IPSec is a collection of protocols that provide security at the network layer, including authentication and encryption of IP packets. It has two modes, transport and tunnel, and two security protocols: the Authentication Header (AH) and Encapsulating Security Payload (ESP). The Internet Key Exchange (IKE) protocol is used to establish Security Associations (SAs) between hosts to define encryption keys and algorithms. At the transport layer, the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols provide data security and server authentication over TCP. Application layer protocols like PGP and S/MIME can be used to encrypt and authenticate email messages. Firewalls filter network traffic between internal and external networks and can operate at the

1. INTERNET SECURITY

2. Layers Security
 Network Layer (h/w + s/w)
 Transport Layer
 Application Layer s/w

3. Network Layer
 IP Security (IPSec) is a collection of protocols
designed by the Internet Engineering Task
Force (IETF) to provide security for a packet at
the network layer
 IPSec helps create authenticated and
confidential packets for the IP layer.

4. TCP/IP Protocol Suite
4
Topics Discussed in the Section
 Two Modes
 Two Security Protocols
 Services Provided by IPSec
 Security Association
 Internet Key Exchange (IKE)
 Virtual Private Network (VPN)

5. TCP/IP Protocol Suite
5
Figure 30.1 IPSec in transport mode

6. TCP/IP Protocol Suite
6
IPSec in transport mode does not protect
the IP header;
it only protects the information coming from
the transport layer.
Note

7. TCP/IP Protocol Suite
7
Figure 30.2 Transport mode in Action

8. TCP/IP Protocol Suite
8
Figure 30.3 IPSec in tunnel mode

9. TCP/IP Protocol Suite
9
Figure 30.4 Tunnel-mode in action
Tunnel

10. TCP/IP Protocol Suite
10
IPSec in tunnel mode protects the original
IP header.
Note

11. TCP/IP Protocol Suite
11
Figure 30.5 Transport mode versus tunnel mode

12.  Two Security Protocols
 IPSec defines two protocols the Authentication
Header (AH) Protocol and the Encapsulating
Security Payload (ESP) Protocol
to provide authentication and/or encryption for
packets at the IP level

13. Authentication Header (AH)
 The Authentication Header (AH) Protocol is
designed to authenticate the source host and to
ensure the integrity of the payload carried in the IP
packet
 The protocol uses a hash function and a symmetric
(secret) key to create a message digest; the digest
is inserted in the authentication header
 The AH is then placed in the appropriate location,
based on the mode (transport or tunnel)

14. 14
The AH protocol provides source
authentication and data integrity,
but not privacy.
Note

15. Encapsulating Security
Payload (ESP)
 Encapsulating Security Payload(ESP), that
provides source authentication, integrity, and
confidentiality
 ESP adds a header and trailer

16. TCP/IP Protocol Suite
16

17. Security Association
 IPSec requires a logical relationship, called a
Security Association (SA), between two hosts.
 there are two Security Associations (SAs)
between Alice and Bob; one outbound SA and
one inbound SA. Each of them stores the
value of the key in a variable and the name of
the encryption/decryption algorithm in another
 A Security Association is a contract between
two parties; it creates a secure channel
between them

18. Figure 30.8 Simple SA

19. Internet Key Exchange (IKE)
 The Internet Key Exchange (IKE) is a protocol
designed to create both inbound and outbound
Security Associations

20. Virtual private network
From
R1 to R2
From
R1 to R2
From
100 to 200
From
100 to 200

21. Domain of interpretation
contains keys details

22. TRANSPORT LAYER SECURITY
Two protocols are dominant today for providing security
at the transport layer: the Secure Sockets Layer (SSL)
protocol and the Transport Layer Security (TLS)
protocol. The latter is actually an IETF version of the
former. We discuss SSL in this section; TLS is very
similar. Figure shows the position of SSL and TLS in the
Internet model.

23. Figure 30.15 Location of SSL and TSL in the Internet mode

24. TCP/IP Protocol Suite
24
Figure 30.19 Four SSL protocols

25.  The Record Protocol is the carrier. It carries
messages from three other protocols as well as
the data coming from the application layer.
Messages from the Record Protocol are payloads
to the transport layer, normally TCP.
 The Handshake Protocol provides security
parameters for the Record Protocol. It establishes
a cipher set and provides keys and security
parameters. It also authenticates the server to the
client and the client to the server if needed.
 The ChangeCipherSpec Protocol is used for
signaling the readiness of cryptographic secrets.
 The Alert Protocol is used to report abnormal
conditions

26. Web Security
 Web now widely used by business,
government, individuals
 but Internet & Web are vulnerable
 have a variety of threats
 integrity
 confidentiality
 denial of service
 authentication
 need added security mechanisms

27. SSL (Secure Socket Layer)
 transport layer security service
 originally developed by Netscape
 version 3 designed with public input
 subsequently became Internet standard known
as TLS (Transport Layer Security)
 uses TCP to provide a reliable end-to-end
service
 SSL has two layers of protocols

28. SSL Architecture

29. SSL Architecture
 SSL connection
 a transient, peer-to-peer, communications link
 associated with 1 SSL session
 SSL session
 an association between client & server
 created by the Handshake Protocol
 define a set of cryptographic parameters
 may be shared by multiple SSL connections

30. SSL Record Protocol Services
 message integrity
 using a MAC with shared secret key
 similar to HMAC but with different padding
 confidentiality
 using symmetric encryption with a shared secret
key defined by Handshake Protocol
 AES, IDEA, RC2-40, DES-40, DES, 3DES,
Fortezza, RC4-40, RC4-128
 message is compressed before encryption

31. SSL Record Protocol Operation

32. SSL Change Cipher Spec Protocol
 one of 3 SSL specific protocols which use the
SSL Record protocol
 a single message
 causes pending state to become current
 hence updating the cipher suite in use

33. SSL Alert Protocol
 conveys SSL-related alerts to peer entity
 severity
 warning or fatal
 specific alert
 fatal: unexpected message, bad record mac,
decompression failure, handshake failure, illegal
parameter
 warning: close notify, no certificate, bad certificate,
unsupported certificate, certificate revoked, certificate
expired, certificate unknown
 compressed & encrypted like all SSL data

34. SSL Handshake Protocol
 allows server & client to:
 authenticate each other
 to negotiate encryption & MAC algorithms
 to negotiate cryptographic keys to be used
 comprises a series of messages in phases
1. Establish Security Capabilities
2. Server Authentication and Key Exchange
3. Client Authentication and Key Exchange
4. Finish

35. SSL Handshake Protocol

36. TLS (Transport Layer Security)
 IETF standard RFC 2246 similar to SSLv3
 with minor differences
 in record format version number
 uses HMAC for MAC
 a pseudo-random function expands secrets
 has additional alert codes
 some changes in supported ciphers
 changes in certificate types & negotiations
 changes in crypto computations & padding

37. Secure Electronic Transactions
(SET)
 open encryption & security specification
 to protect Internet credit card transactions
 developed in 1996 by Mastercard, Visa etc
 not a payment system
 rather a set of security protocols & formats
 secure communications amongst parties
 trust from use of X.509v3 certificates
 privacy by restricted info to those who need it

38. SET Components

39. SET Transaction
1. customer opens account
2. customer receives a certificate
3. merchants have their own certificates
4. customer places an order
5. merchant is verified
6. order and payment are sent
7. merchant requests payment authorization
8. merchant confirms order
9. merchant provides goods or service
10. merchant requests payment

40. Dual Signature
 customer creates dual messages
 order information (OI) for merchant
 payment information (PI) for bank
 neither party needs details of other
 but must know they are linked
 use a dual signature for this
 signed concatenated hashes of OI & PI
DS=E(PRc, [H(H(PI)||H(OI))])

41. SET Purchase Request
 SET purchase request exchange consists of
four messages
1. Initiate Request - get certificates
2. Initiate Response - signed response
3. Purchase Request - of OI & PI
4. Purchase Response - ack order

42. Purchase Request – Customer

43. Purchase Request – Merchant
1. verifies cardholder certificates using CA sigs
2. verifies dual signature using customer's public
signature key to ensure order has not been
tampered with in transit & that it was signed
using cardholder's private signature key
3. processes order and forwards the payment
information to the payment gateway for
authorization (described later)
4. sends a purchase response to cardholder

44. Purchase Request – Merchant

45. Payment Gateway Authorization
1. verifies all certificates
2. decrypts digital envelope of authorization block to
obtain symmetric key & then decrypts authorization
block
3. verifies merchant's signature on authorization block
4. decrypts digital envelope of payment block to obtain
symmetric key & then decrypts payment block
5. verifies dual signature on payment block
6. verifies that transaction ID received from merchant
matches that in PI received (indirectly) from customer
7. requests & receives an authorization from issuer
8. sends authorization response back to merchant

46. Payment Capture
 merchant sends payment gateway a payment
capture request
 gateway checks request
 then causes funds to be transferred to
merchants account
 notifies merchant using capture response

47. 47
APPLICATION LAYER SECURITY
Usually we have two protocols providing security
services for e-mails: Pretty Good Privacy (PGP) and
Secure/Multipurpose Internet Mail Extension (S/MIME).
https://www.youtube.com/watch?v=CEADq-B8KtI

48. In e-mail security, the sender of the
message needs to include the name
or identifiers of the algorithms
used in the message.
Note

49. In e-mail security, the encryption/decryption
is done using a symmetric-key algorithm,
but the secret key to decrypt the message
is
encrypted with the public key of the
receiver and is sent with the message.
Note

50. PGP at the sender site

51. PGP at the receiver site

52. 52
30-4 FIREWALLS
All previous security measures cannot prevent Eve from
sending a harmful message to a system. To control
access to a system we need firewalls. A firewall is a
device (usually a router or a computer) installed
between the internal network of an organization and the
rest of the Internet. It is designed to forward some
packets and filter (not forward) others. Figure 30.32
shows a firewall.

53. 53
Figure 30.32 Firewall

54. 54
Figure 30.33 Packet-filter firewall

55. 55
Figure 30.34 Proxy firewall
All HTTP
packets
Errors
Accepted
packets

56. 56
A proxy firewall filters at the
application layer.
Note