Notes12:1IPSECandVPNs - echadbourne/NET-330 GitHub Wiki
TCP/IP Security
How can we protect data and/or packets?
-
TLS/SSL
- Transport Layer Security (TLS)/Secure Sockets Layer
- Layer 5+ protection
- Widely used to protect the data portion of TCP/IP communications
- Protects against eavesdropping (confidentiality) and data payload tampering (integrity)
- Offers certificate-based protection against spoofing (authentication)
-
IPSEC
- Internet Protocol Security
- Layer 3 (network layer) protection
- Widely used to secure communications on Virtual Private Networks (VPN)
- Can protect against eavesdropping, tampering, and spoofing
IPSEC Security
- Network Layer (Layer 3) Protocol Suite
- First IETF version in 1995
- Completely transparent applications/higher layers
- Can be implemented host to host, host to firewall/concentrator, or firewall/concentrator to firewall/concentrator (aka site-to-site)
- Really a framework of protocols and algorithms
- Implementation depends on what both sides agree upon
- A lot of configuration options per connection
IPSEC Concepts
Two main wire-level protocols:
- AH (Authentication Header): Authentication, Integrity, and Non-repudiation
- ESP (Encapsulating Security Payload): Confidentiality plus authentication, integrity, and non-repudiation
- Typically one or the other (possible to use together)
Two modes: both supported by AH and ESP
- Transport: Only the payload of IP is encrypted and/or authenticated. IP header not modified
- Tunnel: The entire IP packet is encrypted and/or authenticated. Encapsulated into a new IP packet with new header
Security Association (SA)
- All of the parameters needed for an IPsec session (modes, algorithms, keys, etc...)
- Both sides must agree on the SA for secure communication to work
AH and ESP
Authentication Header
- Header added to IP packet
- Includes:
- Security Parameters Index (SPI): 32 bit identifier to tell recipient which IPSEC "Conversation" this packet belongs
- Integrity Check Value (ICV): The output (aka Message Digest) from a hash function (MD5, SHA2...) Performed on the IP packet
Encapsulating Security Payload (ESP)
- Uses agreed upon encryption alrogithm and keys to encrypt payload
- Transport Mode encrypts layer 4-7 of original packet
- Tunnel mode encrypts layer 3-7 of original packet
- Authentication is optional
- Uses ICV just like AH
The IPSEC matrix
Headers in different modes
Security Associations
- The set of algorithms and keys used to encrypt and/or authenticate one direction of a flow
- Therefore, normal bi-direction traffic requires a pair of SA's in the Security Association Database (SADB)
- Security Parameter Index (SPI) is an SA's 32-bit index in the SADB
- The SPI plus the destination IP uniquely identified the SA for a packet
And ISAKMP
Internet Key Exchange (IKE) - the set of protocols used to up a Security Association
Internet Security Association and Key Management Protocol - the negotiation protcol that lets two hosts agree on how to build an IPsec Security Association (SA)
IKE uses ISAKMP to set up the SA for IPSEC to use
IKE creates the cryptographic keys used to authenticate peers
ISAKMP separates negotiation into two phases
- Phase 1: Main Mode
- Creates a secure channel for IKE to exchange SA key material
- Phase 2: Quick Mode
- Uses the first channel to exchange key material
- Creates the tunnel and protects the actual data
Today...
- AH rarely used
- Popular with site-to-site vpns
TLS and IPSEC
TLS
- As it works with layer 5+ much easier from a networking perspective
- As it works with layer 5+ applications must be coded to support it
- Great for securing services with many dynamic clients
- Works better with Network Address Translation (NAT)
IPSEC
- Secures all IP flows between the two endpoints
- As it works at layer 3 no application coding required
- As it works at layer 3 network must be configured to support it
- Great for securing VPNs