Transcript Document
Network and Transport Security
Learning outcomes
By the end of this session, you should be able
to:
• Describe the main applications of IPSec, SSL
and SET
• To explain the operation of IPSec, SSL and
SET
• Relate the security mechanisms of IPSec,
SSL and SET as solutions to specific security
attacks
• Decide, given a scenario, which security
protocols should be used
Dr Alejandra Flores-Mosri
Internet Management & Security 06
Network and Transport Security
IP Security Overview
Applications of IPSec:
– Secure branch office connectivity over the
Internet
– Secure remote access over the Internet
– Establishing extranet and intranet
connectivity with partners
– Enhancing electronic commerce security
Dr Alejandra Flores-Mosri
Internet Management & Security 06
Network and Transport Security
Dr Alejandra Flores-Mosri
IP Security Scenario
Internet Management & Security 06
Network and Transport Security
Security Associations (SA)
• A one way relationship between a
sender and a receiver.
• Uniquely identified by three parameters:
– Security Parameter Index (SPI)
– IP Destination address
– Security Protocol Identifier
• Security services are provided by
extensions to IP headers.
Dr Alejandra Flores-Mosri
Internet Management & Security 06
Network and Transport Security
SA Modes
Transport Mode:
In Transport Mode IPSec, protection is provided for the payload of an
IP packet. Encapsulating Security Payload (ESP) in transport mode
encrypts and optionally authenticates the IP payload but not the IP
header. Authentication Header (AH) in transport mode authenticates
the IP payload and selected fields of the IP header.
Tunnel Mode:
In Tunnel Mode IPSec, the entire IP packet is protected. The ESP and
AH fields are added to the IP packet, and the entire IP packet together
with security fields are placed as payload into a new IP packet with a
new IP header. The original IP packet travels through a tunnel from one
point in IP network to another without being examined by routers on the
path.
Dr Alejandra Flores-Mosri
Internet Management & Security 06
Network and Transport Security
SA Modes Transport Mode
IPSec Protocols
SA
Tunnel Mode
SA
AH Protocol
(Authentication
Header)
Authenticates IP
payload and selected
portions of IP header
and IPv6 extension
headers
Authenticates entire
inner IP packet plus
selected portions of
outer IP header
ESP Protocol
(Encapsulating
Security Payload)
Encrypts IP payload
and any IPv6 extesion
header
Encrypts inner IP
packet
ESP with
authentication
Encrypts IP payload
and any IPv6 extesion
header. Authenticates
IP payload but no IP
header
Encrypts inner IP
packet.
Authenticates inner
IP packet.
Dr Alejandra Flores-Mosri
Internet Management & Security 06
Network and Transport Security
Authentication Header (AH)
Before applying AH:
Dr Alejandra Flores-Mosri
Internet Management & Security 06
Network and Transport Security
Authentication Header (AH)
Transport Mode AH:
Dr Alejandra Flores-Mosri
Internet Management & Security 06
Network and Transport Security
Authentication Header (AH)
Tunnel Mode AH:
Dr Alejandra Flores-Mosri
Internet Management & Security 06
Network and Transport Security
Authentication Header (AH)
• Provides support for data integrity and authentication
(MAC code) of IP packets.
• Guards against replay attacks.
Dr Alejandra Flores-Mosri
Internet Management & Security 06
Network and Transport Security
Dr Alejandra Flores-Mosri
End-to-end versus End-to-Intermediate
Authentication
Internet Management & Security 06
Network and Transport Security
Encapsulating Security Payload (ESP)
• ESP provides confidentiality (and optionally
authentication) services.
• Authentication (when provided) is for IP payload only.
Dr Alejandra Flores-Mosri
Internet Management & Security 06
Network and Transport Security
Dr Alejandra Flores-Mosri
ESP Encryption and Authentication
Internet Management & Security 06
Network and Transport Security
Dr Alejandra Flores-Mosri
ESP Encryption and Authentication
Internet Management & Security 06
Network and Transport Security
IPSec Key Management
•Key management is completely independent of Security
Associations.
•Both manual and automated key exchange are possible in
IPSec.
•Automated key exchange is defined by the Oakley algorithm,
which is based on Diffie-Hellman algorithm.
•Oakley algorithm relies on the existence of each party already
having certified public and keys !
•ISAKMP (Internet Security Association Key Management
Protocol) defines messages to be sent during key exchange.
Dr Alejandra Flores-Mosri
Internet Management & Security 06
Network and Transport Security
SSL and TLS
• SSL was originated by Netscape
• TLS working group was formed
within IETF
• First version of TLS can be viewed
as an SSLv3.1
Dr Alejandra Flores-Mosri
Internet Management & Security 06
Network and Transport Security
SSL Architecture
The applications that use SSL. HTTP is not the only
one, but a typical one.
Deals with
management of
SSL exchanges.
Dr Alejandra Flores-Mosri
Internet Management & Security 06
Network and Transport Security
SSL Architecture
•A SSL session is an association between a client and a server.
Sessions are created by the Handshake Protocol. Sessions define a
set of cryptographic parameters.
•SSL connections have much shorter lifetimes than SSL sessions.
Many SSL connections can share one SSL session.
SSL session parameters:
Session identifier
Peer certificate
Compression Method
Cipher spec (selected encryption and
MAC algorithms)
Master secret
“Is resumable?” flag
Dr Alejandra Flores-Mosri
SSL connection parameters:
Server and client random
Server and client write MAC secrets
Server and client write keys
Initialisation vectors
Sequence numbers
Internet Management & Security 06
Network and Transport Security
SSL Record Protocol Operation
optional
Sequence number is used while
computing the MAC !!
Dr Alejandra Flores-Mosri
Internet Management & Security 06
Network and Transport Security
Dr Alejandra Flores-Mosri
SSL Record Format
Internet Management & Security 06
Network and Transport Security
SSL Record Protocol Payload
Dr Alejandra Flores-Mosri
Internet Management & Security 06
Network and Transport Security
Handshake Protocol
• The most complex part of SSL.
• Allows the server and client to
authenticate each other.
• Negotiate encryption, MAC algorithms
and cryptographic keys.
• Used before any application data are
transmitted.
Dr Alejandra Flores-Mosri
Internet Management & Security 06
Network and Transport Security
Handshake Protocol Action
Definitions of these phases
are different for different
public-key encryption
algorithms.
Change_cipher_spec is a
different protocol than
Handshake. This phase may
take place some time after
the first three phases.
Dr Alejandra Flores-Mosri
Internet Management & Security 06
Network and Transport Security
Secure Electronic Transaction (SET)
• An open encryption and security specification
• Protect credit card transaction on the Internet
• Companies involved:
– MasterCard, Visa, IBM, Microsoft, Netscape,
RSA, Terisa and Verisign
• Not a payment system
• Set of security protocols and formats
Dr Alejandra Flores-Mosri
Internet Management & Security 06
Network and Transport Security
SET Services
• Provides a secure
communication channel in a
transaction.
• Provides trust by the use of
X.509v3 digital certificates.
• Ensures privacy. (Does it ??)
Dr Alejandra Flores-Mosri
Internet Management & Security 06
Network and Transport Security
SET Overview
• Key Features of SET:
– Confidentiality of information
– Integrity of data
– Cardholder account authentication
– Merchant authentication
Dr Alejandra Flores-Mosri
Internet Management & Security 06
Network and Transport Security
Dr Alejandra Flores-Mosri
SET Participants
Internet Management & Security 06
Network and Transport Security
Sequence of events for transactions
1.
2.
3.
4.
5.
6.
7.
The customer opens an account.
The customer receives a certificate.
Merchants have their own certificates.
The customer places an order.
The merchant is verified.
The order and payment are sent.
The merchant request payment
authorization.
8. The merchant confirm the order.
9. The merchant provides the goods or
service.
10. The merchant requests payments.
Dr Alejandra Flores-Mosri
Internet Management & Security 06
Network and Transport Security
Recommended Reading
• William Stallings, ”Network Security Essentials”,
Chapters 6 and 7 and the RFCs metioned in these
chapters.
• http://www.ietf.org/rfc.html (to find any RFC)
• www.verisign.co.uk for SSL certificates
• Drew, G. Using SET for Secure Electronic
Commerce. Prentice Hall, 1999
• Garfinkel, S., and Spafford, G. Web Security &
Commerce. O’Reilly and Associates, 1997
• http://www.mastercardintl.com/newtechnology/set/
Dr Alejandra Flores-Mosri
Internet Management & Security 06