Security Associations

Download Report

Transcript Security Associations

•IPSec is a suite of protocols defined by the Internet Engineering Task Force
(IETF) to provide security services at the network layer.
•The IP, which is the standard protocol used for communication across the
Internet
•IPSec is in 3rd layer (network) in OSI model.
•Optional security in V4 & obligatory in V6
IPSec provides a range of :
•
•
•
•
•
•
Connectionless integrity,
data authentication,
security services,
protection against replays,
confidentiality (encryption),
and limited traffic flow confidentiality.
Transport mode
Tunnel mode
•Covers security requirements,
definitions, & mechanisms of IPsec
Architecture
•Access protocol,protection
against anti-replay, data
origin authentication
Data Confidentiality
& limits traffic flow
AH Protocol
ESP Protocol
Choose suitable
Algorithm for ESP
Encryption alg.
Authentication alg.
DOI
Domain of Interpretation, include identifiers
for approved authentication & Encrypted
algorithm
Documents that describe
Key management
key management
•
IPSec comprises two protocols that provide security services &
key management mechanism.
1. Authentication Header (AH)
Access control, connectionless integrity, data origin authentication and
protection against anti-replay are provided by the protocol.
2. Encapsulating Security Payload (ESP)
provides Confidentiality of the data and limited traffic flow confidentiality
1. Transport mode :
• is designed for host-to-host communication and does not
afford total protection for the IP packets transmitted between the two hosts.
• The security protocol header is inserted between the IP header & the upper
layer protocol header, protecting only the upper layer payload of the packet.
2. Tunnel mode :
• is used To protect the entire IP packet, the packet is ‘wrapped' in a new
IP packet, and both the header and the payload of the original packet are
afforded IPSec protection.
Next Header: identifies the type of next header
Payload length: identifies size of data in the packet
SPI: Identifies security association
Sequence counter: designed to thwart replay attacks
By initializing the sender a counter by zero,
each time the packet is sent on SA, the sender
increments the counter, finally it will return to zero
Authentication data: contains integrity check value
SPI: Identifies security association
Sequence counter: designed to thwart replay attacks
By initializing the sender a counter by zero,
each time the packet is sent on SA, the sender
increments the counter, finally it will return to zero
Payload data: identifies size of IP data in the packet
Padding: Expand the plain text size
Next Header: identifies the type of data in next header
Authentication data: contains integrity check value
For two IPSec endpoints to be able to securely communicate, each host needs
to be aware of the parameters to be used in the communication.
such as:
1. Security Associations (SAs) and
2. Security Policies.
defined as a one-way contract between two communicating hosts.
An SA is used to define the communication parameters between the two IPSec
secured peers.
The parameters defined in the SA are:
• Which protocol to be used - AH or ESP
• What transforms to be used • Encryption keys
• Lifetime of the keys
• Sequence Number
• Anti-replay window
• Mode
• Tunnel destination
Cont…
•It is possible to use more than one protocol to communicate between the 2 hosts
at the same time – for example SQL database traffic using ESP and LDAP
Synchronisation could be using AH.
SAs can be setup by :
1. Setting up an SA manually is called Manual Keying.
The two parties that need to communicate agree upon the initial key.
The key is exchanged out of band, e.g. by using email or over the phone.
This key is then manually keyed in using the user interface to the IPSec kernel &
set up the other parameters such as Security Parameter Index and key expiry
date.
2. Dynamically using a key management protocol such as Internet Key Exchange
(IKE) protocol.
If there is no SA available, the IPSec kernel invokes IKE. IKE negotiates the SA
with the destination host based on the IPSec policy associated with that host.
During thesenegotiations, a pair of SAs for the communication between these
two hosts are generated and added to the Security Association Database.
This is known as auto mated key exchange.
• A combination of three fields in the SAD is used to uniquely identify each SA.
1- Destination IP address
2- The IPSec protocol to be used for that session.
3-Security Parameter Index (SPI) is a unique 32-bit parameter that identifies
the SA used for the session
• Every IPSec packet that is communicated contains an SPI.
• When there are multiple security associations between two hosts, the SPI is
used to identify the correct SA for a particular communication session.
• We have four examples of combinations of SAs that must be supported by
Compliant IPSec hosts (workstation,server) or security gateways(firewall,router)
• Each SA can be either AH or ESP for host tohost SAs the mode may be
transport or tunnel,otherwise it must be tunnel mode
Cont...
Case 2 : security is provided only between gateways
Case 3: security is provided between gateways and host to host
Cont...
Case4 : only tunnel mode between remot host and the firewall
One or two SAs between remot host and local host
•The security policy defines the security services to be applied at the IPSec
endpoint, and every IP packet processed has to be evaluated against the policy
regardless of whether it is protected by IPSec or not.
• Security policies are maintained in a Security Policy Database (SPD).
IPSec architecture specifies that a separate SPD be maintained for every IPSec
enabled interface.Two tables are defined in the SPD for inbound & outbound
policy.
• Each entry has to indicate how the traffic that matches that entry is processed,
need to be (bypass, reject or proceed with IPSec processing).
• Each policy entry also has a number of selectors that are used to identify
the policy application process. These selectors include source address,
destination address, user ID or system name, transport layer protocol
and source and destination ports.
•This mutual authentication is achieved through a pre-shared secret key,
digital certificate, or a digital signature.
• Once the two communicating systems have authenticated themselves to each
other, they generate session keys for data integrity and confidentiality .
Phase 1
• is used for mutual authentication of the IPSec peers.
• the IPSec peers authenticate each other, and setup a communication channel.
• exchange happens once per communication session, and pre-shared secrets
or public key pairs are used for identification and authentication.
•The secure, authenticated communication channel established is called
an ISAKMP
Phase 2
•session keys for other security services are established using the ISAKMP .
•can result in multiple connections.
•IPSec security associations are generated during this phase.
IPSec is implemented at the IP layer, thus providing security services to the upper
layer protocols.
IPSec can be implemented between, two hosts, two gateways or between a host
and a gateway. Some examples of these of implementations are:
a) Two servers synchronising a database, either internally or across the Internet
Cont...
b) Two gateways, providing secure communication between the two networks
connected by the two gateways
c) A gateway and host/s as in remote access solutions.