Network Mobility
Download
Report
Transcript Network Mobility
Network Mobility
Yanos Saravanos
Avanthi Koneru
Agenda
Problem Definition
Background
PANA
MOBIKE
Conclusion
References
Yanos
Avanthi
Why Mobility Matters
Cell phones / PDAs
692 million cell phones shipped in 2004
1.7 billion subscribers by end of 2005
Streaming multimedia
Live TV
4G cellular networks being developed
Uses ALL-IP network architecture
Highly scalable
Critical in emergency conditions
4G Network
http://www.eeng.dcu.ie/~arul/4G.html
Problem Definition
No current security protocols is built around
mobility
New protocols must:
Keep session during handoffs
Allow integration between mobile networks
(802.11, cellular, etc)
Not dramatically increase packet size
Benchmarks
Computational intensity
Effect on throughput
Amount of overhead added to the packets
QoS
Packet Loss, Delay
Jitter
PANA
Protocol for carrying Authentication for
Network Access
PANA Goals
Network access authentication protocol
Client-server
Enables EAP to be transported over IP layer
Authentication is a function of the network layer
Link-layer independence
Terminology
PANA Client (PaC)
Authentication, Authorization and Accounting
Client (AAA)
PANA Authentication Agent (PAA)
Laptop, PDA, cell phone
Server for authenticating and authorizing PaCs
Checks AAA to verify PaC’s rights
Enforcement Point (EP)
Access controller to allow/deny client access
PANA Protocol
PANA Phases
PANA Discovery Process
Discovery and handshake phase
PAC discovers PAA in network
Handshake between PaC and PAA to begin PANA session
PANA Authentication Process
Authentication and
authorization phase
PaC and PAA establish PANA
connection
PaC/PAA derive AAA key for
each EP the PAA manages
PAA sends shared key to the
EPs
EPs configure filters so PaC
can connect
PANA Process
Access phase
Traffic between PaC and EP is encrypted using
shared key
Ping occasionally to test PANA session
Re-authentication phase
Before session expires, re-authenticate
PANA Termination Process
Termination phase
PAA notifies EPs that PaC not available
EPs remove filter
PANA Issues
PaC must be able to communicate with
network before being authenticated
AP must forward some traffic (ARP, DHCP, and
PANA) from unauthenticated clients
Use uncontrolled ports in 802.1X before
authentication
Use controlled ports in 802.1X after authentication
PANA does not address network selection by
itself
PANA Issues
PAAs must communicate with each other
Client roaming between PAAs
PANA not currently built to transfer sessions
Separation of EP and PAA
Requires communication between both
Not currently in PANA specification
Proposed Network Architecture
Proposed Network
Architecture
Wireless Clients
Guest Network (GN)
For unauthenticated clients
Uses unencrypted traffic
Isolated from all other networks
User Networks (UN)
For authenticated clients
Uses encrypted traffic
Multiple user networks for separating services
Proposed Network
Architecture
Management Network (MN)
Manages access point for managing entities
Isolated from all other networks
AAA server usually located in MN
Access Point
Connects clients to either GN or UN
Logical traffic separation between networks
Binds client’s MAC address to GN or UN
Cryptographic protection of UN traffic
Proposed Network
Architecture
PAA
Resides in GN to authenticate new guests
Connected to UNs to switch clients from GN to
UN
Connected to MN to securely communicate keys
and network identifiers for authenticated guests to
the AAA
Access Point Implementation
Wireless Module
Wired Module
eth0.3 connected to MN
eth0.0 connected to GN
Bridge
Sends/receives 802.11 frames
Encrypts/decrypts frames
using control module
Forwards frames between
wireless and wired interfaces
Authentication Module
Processes messages from
wlan0.0 and eth0.3
Access Point Database
Database used to maintain association state for
each wireless client
MAC address
Network ID
Key ID
Encryption key
AP Database Operation
Receiving
If MAC address is not entered, discard frame
If MAC exists but key does not, forward frame to GN
If MAC and key exist, forward frame to UN
Sending
If MAC address is not entered, discard frame
If MAC and key exist, encrypt frame with key and key ID
and send on wireless interface (from is from UN)
If MAC exists but key does not, send frame on wireless
interface without encryption (frame is from GN)
PANA Authentication Sequence
PANA Performance
Total delay: 12.01 sec
PANA protocol delay
Re-association delay
Beginning of PANA to beginning of disassociation
Beginning of disassociation to end of 4-way
handshake
Post-PANA DHCP delay
End of 4-way handshake to end of DHCP
PANA Performance
Last two delays can be reduced
If wireless client initiates association immediately
after disassociation, 2nd delay is reduced to 0.48 sec
3rd delay is reduced by initiating DHCP procedure
immediately after re-association
Normal DHCP procedure takes 0.34 sec
Total delay reducible to ~2.7 sec
Additional Work for PANA Network
Test network scalability and roaming
Wireless client implementation must be tuned
to improve system performance
Even more critical when client is roaming
Use of system for wired client authentication
Useful for home access routers
Conclusion
New architecture that uses PANA for
authentication of wireless clients
Provides network separation between AAA
clients and AP
New AP architecture
Delays can be greatly reduced
mobike
IKEv2 Mobility and Multihoming
MOBIKE
•
IKEv2
•
•
Problem:
•
•
The purpose of IKEv2 is to mutually authenticate two hosts,
establish one or more IPsec Security Associations (SAs) between
them, and subsequently manage these SAs.
There are scenarios where one or both of the IP addresses of
this pair may change during an IPsec session. In principle, the
IKE SA and all corresponding IPsec SAs could be re-established
after the IP address has changed.
Solution
•
Mobike provides an automatic mechanism which updates the IP
addresses associated with the IKE SA and the IPsec SAs.
Mobility Scenario
Multihoming Scenario
Focus of current design
Mobike focuses on the tunnel mode, everything going
inside the tunnel has to stay unaffected by the changes
in the tunnel header IP address i.e., the applications
running through the MOBIKE IPsec tunnel cannot
even detect the movement, their IP address etc stay
constant.
The MOBIKE focuses on what two peers need to
agree in IKEv2 level (like new message formats and
some aspects of their processing) for interoperability.
Operations of mobike
Inform the other peer about the peer address set
Inform the other peer about the preferred address
Test connectivity along a path and thereby to detect
an outage situation
Change the preferred address
Change the peer address set
Ability to deal with Network Address Translation
devices
Proposed mobike framework
Design Considerations
Choosing addresses
Inputs and triggers
Connectivity
Discovering connectivity
Decision making
NAT traversal
Constraints
Fundamental restrictions
Moving to behind NAT and back
Responder behind NAT
NAT prevention
Design Considerations (..contd)
Scope of SA changes
MOBIKE protocol decided to move all IPsec SAs implicitly when
the IKE SA address pair changes. If more granular handling of the
IPsec SA is required, then multiple IKE SAs can be created one for
each set of IPsec SAs needed.
Zero Address set functionality
There is no need to transmit IPsec data traffic. IPsec protected data
can be dropped which saves bandwidth. This does not provide a
functional benefit, i.e., nothing breaks if this feature is not
provided.
MOBIKE signaling messages are also ignored. The IKE-SA must
not be deleted and the suspend functionality (realized with the zero
address set) may require the IKE-SA to be tagged with a lifetime
value since the IKE-SA should not be kept in alive for an undefined
period of time.
Design Considerations (..contd)
Return routability test
The addresses a peer is using are part of a certificate. [RFC3554]
introduced this approach. If the other peer is, for example, a
security gateway with a limited set of fixed IP addresses, then the
security gateway may have a certificate with all the IP addresses
appear in the certificate.
A return routability check is performed by the remote peer before
the address is updated in that peer's Security Association Database.
This is done in order provide a certain degree of confidence to the
remote peer that local peer is reachable at the indicated address.
IPsec Tunnel or Transport Mode
Protocol Overview
Mobike Message Exchanges
Protocol detail issues
Indicating support for mobike
In order for MOBIKE to function, both peers must
implement the MOBIKE extension of IKEv2. If one or
none of the peers supports MOBIKE, then, whenever
an IP address changes, IKEv2 will have to be re-run in
order to create a new IKE SA and the respective IPsec
SAs. In MOBIKE, a peer needs to be confident that its
address change messages are understood by the other
peer. If these messages are not understood, it is possible
that connectivity between the peers is lost.
Protocol detail issues
Approaches used to recognize peers which support mobike:
Ensuring that a peer receives feedback on whether or not its
messages are understood by the other peer, is by using IKEv2
messaging for MOBIKE and to mark some messages as "critical".
According to the IKEv2 specification, such messages either have to
be understood by the receiver, or an error message has to be
returned to the sender.
Ensure receipt of the above-mentioned feedback is by using
Vendor ID payloads that are exchanged during the initial IKEv2
exchange. These payloads would then indicate whether or not a
given peer supports the MOBIKE protocol.
Use the Notify payload which is also used for NAT detection (via
NAT_DETECTION_SOURCE_IP and
NAT_DETECTION_DESTINATION_IP payloads)
Protocol detail issues
Path Testing and Window size
Complications:
As the IKEv2 has the window of outgoing messages, and the sender
is not allowed to violate that window (meaning, that if the window is
full, then he cannot send packets), it do cause some complications to
the path testing.
once the message is first time sent to the other end, it cannot be
modified in its future retransmissions. This makes it impossible to
know what packet actually reached first to the other end.
The current IKEv2 document says that if NAT-T is enabled the
node not behind NAT SHOULD detect if the IP-address changes
in the incoming authenticated packets, and update the remote peers
addresses accordingly. This works fine with the NAT-T, but it causes
some complications in the MOBIKE, as it needs an ability to probe
the another address pairs, without breaking the old one.
Protocol detail issues
Path Testing and Window size – Solutions:
To add completely new protocol that is outside the IKE SA message
id limitations (window code), outside identical retransmission
requirements, and outside the dynamic address updating of the
NAT-T.
To make the protocol so that it does not violate window restrictions
and does not require changing the packet is sent, and change the
dynamic address updating of NAT-T to MUST NOT in case
MOBIKE is used.
Message presentation
The IP address change notifications can be sent either via
an informational exchange already specified in the IKEv2,
or via a MOBIKE specific message exchange.
The format of the address update notifications. The
address update notifications can include multiple addresses,
of which some may be IPv4 and some IPv6 addresses.
MOBIKE decided to use IKEv2 NOTIFY payloads, and
put only one data item per notify, i.e. there will be one
NOTIFY payload for each item to be sent.
Updating address list
Because of the initiator decides, the initiator needs to know all the addresses used by
the responder. The responder needs also that list in case it happens move to the
address unknown by the initiator, and needs to send address update notify to the
initiator, and it might need to try different addresses for the initiator.
MOBIKE could send the full peer address list every time any of the IP addresses
changes (either addresses are added, removed, the order changes or the preferred
address is updated) or an incremental update.
MOBIKE decided to use protocol format, where both ends can send full list of their
addresses to the other end, and that list overwrites the previous list. To support NATT the IP-addresses of the received packet is added to the list (and they are not present
in the list).
Security Considerations
The main goals of MOBIKE are to maintain the security
offered by usual IKEv2 procedures and to counter mobilityrelated threats in an appropriate manner.
Traffic Redirection and Hijacking
MOBIKE payloads relating to updating addresses are encrypted,
integrity protected, and replay protected using the IKE_SA. This
assures that no one except the participants can, for instance, give a
control message to change the addresses.
IPsec Payload Protection
The use of IPsec protection on payload traffic protects the
participants against disclosure of the contents of the traffic, should
the traffic end up in an incorrect destination or be eavesdropped
along the way.
Security Considerations
Denial-of-Service Attacks Against Third Parties
Spoofing Network Connectivity Indications
Traffic redirection may be performed not just to gain access to the
traffic (not very interesting because it is encrypted) or to deny
service to the peers, but also to cause a denial-of-service attack for a
third party.
Attackers may spoof various indications from lower layers and the
network in an effort to confuse the peers about which addresses are
or are not working.
Address and Topology Disclosure
MOBIKE address updates & ADDITIONAL_IP4/6_ADDRESS
notifications reveal information about which networks the peers are
connected to.
Conclusions
MOBIKE also supports more complex scenarios where the
VPN gateway also has several network interfaces: these
interfaces could be connected to different networks or ISPs,
they may be a mix of IPv4 and IPv6 addresses, and the
addresses may change over time. Furthermore, both parties
could be VPN gateways relaying traffic for other parties.
The base version of the MOBIKE protocol does not cover
all potential future use scenarios, such as transport mode,
application to securing SCTP, or optimizations desirable in
specific circumstances.
References
Tanizawa et al, “A Wireless LAN Architecture Using PANA for Secure
Network Selection”, IEEE 2005.
Pagliusi et al, “PANA-GSM Authentication for Internet Access”, IEEE 2003.
D.Johnson, C. Perkins and J.Arkko, “Mobility Support in IPv6”, RFC 3775.
URL:http://www.ietf.org/rfc/rfc3775.txt
Arkko et al, “Using IPsec to Protect Mobile IPv6 Signaling Between Mobile
Nodes and Home Agents”, RFC 3776. URL:
http://www.ietf.org/rfc/rfc3776.txt
IKEv2 Mobility and Multihoming (mobike), IETF Working Groups.
URL:http://www1.ietf.org/proceedings_new/04nov/mobike.html
References
Jari Arkko, “Introduction to multihoming, address selection, failure detection, and
recovery”, IETF Proceedings.
URL:http://www1.ietf.org/proceedings_new/04nov/slides/mobike-1/sld1.htm
“Design of the MOBIKE protocol”, Internet Draft, draft-ietf-mobike-design00.txt , June 2004.
URL:http://www1.ietf.org/proceedings_new/04nov/IDs/draft-ietf-mobikedesign-00.txt
Internet Key Exchange (IKEv2) Protocol, Internet Draft, draft-ietf-ipsec-ikev217.txt, September 2004. URL:http://www.ietf.org/internet-drafts/draft-ietf-ipsecikev2-17.txt
IKEv2 Mobility and Multihoming Protocol (MOBIKE), Internet Draft, draft-ietfmobike-protocol-02.txt, September 2005. URL:http://www.ietf.org/internetdrafts/draft-ietf-mobike-protocol-02.txt
References
Tanizawa et al, “A Wireless LAN Architecture Using PANA for Secure
Network Selection”, IEEE 2005.
Pagliusi et al, “PANA-GSM Authentication for Internet Access”, IEEE
2003.
D.Johnson, C. Perkins and J.Arkko, “Mobility Support in IPv6”, RFC
3775. URL:http://www.ietf.org/rfc/rfc3775.txt
Arkko et al, “Using IPsec to Protect Mobile IPv6 Signaling Between
Mobile Nodes and Home Agents”, RFC 3776. URL:
http://www.ietf.org/rfc/rfc3776.txt
IKEv2 Mobility and Multihoming (mobike), IETF Working Groups.
URL:http://www1.ietf.org/proceedings_new/04nov/mobike.html
References
Jari Arkko, “Introduction to multihoming, address selection, failure
detection, and recovery”, IETF Proceedings.
URL:http://www1.ietf.org/proceedings_new/04nov/slides/mobike1/sld1.htm
“Design of the MOBIKE protocol”, Internet Draft, draft-ietf-mobikedesign-00.txt , June 2004.
URL:http://www1.ietf.org/proceedings_new/04nov/IDs/draft-ietf-mobikedesign-00.txt
Internet Key Exchange (IKEv2) Protocol, Internet Draft, draft-ietf-ipsecikev2-17.txt, September 2004. URL:http://www.ietf.org/internetdrafts/draft-ietf-ipsec-ikev2-17.txt
IKEv2 Mobility and Multihoming Protocol (MOBIKE), Internet Draft,
draft-ietf-mobike-protocol-02.txt, September 2005.
URL:http://www.ietf.org/internet-drafts/draft-ietf-mobike-protocol-02.txt