Chapter 20: IP Security
IPsec - a protocol suite that secures IP communications through authentication, encryption, and key management; supports IPv4 and IPv6.
Applications:
Secure branch office connectivity.
Secure remote access for employees/telecommuters.
Extranet/intranet partnerships.
Enhancing e-commerce security.
Key Features:
Encrypts/authenticates all IP-level traffic.
Transparent to end users and applications.
Protects routing architecture and communications.
Benefits:
Unified security through firewalls/routers.
Resistance to bypass and scalable to organizational needs.
Transport Mode: Secures the payload of IP packets (e.g., between two hosts).
Tunnel Mode: Secures the entire IP packet for scenarios like VPNs.
IP Security Policy Key Concepts:
1. Security Associations (SAs): A one-way logical connection that provides security services (e.g., authentication, confidentiality) to the traffic it carries; Logical separation between different flows of traffic, enabling selective application of security services; SAs support either transport or tunnel mode; 2 SAs are required for bidirectional communication between two entities.
Uniquely Identified By:
Security Parameters Index (SPI):
A 32-bit unique identifier assigned to each SA.
Carried in the header of AH or ESP to help the receiver identify the associated SA.
IP Destination Address:
Specifies the endpoint of the SA, such as a firewall, router, or host system.
Security Protocol Identifier:
Indicates the protocol used for the SA (e.g., AH, ESP).
2. Security Association Database (SAD): A database maintained by the system, containing parameters for active SAs. Each entry in the SAD represents a single SA.
Key Parameters in Each SAD Entry:
SPI:
A unique value assigned by the receiving end of an SA to identify the incoming packet.
Sequence Number Counter:
Tracks the sequence number used in the SA, helping detect replayed packets.
Anti-Replay Window:
Stores information about received packets to reject duplicates within a predefined window size (default is 64 packets).
Authentication Information:
Includes algorithms, keys, and lifetimes used for integrity checks (if AH is active).
Encryption Information:
Includes algorithms, keys, and initialization vectors used for confidentiality (if ESP is active).
Lifetime of the SA:
Specifies how long the SA remains valid, measured either in time or the number of bytes processed.
Path MTU (Maximum Transmission Unit):
Tracks the maximum packet size that can be transmitted without fragmentation.
IPsec Protocol Mode:
Specifies whether transport, tunnel, or a wildcard mode is used.
Purpose:
Provides the necessary parameters to process and protect IP traffic for a specific SA.
3. Security Policy Database (SPD): A filtering database that specifies the security policies for outbound and inbound IP traffic.
Key Elements in Each SPD Entry:
Selectors:
Define the subset of traffic that the SPD entry applies to, using fields like:
Remote and local IP addresses (ranges or wildcards supported).
Next-layer protocol (e.g., TCP, UDP, ICMP).
Remote and local ports (single, multiple, or wildcard values).
Policy Action:
Specifies how to handle traffic:
DISCARD: Drop the packet.
BYPASS: Allow the packet without IPsec processing.
PROTECT: Apply IPsec processing (authentication/encryption) using the corresponding SA.
Purpose:
Maps traffic to applicable SAs based on selectors.
Ensures that only authorized traffic is protected or bypassed, according to security policies.
Processing Flow
1. Outbound Packets
Match SPD Entry:
Check SPD for a matching entry based on packet attributes (e.g., IP addresses, protocol, port).
Apply Policy:
If DISCARD, drop the packet.
If BYPASS, forward the packet without IPsec processing.
If PROTECT, proceed to the SAD to find a matching SA.
Process Packet:
If no SA exists in the SAD:
Invoke Internet Key Exchange (IKE) to establish an SA.
Apply security mechanisms (e.g., encryption/authentication) and forward the packet.
2. Inbound Packets
IPsec Header Check:
Determine whether the packet contains AH or ESP headers or is unprotected.
Match SPD Entry:
If unprotected, match with the SPD entry to decide whether to BYPASS or DISCARD the packet.
Match SAD Entry:
If protected, check the SPI in the AH or ESP header to find a matching entry in the SAD.
If no match, discard the packet.
Process Packet:
Apply decryption/authentication based on the SAD parameters.
Pass the decrypted/authenticated packet to the next higher layer (TCP, UDP).
Encapsulating Security Payload (ESP)
ESP Services:
Encryption for confidentiality.
Data origin authentication.
Connectionless integrity.
Replay attack protection.
Packet Structure: Fields include Security Parameters Index (SPI), sequence number, payload data, padding, and optional integrity check value (ICV).
2 Modes:
1) Transport Mode: Encrypts payload; IP header is left unprotected.
2) Tunnel Mode: Encrypts entire packet; encapsulated with a new IP header.
Encryption: Provides confidentiality by converting plaintext data into unreadable ciphertext.
Algorithms:
AES (Advanced Encryption Standard):
Symmetric encryption.
Operates in block modes like CBC (Cipher Block Chaining).
Key lengths: 128, 192, or 256 bits.
3DES (Triple DES):
Symmetric encryption.
Applies DES encryption three times for higher security.
Slower compared to AES.
Authenticated Encryption with GCM (Galois/Counter Mode):
Combines encryption and authentication for better performance.
Commonly used in modern IPsec implementations.
AuthenticationEnsures data integrity and origin authenticity.
Algorithms:
HMAC-SHA:
Combines a cryptographic hash (SHA-1, SHA-2) with a secret key.
Generates a secure message authentication code.
CMAC (Cipher-based MAC):
A block cipher-based algorithm providing authentication.
Often used with AES.
Padding: Ensures data aligns with encryption block sizes; maintains security by hiding actual data lengths.
How It Works:
Adds bytes of padding to meet the block size required by the encryption algorithm.
Includes a padding length field to indicate how many bytes were added.
Example: For AES with a block size of 128 bits (16 bytes), a packet of 14 bytes will need 2 bytes of padding.
Anti-Replay Service: Prevents attackers from capturing and re-sending packets to disrupt or manipulate communications.
How It Works:
Sequence Numbers:
Each packet has a unique sequence number within the Security Association (SA).
If a sequence number repeats or falls outside the anti-replay window (default size is 64 packets), the packet is discarded.
Sliding Window Mechanism:
The receiver tracks recently received packets within a moving range.
Old or duplicate packets outside the window are rejected.
Transport Mode: Provides end-to-end protection between two hosts.
How It Works:
Encrypts the IP packet payload (e.g., TCP or UDP segments).
Leaves the IP header intact for routing.
Use Case: Secure communication between two endpoints without intermediary network protection.
Tunnel Mode: Provides protection for entire IP packets, often used for Virtual Private Networks (VPNs).
How It Works:
Encapsulates the entire original IP packet (header + payload) inside a new IP packet.
A new IP header is added for routing.
Use Case: Protects communication between gateways or between a host and a gateway (e.g., external users accessing internal networks securely).
Visual Guide Summary
Encryption and Authentication Algorithms:
Flow of plaintext → encryption → ciphertext → authentication.
Algorithms like AES and HMAC-SHA highlighted.
Padding:
Packet with added padding bytes and padding length field.
Alignment to encryption block size.
Anti-Replay Service:
Timeline showing packet sequence numbers within a sliding window.
Marked valid packets, rejected duplicates outside the window.
Transport vs. Tunnel Mode:
Transport: Original IP header + encrypted payload.
Tunnel: New IP header + encrypted original packet (header + payload).
Why Combining Security Associations?
- To provide multiple layers of protection like authentication and confidentiality.
- Combines Authentication Header (AH) and ESP.
Methods:
Transport Adjacency: Uses multiple protocols sequentially without tunneling.
Iterated Tunneling: Layers multiple tunnel SAs for added security between endpoints.
Scenarios:
Host-to-host (end-to-end encryption/authentication).
Gateway-to-gateway (e.g., VPN).
Mixed modes (host to gateway or gateway to gateway).
Internet Key Exchange (IKE) - Automates key management and SA setup for secure communications.
Key Features:
- Diffie–Hellman: Used for secure session key generation.
- Cookies: Thwart denial-of-service attacks by validating participants.
- Nonces: Protect against replay attacks.
IKEv2 Process:
- Initial exchanges:
1. Negotiate cryptographic algorithms and keys.
2. Establish an initial secure channel (IKE SA).
- Follow-up exchanges:
→ Establish additional SAs for traffic.
→ Handle informational updates (e.g., error notifications).
Cryptographic Suites
Supported Algorithms:
Encryption: AES (VPN-B), 3DES (VPN-A).
Authentication: HMAC-SHA, CMAC.
Key Exchange: Diffie–Hellman groups with modular exponentiation or elliptic curves.
Suite Examples:
VPN-A: Legacy corporate VPNs.
VPN-B: Stronger encryption for modern applications.
Key Takeaways and Problem Solving
IPsec enhances security across various applications by integrating seamlessly with existing networks.
Efficient policy management through SAD and SPD ensures granular control over traffic processing.
Modes (transport/tunnel) offer flexibility for end-to-end or gateway-centric implementations.
Integration of cryptographic protocols like ESP and IKE ensures data integrity and confidentiality.