAN
Enterprise Router
LAN

Tutorial on Network Security: Sep

02/04/20 14
2003
 Combining security functions
 An AH inside a ESP (both in transport mode), and all
this within a ESP tunnel across the routers

PC
Server

Public
Router Network Enterprise
LAN
Enterprise Router
LAN

Tutorial on Network Security: Sep

02/04/20 15
2003
 Key exchange
 Key generation and exchange using some “physical
means”
 Automated generation of keys
– Oakley key determination and exchange
 Based on Diffie-Hellman key generation algorithm

 Oakley key exchanged protocol

Tutorial on Network Security: Sep

02/04/20 16
2003
 Diffie-Hellman key generation
 A distributed key generation scheme
 Given q - a large prime number
a – a primitive root of q
(1 <= ak mod q < q, and distinct for all 1 <= k < q)
 A:
– picks XA (keeps it secret),
– computes and sends YA  aXA mod q to B
 B:
– picks XB (keeps it secret),
– computes and sends YB  aXB mod q A
 A and B compute the secret shared key aXA XB
YBXA or YAXB

Tutorial on Network Security: Sep

02/04/20 17
2003
 Diffie-Hellman key generation
 Man-in-the-middle attack
– Assumes ability to intercept, and spoof

XA, A2B XE, A2B

A B
E
XE, B2A XB, B2A

aXA*XE aXB*XE
Tutorial on Network Security: Sep
02/04/20 18
2003
 Diffie-Hellman key generation
 Issues with the algorithm:
– What is the value of q, a?
 Make available several sets, and let the parties negotiate

– Man-in-the-middle attack
 Use some form of authentication
– Denial of service attack, arises from address-spoofing
 Use cookies:

– Replay attacks
 Use nonces

Tutorial on Network Security: Sep

02/04/20 19
2003
 Cookies
 Cookies:
A requests B’s attention
B responds with a “cookie” (a random number), K
A must return K in its subsequent messages
 Characteristics of cookies:
– Should depend upon data specific to B
– Should use some secret information
– Cookie generation and verification must be fast
– B should not have to save the cookie
 Example method used:
– Hash sender/receiver IP address TCP port nos. and a secret
value

Tutorial on Network Security: Sep

02/04/20 20
2003
 Oakley Key exchange

Tutorial on Network Security: Sep

02/04/20 21
2003
 Oakley Key exchange: part 1
 A to B
ID of A, ID of B
Initiator cookie, CK-A
Encryption, hash, authentication algorithms
Specific Diffie Hellman group (q, a)
public key yA = aXA mod q
Nonce NA
SignedKR(A)[ID of A, ID of B, NA, q, a, yA]

Tutorial on Network Security: Sep

02/04/20 22
2003
 Oakley Key exchange: part 2
 B to A
ID of B, ID of A
Responder cookie, CK-B, Returned initiator cookie, CK-A
Encryption, hash, authentication algorithms
Specific Diffie Hellman group (q, a)
public key yB = aXB mod q
Nonce NA, NB
SignedKR(B)[ID of B, ID of A, NA, NB, q, a, yB yA]

Tutorial on Network Security: Sep

02/04/20 23
2003
 Oakley Key exchange: part 3
 A to B
ID of A, ID of B
Returned cookie, CK-B, initiator cookie, CK-A
Encryption, hash, authentication algorithms
Specific Diffie Hellman group (q, a)
public key yA = aXA mod q
Nonce NA, NB
SignedKR(A)[ID of A, ID of B, NA, NB, q, a, yB yA]

Tutorial on Network Security: Sep

02/04/20 24
2003
 Thanks

Tutorial on Network Security: Sep

02/04/20 25
2003