Multilayer Security Architecture for Internet Protocols
Upcoming SlideShare
Loading in...5
×
 

Multilayer Security Architecture for Internet Protocols

on

  • 485 views

A New Security Architecture build on IPsec for IP based networks.

A New Security Architecture build on IPsec for IP based networks.

Statistics

Views

Total Views
485
Views on SlideShare
458
Embed Views
27

Actions

Likes
1
Downloads
18
Comments
0

4 Embeds 27

http://securitymaloomat.blogspot.co.uk 17
http://mnmbhutta.blogspot.co.uk 6
http://securitymaloomat.blogspot.com 2
http://mnmbhutta.blogspot.com 2

Accessibility

Categories

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

Multilayer Security Architecture for Internet Protocols Multilayer Security Architecture for Internet Protocols Presentation Transcript

  • Multilayer Security Architecture for Internet Protocol (ML-IPSec) 1 October, 2010 Muhammad Nasir Mumtaz Bhutta Centre for Communication Systems Research University of Surrey Guildford, Surrey GU2 7XH Email: m.bhutta@surrey.ac.uk, Tel: 01483 68 3036 www.surrey.ac.uk
  • Objectives • Demonstrate “Security Architecture for Internet Protocol” (IPSec) protection model. • Highlight the limitations of IPSec. • Demonstrate the working or ML-IPSec. • Demonstrate the detailed experiment plans.2 www.ee.surrey.ac.uk/CCSR
  • Introduction • Security Architecture for Internet Protocol (IPSec) provides security services at IP layer in protocol stack. • All upper layers than IP layer can get security services without reengineering the applications. • IPSec operates in two modes, tunnel and transport, to secure path(s) between communicating nodes.3 www.ee.surrey.ac.uk/CCSR
  • Path(s) Security • Between Pairs of Gateways – Gateways need to implement IPSec. – Works in Tunnel Mode (complete IP packet is protected & new IP header is appended). – Different source and destination addresses in dual IP headers. Un Protected Subnet Protected Subnet Protected Subnet IPSec Tunnel Tunnel Endpoint Tunnel Endpoint Gateway Gateway4 www.ee.surrey.ac.uk/CCSR
  • Path(s) Security • Between Pair of Hosts – End nodes need to implement IPSec. – Works in Transport Mode (Upper layers headers and IP data are protected). – IP addresses are unchanged. Un Protected Subnet IPSec Tunnel OR Transport mode Protected Endpoint Protected Endpoint5 www.ee.surrey.ac.uk/CCSR
  • Path(s) Security • Between Host and Gateway – Both end hosts and gateways implement IPSec. – Usually works in tunnel mode to take benefits of hiding external characteristics of communication. Protected Subnet Un Protected Subnet AND/OR IPSec Tunnel Internet Protected Endpoint Protected Endpoint6 www.ee.surrey.ac.uk/CCSR
  • Security Goals • Access Control – Prevent unauthorized access to resources. • Connectionless Integrity – Check any modifications in IP datagram without caring about the arrival order of IP datagrams. • Origin Authentication – Identify claimed source of data.7 www.ee.surrey.ac.uk/CCSR
  • Security Goals (continued..) • Partial Sequence Integrity – Check for duplicate packets (Replay attacks). • Data Confidentiality – Protect against disclosure of data to unauthorized entities. • Limited Traffic Flow Confidentiality – Protect external characteristics of communications (e.g. source and destination addresses etc.).8 www.ee.surrey.ac.uk/CCSR
  • Major IPSec Components • Security Policies – Provides rules for user access and control level. • Security Protocols – Authentication Header (AH) • Provides origin authentication, connectionless integrity and optional partial sequence integrity. – Encapsulating Security Payload (ESP) • Provides all services provided by AH, data confidentiality and limited traffic flow confidentiality as well.9 www.ee.surrey.ac.uk/CCSR
  • Major IPSec Components (continued..) • Cryptographic Algorithms – Helps to achieve integrity and confidentiality. • Key Management – All security operations are provided by cryptographic means, so keys are required. – Internet Key Exchange (IKE v2) is used to provide key management.10 www.ee.surrey.ac.uk/CCSR
  • Assumptions • To achieve high quality of security services, certain assumptions need to be met: – Good implementation of IPSec. – Security is dependent on many things in over all system (e.g. personnel & physical procedures, security policies etc.), so IPSec just play its role as a part. – Good Implementation of Operating System (OS) security services.11 www.ee.surrey.ac.uk/CCSR
  • IPSec Components to Help in Achieving Security Goals • Security Association (SA) – SA is a one way traffic secure connection between communicating parties. – For Bidirectional communication, two SAs are established. – SA, providing actually all security services, is setup by IKE. – Functionality is dependent upon security protocols, mode of IPSec working, endpoints of SA and chosen security services.12 www.ee.surrey.ac.uk/CCSR
  • IPSec Components to Help in Achieving Security Goals (continued..) • Security Policy Database (SPD) – Stores security policies. – Provides information about security policy rules to be applied. – At least one SPD implementation must be supported in IPSec. – Three logical components • SPD-Secure (S) contains rules for all IPSec protected traffic. • SPD-Outbound (O) contains rules for all outbound traffic • SPD-Inbound (I) contains rules for all inbound traffic or bypassed.13 www.ee.surrey.ac.uk/CCSR
  • IPSec Components to Help in Achieving Security Goals (continued..) • Security Association Database (SAD) – Stores SAs. – Provides information about security associations. – For outbound processing SAD is pointed by SPD-S part. – For inbound processing SAD is pointed by SPD-I part. • Peer Authorization Database (PAD) – Stores information about links between SPD and SAD. – Helps IPSec components in security services practice.14 www.ee.surrey.ac.uk/CCSR
  • IPSec Working & Role of IKE • IKE helps in setup of security associations (SAs). – The functionality of all cryptographic protocols is dependent on these SAs. – Control information exchange also requires SA setup. • IKE provides this setup by message exchanges. – IKE_SA_INIT, IKE_AUTH – IKE_CHILD_SA – Informational Exchanges15 www.ee.surrey.ac.uk/CCSR
  • IPSec Working & Role of ESP • ESP provides origin authentication, connectionless and sequence integrity, data and limited traffic flow confidentiality. • Security services are offered in three modes by ESP. – Confidentiality Only (may be supported) – Integrity Only (must be supported) – Confidentiality and Integrity (must be supported)16 www.ee.surrey.ac.uk/CCSR
  • IPSec Working & Role of ESP (continued..) • Data Confidentiality – Data confidentiality is provided via encryption. – Encryption scheme selection is dependent upon SA out of various encryption algorithms. • Origin Authentication and Connectionless Integrity – Integrity of IP datagram is validated via Message Authentication Code (MAC). – Origin authentication is provided indirectly by binding of the key with the holding entity (origin).17 www.ee.surrey.ac.uk/CCSR
  • IPSec Working & Role of ESP (continued..) • Anti-Replay Service (Partial Sequence Integrity) – This is service to detect arrival of duplicate packets. – Provides sequential integrity and may be supported in ESP. • Limited Traffic Flow Confidentiality – This service hides source and destination addresses and usually employed in Tunnel Mode.18 www.ee.surrey.ac.uk/CCSR
  • Limitations of IPSec • IPSec follows very strict layering and protection model works end-to-end. • With advancement in wireless technology according to characteristics of networks, certain cross-layer optimizations are performed. • Some examples of wireless technology highlights the functionality of new network applications.19 www.ee.surrey.ac.uk/CCSR
  • Limitations of IPSec (continued..) • Conflicts between IPSec and TCP PEPs – TCP PEPs work on two pieces of information, TCP flow identification and sequence numbers. – IPSec encapsulate whole TCP packet. • Traffic Analysis – For functioning of upper layers, some information from headers is required at intermediate nodes. – IPSec hides all upper layer headers.20 www.ee.surrey.ac.uk/CCSR
  • Limitations of IPSec (continued..) • Traffic Engineering – Flow classification is essential in providing rich classes of service and QoS (RED, RSVP). – The flow information present in upper layers such ac TCP is hidden by IPSec. • Application Layer Agents/Proxies – Some modern routers can serve the HTTP requests from their local cache in order to improve performance. – They need information from upper layers like HTTP but, that is hidden by IPSec.21 www.ee.surrey.ac.uk/CCSR
  • Summary of IPSec Limitations and Conclusion • All above defined mechanisms, try to access upper layers information for their working. • IPSec works on end-to-end basis and encrypts all the upper layer information. • So IPSec has basic functioning conflict with many intermediate devices. • Need to resolve these issues for optimal performance.22 www.ee.surrey.ac.uk/CCSR
  • Problem Statement for ML-IPSec • Develop a security scheme with below defined features: – Supports the services and applications which have conflict with IPsec working. – Should grant trusted intermediate nodes a secure, controlled and limited access to a selected portion of IP datagram. – Should preserve the end-to-end security protection for user data.23 www.ee.surrey.ac.uk/CCSR
  • Approaches - Transport Layer Security • Using a transport-layer security mechanism as an alternative to IPsec to provide security services. • The transport-layer mechanism, such as secure sockets layer (SSL) or transport layer security (TLS) operates above TCP and works well with TCP PEP: – it encrypts the TCP data while leaving the TCP header in unencrypted and unauthenticated form • Limitations: – Vulnerable to traffic analysis attack – SSL/TLS only works on TCP but not on UDP so the range of applications is limited24 www.ee.surrey.ac.uk/CCSR
  • Approaches – Tunnelling one security protocol • This approach tries to use transport layer security protocols, SSL/TLS, inside IPsec. • SSL/TLS will protect the TCP data and IPSec will protect TCP header information • Limitations: – wastage of resources because TCP data will be encrypted twice by SSL/TLS and IPsec, – IPsec still encrypts the whole TCP information including header and data part25 www.ee.surrey.ac.uk/CCSR
  • Approaches - Using a Transport Friendly ESP Format • The transport-friendly ESP (TF-ESP) protocol format was proposed: – The TCP state information (such as flow identifications and sequence numbers) are in a disclosure header outside the encryption scope, bbut authenticated. • Limitations: – Vulnerable to traffic analysis attack – it does not work well with TCP spoofing when a write access is needed26 www.ee.surrey.ac.uk/CCSR
  • Approaches – Splitting IPsec into Two Segments • IPsec protection can be applied twice, once between sender and security gateway and second time between security gateway and destination. • Limitations: – It exposes the information to intermediate nodes while confidentiality is only meant for end-to-end27 www.ee.surrey.ac.uk/CCSR
  • Approaches – Multi - Layer IP Security Protocol • ML-IPsec breaks the IP datagram into different parts and apply different security mechanisms on different parts: – one security mechanism for transport header – different security mechanism for application data • This approach allows the intermediate nodes to co-exist with end-to-end IPsec • Limitations: – More complex than IPsec28 www.ee.surrey.ac.uk/CCSR
  • Standardization & Issues • Many meetings were attended at IETF to present the idea of IPSec and internet draft was written. • IETF Concerns: – Application domains is limited (Satellite Networks only). – Implementation complexity is increased. (shown feasible via implementation in IPSec). – Two more implementations required to prove the points. • Key Management Complexity is major issue.29 www.ee.surrey.ac.uk/CCSR
  • Applications30 www.ee.surrey.ac.uk/CCSR
  • Principle of ML-IPSec Security Protection • Multilayer protection model: • Divides IP datagram into zones • Different protection schemes for different zones (e.g. SA, public/private keys, access control rules etc.)31 www.ee.surrey.ac.uk/CCSR
  • General Model of IPSec Processing• . Multicast Key Exchange32 www.ee.surrey.ac.uk/CCSR
  • Composite Security Association (CSA)• Security Association • one-way relationship between sender and receiver. • defines set of parameters (e.g. sequence number, anti- replay window, lifetime of SA, Path MTU etc). • Controls outbound, inbound processing.33 www.ee.surrey.ac.uk/CCSR
  • CSA Continued.. • CSA has two elements: – Zone Map: defines coverage of each zone in IP datagram. – Zone List: is a list of all SAs for all zones. (all stored in “Security Association Database (SAD)”).34 www.ee.surrey.ac.uk/CCSR
  • Zones and Zone Map • A zone is any portion of IP datagram under same security protection. • Entire IP datagram can be broken into zones. • Zones can not overlap. • A zone can be split into multiple sub zones (continuous part of IP datagram). • A zone map is a mapping relationship between IP octets and zones. • Remains Constant for a security relationship. • zones that covers last part of IP datagram (data) should35 be variable according to size. www.ee.surrey.ac.uk/CCSR
  • Composite Security Association (CSA) • Zone Map • Zone List – In zone list area we show the SAs, their36 parameters and access control. www.ee.surrey.ac.uk/CCSR
  • Zone List continued • SA (designated) – Sequence Number Counter (64 bit) – Sequence Counter Overflow – Anti-Replay Window (64 bit) – Protocol mode (Transport or Tunnel) – Path MTU – Lifetime – Encryption algorithm (DES-CBC) – Encryption Key – Authentication algorithm (HMAC-MD5-32) – Authentication Key37 www.ee.surrey.ac.uk/CCSR
  • Outbound Processing (zone by zone) Outbound: IP datagram Zone map Plain Text (masked and concatenated) Encryption (using ESP) AH SA Cipher Text (ESP) Authentication ICV AH or ESP authentication data ESP paylod data38 www.ee.surrey.ac.uk/CCSR
  • Inbound Processing (zone by zone) Outbound: IP datagram Zone map Plain Text (masked and concatenated) Decryption (using ESP) AH SA Cipher Text (ESP) Authentication ICV AH or ESP authentication data ESP paylod data39 www.ee.surrey.ac.uk/CCSR
  • ESP Header • Security Parameter Index: Identifies Security Association (SA). • Sequence Number: Counts the packet sent. • Encrypted Payload Data for Zone: contains the encrypted payload data (IP payload data, padding, pad length, Next Header). • Authentication Data for Zone: Contains the Integrity Check Values (ICV) for each zone.40 www.ee.surrey.ac.uk/CCSR
  • Implementation and Evaluation • Two different evaluations of ML-IPSec shall be performed. – Simulations based, to see the scalability and reliability behaviour. • Impact of network bandwidth on Performance ( SA establishment latency, TCP throughput and delay). • Impact of different data packet size on performance and security protocol behaviour. – Reference Implementation of ML-IPSec to see the overhead on real network.41 www.ee.surrey.ac.uk/CCSR
  • Testbed Experiment Requirements • Use Cases – IP Only: running standard IP with no security. – IPSec: running IPSec using ESP with authentication mode enabled. – ML-IPSec (1 Zone) = IPSec – ML-IPSec (2 Zone) – ML-IPSec (3 Zones) • The ML-IPSec experiment will be evaluated for processing delays, CPU overload and bandwidth overhead42 www.ee.surrey.ac.uk/CCSR
  • Testbed Experiment Requirements Processing Delay – Network speed will be fixed. • The processing delay will be – Throughput and protocol measured by taking following overhead relationship will be studied parameters into consideration: – One Host pinging other Comparing CPU Overload – Packet size will be fixed. • For evaluation of CPU – Processing Time will be overhead environment will be evaluated. configured as given below: Bandwidth Overhead – One host generate and send packets as fast as it can and – One host generate and send other counting after receiving. packets as fast as it can and other counting after receiving. – CPU speed will be fixed. – Network speed will be fixed. . – CPU speed will be fixed. – Throughput and CPU load relationship will be studied.43 www.ee.surrey.ac.uk/CCSR
  • ML-IPSec Testbed • Current Status – Fedora 13 Installed – Computers are configured as shown in diagram. • Future Plans – Need to configure network’s speed. – Need to configure NIST Net according to requirements.44 www.ee.surrey.ac.uk/CCSR
  • Simulations & Standalone Implementation Plans • NIST has performed IPSec simulations as part of project “NIIST(NIST IPSec and IKE Simulation Tool”. •SPD: Security Policy Database •SAD: Security Association Database •PF_Key: Generic Socket Key Management API45 www.ee.surrey.ac.uk/CCSR
  • Simulations & Standalone Implementation Plans46 www.ee.surrey.ac.uk/CCSR
  • Conclusion • Intermediate gateways can have access to partial IP datagram (e.g. TCP header) by partial keys. • Can solve the conflict between IPSec and TCP PEPs being used in satellite networks. • The current new and future networks can improve quality of service using fair queuing, differential services etc. • IPSec problems are solved.47 www.ee.surrey.ac.uk/CCSR