Module 3: Computer Networks

Lecture 11

Ethernet Centric Embedded Software

Development Course

1
 OUTLINE

• Internetworking and Internet Protocols

• IP Security Overview
• IP Security Architecture
• Authentication Header
• Encapsulating Security Payload
• Combinations of Security Associations
• Key Management

2
 IP SECURITY
 The IP security (IPSec) is an Internet Engineering Task
Force (IETF) standard suite of protocols between 2
communication points across the IP network

 It provides data authentication, integrity, and

confidentiality

 It defines the encrypted, decrypted and authenticated

packets

 The protocols needed for secure key exchange and key

management are defined in it

3
 USES OF IP SECURITY
•To encrypt application layer data.

•To provide security for routers sending routing data

across the public internet.

•To provide authentication without encryption, like to

authenticate that the data originates from a known
sender.

•To protect network data by setting up circuits using IPsec

tunneling in which all data is being sent between the two
endpoints is encrypted, as with a Virtual Private Network
(VPN) connection.

4
TCP/IP EXAMPLE

5
IPv4 HEADER

6
IPv6 HEADER

7
 IP SECURITY OVERVIEW
• IPSec is not a single protocol.
• Instead, IPSec provides a set of security algorithms
plus a general framework that allows a pair of
communicating entities to use whichever algorithms to
provide security appropriate for the communication.

• Applications of IPSec
– Secure branch office connectivity over the Internet
– Secure remote access over the Internet
– Establishing intranet connectivity with partners
– Enhancing electronic commerce security

8
IP SECURITY SCENARIO

9
 IP SECURITY OVERVIEW

• Benefits of IPSec
• Transparent to applications below transport layer (TCP, UDP)
• Provide security for individual users

• IPSec can assure that:

• A router or neighbor advertisement comes from an authorized
router
• A redirect message comes from the router to which the initial
packet was sent
• A routing update is not forged

10
 IP SECURITY DOCUMENTS
• IPSec documents: NEW updates in 2005!
• RFC 2401: Security Architecture for the Internet Protocol. S. Kent, R.
Atkinson. November 1998. (An overview of security architecture)  RFC 4301
(12/2005)
• RFC 2402: IP Authentication Header. S. Kent, R. Atkinson. November 1998.
(Description of a packet encryption extension to IPv4 and IPv6)  RFC 4302
(12/2005)
• RFC 2406: IP Encapsulating Security Payload (ESP). S. Kent, R. Atkinson.
November 1998. (Description of a packet emcryption extension to IPv4 and
IPv6)  RFC 4303 (12/2005)
• RFC2407 The Internet IP Security Domain of Interpretation for ISAKMP D.
Piper. November 1998. PROPOSED STANDARD. (Obsoleted by RFC4306)
• RFC 2408: Internet Security Association and Key Management Protocol
(ISAKMP). D. Maughan, M. Schertler, M. Schneider, J. Turner. November
1998. (Specification of key managament capabilities) (Obsoleted by RFC4306)
• RFC2409 The Internet Key Exchange (IKE) D. Harkins, D. Carrel. November
1998. PROPOSED STANDARD. (Obsoleted by RFC4306, Updated by
RFC4109) 

11
IP SECURITY DOCUMENT OVERVIEW

DOI (Domain of
Interpretation): DOI
is the identifier that
supports both AH
and ESP protocols.
It contains values
needed for
documentation
related to each
other. 

12
 IP SECURITY SERVICES

• Access Control
• Connectionless integrity
• Data origin authentication
• Rejection of replayed packets
• Confidentiality (encryption)
• Limited traffic flow confidentiallity

13
 SECURITY ASSOCIATIONS (SA)

• A set of policy and key(s) used to protect information in an

association
• Examples: ESP, AH, IKE

“IKE performs mutual authentication between two parties

and establishes an IKE Security Association (SA) that
includes shared secret information that can be used to
efficiently establish SAs for Encapsulating Security
Payload (ESP) or Authentication Header (AH) and a set
of cryptographic algorithms to be used by the SAs to
protect the traffic that they carry.” – (RFC 7296)

• Multiple SAs are often combined to achieve goals.

14
 IP SECURITY ARCHITECTURE
• Internet Key Exchange (IKE)
A method for establishing a security association (SA) that
authenticates users, negotiates the encryption method
and exchanges the secret key. IKE is used in the IPsec
protocol. Derived from the ISAKMP framework for key
exchange and the Oakley and SKEME key exchange
techniques, IKE uses public key cryptography to provide the
secure transmission of the secret key to the recipient so that
the encrypted data may be decrypted at the other end.

• RFC4306 Internet Key Exchange (IKEv2) Protocol C.

Kaufman, Ed. December 2005 (Obsoletes RFC2407, RFC2408,
RFC2409) PROPOSED STANDARD
• RFC4109 Algorithms for Internet Key Exchange version 1
(IKEv1) P. Hoffman. May 2005 (Updates RFC2409) PROPOSED
STANDARD

15
 SECURITY ASSOCIATION (SA)

Transport Mode SA Tunnel Mode SA

AH Authenticates IP Authenticates entire
payload and selected inner IP packet plus
portions of IP header selected portions of
and IPv6 extension outer IP header
headers
ESP Encrypts IP payload Encrypts inner IP
and any IPv6 extesion packet
header
ESP with Encrypts IP payload Encrypts inner IP
authentication and any IPv6 extesion packet.
header. Authenticates Authenticates inner IP
IP payload but no IP packet.
header

16
BEFORE APPLYING AH

17
TRANSPORT MODE: AH AUTHENTICATION

18
TUNNEL MODE: AH AUTHENTICATION

19
 SECURITY ASSOCIATION (SA)

 A one way relationship between a sender and a

receiver.
 Identified by three parameters:
 Security Parameter Index (SPI)
 IP Destination address
 Security Protocol Identifier

20
 AUTHENTICATION HEADER

• Provides support for data integrity and authentication

(MAC code) of IP packets.
• Guards against replay attacks.

21
END TO END VS END TO INTERMEDIATE AUTHENTICATION

22
 ENCAPSULATION SECURITY PAYLOAD
• ESP provides confidentiality services

23
ENCRYPTION AND AUTHENTICATION ALGORITHMS

• Encryption:
• Three-key triple DES
• RC5
• IDEA
• Three-key triple IDEA
• CAST
• Blowfish

• Authentication:
• HMAC-MD5-96
• HMAC-SHA-1-96

24
ESP ENCRYPTION AND AUTHENTICATION

25
ESP ENCRYPTION AND AUTHENTICATION

26
COMBINATIONS OF SECURITY ASSOCIATIONS

27
COMBINATIONS OF SECURITY ASSOCIATIONS

28
COMBINATIONS OF SECURITY ASSOCIATIONS

29
COMBINATIONS OF SECURITY ASSOCIATIONS

30
 KEY MANAGEMENT

• Two types:
• Manual
Problem: poor scalability
• Automated
• Internet Key Exchange, IKE

31
 EVOLUTION OF IKE

• IKEv1 was defined in RFCs 2407 [DOI], 2408 [ISAKMP],

and 2409 [IKEV1].
Internet Security Association and Key Management
Protocol (ISAKMP)
+ Key Determination Protocols (Oakley, SKEME)
• IKEv2 (RFC 4306) replaced all of those RFCs in IKEv1, and
was clarified in [Clarif] (RFC 4718).
• RFC 5996 replaced and updated RFCs 4306 and 4718.
Note: IKEv2 as stated in RFC 4306 was a change to the
IKE protocol that was not backward compatible. RFC
5996 revised RFC 4306 to provide a clarification of
IKEv2, making minimal changes to the IKEv2 protocol.
• RFC 7296 replaces RFC 5996.
32
 OAKLEY

 The Oakley Key Determination Protocol is a key-agreement

protocol that allows authenticated parties to exchange keying
material across an insecure connection using the Diffie–Hellman
key exchange algorithm

 Secret keys are created only when needed

 There is no need to store secret keys for a long period of time,

exposing them to increased vulnerability

 The exchange requires no pre-existing infrastructure other than

an agreement on the global parameters

33
 OAKLEY
Diffie-Hellman Algorithm has some weaknesses:

 No identity information about the parties is provided

 It is possible for a man-in-the-middle attack

 It is computationally intensive. As a result, it is vulnerable to a

clogging attack, in which an opponent requests a high number of
keys.

 Three authentication methods:

 Digital signatures
 Public-key encryption
 Symmetric-key encryption (Preshare key)

34
 DIFFERENCE BETWEEN IPSEC & SSL
IPSec SSL

Internet protocol security (IPsec) is a set of

SSL is a secure protocol developed for
protocols that provide security for Internet
sending information securely over the Internet.
Protocol.

It Work in Between the transport layer and

It Work in Internet Layer of the OSI model.
application layer of the OSI model.

Configuration of IPsec is Complex Configuration of SSL is Comparatively Simple

IPsec is used to secure a Virtual Private

SSL is used to secure web transactions.
Network.

Installation process is Vendor Non-Specific Installation process is Vendor Specific

Changes are required to OS for No changes are required to OS for

implementation. NO Changes are required to implementation but Changes are required to
the application application

IPsec resides in the system space for

SSL resides in user space
operating

IPsec has a pre-shared key. SSL does not have a pre-shared Key.
35
 Thank You

Ethernet Centric Embedded Software

Development Course

36