Network Security

IP SECURITY
Lecture 11
TCP/IP Protocol Stack

Application Layer

Transport Layer

Network Layer

Data Link Layer

2
Network Layer
• Provides connectionless service
• Routing (routers): determine the path a path has to traverse to reach
its destination
• Defines addressing mechanism
• Hosts should conform to the addressing mechanism

3
Communication Between Layers

Application Data
Application layer Application layer
Transport payload
Transport layer Transport layer
Network
Network layer Network layer Network layer Network layer
Payload
Data Link layer Data Link Data Link layer Data Link layer Data Link layer
Payload

Host A Router Router Host B

4
Network Layer and Security
In most network architecture and corresponding
communication protocol stack: network layer
protocol data units are transmitted in the clear:
• Easy to inspect the data content
• Easy to forge source or destination address
• Easy to modify content
• Easy to replay data

Need network layer security protocol

6
Internet Engineering Task Force
Standardization
• IPv6 development requirements: Strong security features
• Security features algorithm-independent
• Must enforce wide variety of security policies
• Avoid adverse impact on Internet users who do not need security
• 1992: IPSEC WG (IETF)
• Define security architecture
• Standardize IP Security Protocol and Internet Key Management
Protocol
• 1998: revised version of IP Security Architecture
• IPsec protocols (two sub-protocols AH and ESP)
• Internet Key Exchange (IKE)

7
IP Security Overview
IPSec: method of protecting IP datagrams
• Data origin authentication
• Connectionless data integrity authentication
• Data content confidentiality
• Anti-replay protection
• Limited traffic flow confidentiality

8
IPSec
• Protection for IP and upper layer protocols
• IPSec protocols
• Encapsulating Security Payload (ESP)
• Proof of data origin, data integrity, anti-replay protection
• Data confidentiality and limited traffic flow
confidentiality
• Authentication Header (AH)
• Proof of data origin, data integrity, anti-replay protection

9
IPsec
• Security provided by ESP or AH is dependent on the cryptographic algorithms
applied to them
• Default encryption algorithm: DES CBC
• Not suited for highly sensitive data or
• For data that must remain secure for extended period of time
• Authentication and/or confidentiality requires shared keys
• Manual key addition is supported but scales poorly
• Internet Key Exchange (IKE): key management protocol

10
IP SEC Architecture
Modes
1-AH
• Transport mode: protect upper layer protocols
• IPSec header is inserted between the IP header and the upper-layer protocol
header

protected

IP IPsec Payload

13
AH
• Tunnel mode: protect entire IP datagram
• Entire IP packet to be protected is encapsulated in another IP datagram and
an IPsec header is inserted between the outer and inner IP headers

protected

IP IPsec IP Payload

New Original
IP header IP header

15
Authentication Header (AH)
• Does NOT provide confidentiality
• Provides:
• Data origin authentication
• Connectionless data integrity
• May provide:
• Non-repudiation (depends on cryptographic alg.)
• Anti-replay protection
• Precision of authentication: granularity of SA
• Protocol number: 51

17
AH Header

Next header Payload length Reserved

Sequence number

Authentication data (n*32 bit)

32 bit

18
Authentication Data(AH)
• Computed by using
• authentication algorithm (MD5, SHA-1)
• cryptographic key (secret key)
• Sender: computes authentication data
• Recipient: verifies data

19
2-Encapsulating Security Payload (ESP)
• Provides:
• Confidentiality
• Authentication Limited traffic flow confidentiality
• Anti-replay protection

20
ESP Format
Security Parameter Index
Authen-
ticity
Sequence number protected

Payload data

padding
padding Pad length Next header

Confidentiality
Authentication data (n*32 bit) protected

21
IP Security Architecture
IPsec module 1 IPsec module 2

SPD SPD

IKE IKE

IPsec IPsec
SAD SAD
SA

23
Security Association
• Associates security services and keys with the traffic to be protected
• Identified by Security Parameter Index (SPI)  retrieve correct SA parameters
from Security Association Database (SAD)
• Ipsec protocol identifier
• Destination address (direction)
• Simplex connection  need to establish two SAs for secure
bidirectional communication

24
Security Association
• Defines security services and mechanisms between
two end points (or IPsec modules):
• Hosts
• Network security gateways (e.g., routers, application
gateways)
• Hosts and security gateways
• Security service, parameters, mode of operation,
and initialization vector
• e.g., Confidentiality using ESP with DES in CBC mode with IV
initialization vector

25
Security Association
• May use either Authentication Header (AH) or Encapsulating Security
Payload (ESP) but not both  if both AH and ESP are applied, need
two SAs
• Bundle: set of SAs through which traffic must be processed

26
SA -- Lifetime
• Amount of traffic protected by a key and time frame the same key is used
• Manual creation: no lifetime
• Dynamic creation: may have a lifetime
SAD Contains these parameters
• Security Parameter Index
• Destination Address
• Sequence Number
• Anti-Replay Window
• IP Security Protocol
• Algorithm
• Key
• SA Lifetime
• IPSec

27
Security Policy Database (SPD)
• Defines:
• What traffic to be protected
• How to protect
• With whom the protection is shared
• For each packet entering or leaving an IPsec implementation
SPD is used to determine security mechanism to be applied
• Actions:
• Discard: do not let packet in or out
• Bypass: do not apply or expect security services
• Protect: apply/expect security services on packets

28
 Anti-replay Protection
• Not explicitly part of the architecture
• Protection by sequence number (32-bits)
• When SA is created: sequence number is initiated to zero
• Prior to IPsec output processing: sequence number is
incremented

Sliding window of received packets

N N+5 N+7
New packet
29
Internet Key Exchange(IKE)
• need to use a security protocol that performs mutual authentication
and key exchange.
• For two end hosts or gateways to use IPSec for secure
communications over the Internet, that protocol is the Internet Key
Exchange Protocol (IKE)
• IKE allows the two parties to decide the security policies for the traffic
between them
• it allows the parties to agree on a set of security parameters, such as
which cryptographic algorithms to use for encryption and hashing