Multilayer Security Architecture for Internet Protocols
1. Multilayer Security Architecture for
Internet Protocol (ML-IPSec)
1 October, 2010
Muhammad Nasir Mumtaz Bhutta
Centre for Communication Systems Research
University of Surrey
Guildford, Surrey
GU2 7XH
Email: m.bhutta@surrey.ac.uk,
Tel: 01483 68 3036
www.surrey.ac.uk
2. Objectives
• Demonstrate “Security Architecture for
Internet Protocol” (IPSec) protection model.
• Highlight the limitations of IPSec.
• Demonstrate the working or ML-IPSec.
• Demonstrate the detailed experiment plans.
2 www.ee.surrey.ac.uk/CCSR
3. Introduction
• Security Architecture for Internet Protocol
(IPSec) provides security services at IP
layer in protocol stack.
• All upper layers than IP layer can get
security services without reengineering the
applications.
• IPSec operates in two modes, tunnel and
transport, to secure path(s) between
communicating nodes.
3 www.ee.surrey.ac.uk/CCSR
4. Path(s) Security
• Between Pairs of Gateways
– Gateways need to implement IPSec.
– Works in Tunnel Mode (complete IP packet is
protected & new IP header is appended).
– Different source and destination addresses in
dual IP headers.
Un Protected Subnet Protected Subnet
Protected Subnet
IPSec Tunnel
Tunnel Endpoint Tunnel Endpoint
Gateway Gateway
4 www.ee.surrey.ac.uk/CCSR
5. Path(s) Security
• Between Pair of Hosts
– End nodes need to implement IPSec.
– Works in Transport Mode (Upper layers
headers and IP data are protected).
– IP addresses are unchanged.
Un Protected Subnet
IPSec Tunnel OR
Transport mode
Protected Endpoint
Protected Endpoint
5 www.ee.surrey.ac.uk/CCSR
6. Path(s) Security
• Between Host and Gateway
– Both end hosts and gateways implement
IPSec.
– Usually works in tunnel mode to take benefits
of hiding external characteristics of
communication.
Protected Subnet
Un Protected Subnet AND/OR
IPSec Tunnel Internet
Protected Endpoint Protected Endpoint
6 www.ee.surrey.ac.uk/CCSR
7. Security Goals
• Access Control
– Prevent unauthorized access to resources.
• Connectionless Integrity
– Check any modifications in IP datagram
without caring about the arrival order of IP
datagrams.
• Origin Authentication
– Identify claimed source of data.
7 www.ee.surrey.ac.uk/CCSR
8. Security Goals (continued..)
• Partial Sequence Integrity
– Check for duplicate packets (Replay attacks).
• Data Confidentiality
– Protect against disclosure of data to
unauthorized entities.
• Limited Traffic Flow Confidentiality
– Protect external characteristics of
communications (e.g. source and destination
addresses etc.).
8 www.ee.surrey.ac.uk/CCSR
9. Major IPSec Components
• Security Policies
– Provides rules for user access and control level.
• Security Protocols
– Authentication Header (AH)
• Provides origin authentication, connectionless integrity and
optional partial sequence integrity.
– Encapsulating Security Payload (ESP)
• Provides all services provided by AH, data confidentiality and
limited traffic flow confidentiality as well.
9 www.ee.surrey.ac.uk/CCSR
10. Major IPSec Components
(continued..)
• Cryptographic Algorithms
– Helps to achieve integrity and confidentiality.
• Key Management
– All security operations are provided by
cryptographic means, so keys are required.
– Internet Key Exchange (IKE v2) is used to
provide key management.
10 www.ee.surrey.ac.uk/CCSR
11. Assumptions
• To achieve high quality of security
services, certain assumptions need to be
met:
– Good implementation of IPSec.
– Security is dependent on many things in over
all system (e.g. personnel & physical
procedures, security policies etc.), so IPSec
just play its role as a part.
– Good Implementation of Operating System
(OS) security services.
11 www.ee.surrey.ac.uk/CCSR
12. IPSec Components to Help in
Achieving Security Goals
• Security Association (SA)
– SA is a one way traffic secure connection
between communicating parties.
– For Bidirectional communication, two SAs are
established.
– SA, providing actually all security services, is
setup by IKE.
– Functionality is dependent upon security
protocols, mode of IPSec working, endpoints
of SA and chosen security services.
12 www.ee.surrey.ac.uk/CCSR
13. IPSec Components to Help in
Achieving Security Goals
(continued..)
• Security Policy Database (SPD)
– Stores security policies.
– Provides information about security policy rules to be
applied.
– At least one SPD implementation must be supported
in IPSec.
– Three logical components
• SPD-Secure (S) contains rules for all IPSec protected traffic.
• SPD-Outbound (O) contains rules for all outbound traffic
• SPD-Inbound (I) contains rules for all inbound traffic or
bypassed.
13 www.ee.surrey.ac.uk/CCSR
14. IPSec Components to Help in
Achieving Security Goals
(continued..)
• Security Association Database (SAD)
– Stores SAs.
– Provides information about security associations.
– For outbound processing SAD is pointed by SPD-S
part.
– For inbound processing SAD is pointed by SPD-I part.
• Peer Authorization Database (PAD)
– Stores information about links between SPD and
SAD.
– Helps IPSec components in security services
practice.
14 www.ee.surrey.ac.uk/CCSR
15. IPSec Working & Role of IKE
• IKE helps in setup of security associations
(SAs).
– The functionality of all cryptographic protocols is
dependent on these SAs.
– Control information exchange also requires SA setup.
• IKE provides this setup by message exchanges.
– IKE_SA_INIT, IKE_AUTH
– IKE_CHILD_SA
– Informational Exchanges
15 www.ee.surrey.ac.uk/CCSR
16. IPSec Working & Role of ESP
• ESP provides origin authentication,
connectionless and sequence integrity,
data and limited traffic flow confidentiality.
• Security services are offered in three
modes by ESP.
– Confidentiality Only (may be supported)
– Integrity Only (must be supported)
– Confidentiality and Integrity (must be
supported)
16 www.ee.surrey.ac.uk/CCSR
17. IPSec Working & Role of ESP
(continued..)
• Data Confidentiality
– Data confidentiality is provided via encryption.
– Encryption scheme selection is dependent upon SA
out of various encryption algorithms.
• Origin Authentication and Connectionless
Integrity
– Integrity of IP datagram is validated via Message
Authentication Code (MAC).
– Origin authentication is provided indirectly by binding
of the key with the holding entity (origin).
17 www.ee.surrey.ac.uk/CCSR
18. IPSec Working & Role of ESP
(continued..)
• Anti-Replay Service (Partial Sequence
Integrity)
– This is service to detect arrival of duplicate
packets.
– Provides sequential integrity and may be
supported in ESP.
• Limited Traffic Flow Confidentiality
– This service hides source and destination
addresses and usually employed in Tunnel
Mode.
18 www.ee.surrey.ac.uk/CCSR
19. Limitations of IPSec
• IPSec follows very strict layering and
protection model works end-to-end.
• With advancement in wireless technology
according to characteristics of networks,
certain cross-layer optimizations are
performed.
• Some examples of wireless technology
highlights the functionality of new network
applications.
19 www.ee.surrey.ac.uk/CCSR
20. Limitations of IPSec (continued..)
• Conflicts between IPSec and TCP PEPs
– TCP PEPs work on two pieces of information,
TCP flow identification and sequence
numbers.
– IPSec encapsulate whole TCP packet.
• Traffic Analysis
– For functioning of upper layers, some
information from headers is required at
intermediate nodes.
– IPSec hides all upper layer headers.
20 www.ee.surrey.ac.uk/CCSR
21. Limitations of IPSec (continued..)
• Traffic Engineering
– Flow classification is essential in providing rich
classes of service and QoS (RED, RSVP).
– The flow information present in upper layers such ac
TCP is hidden by IPSec.
• Application Layer Agents/Proxies
– Some modern routers can serve the HTTP requests
from their local cache in order to improve
performance.
– They need information from upper layers like HTTP
but, that is hidden by IPSec.
21 www.ee.surrey.ac.uk/CCSR
22. Summary of IPSec Limitations and
Conclusion
• All above defined mechanisms, try to
access upper layers information for their
working.
• IPSec works on end-to-end basis and
encrypts all the upper layer information.
• So IPSec has basic functioning conflict
with many intermediate devices.
• Need to resolve these issues for optimal
performance.
22 www.ee.surrey.ac.uk/CCSR
23. Problem Statement for ML-IPSec
• Develop a security scheme with below
defined features:
– Supports the services and applications which
have conflict with IPsec working.
– Should grant trusted intermediate nodes a
secure, controlled and limited access to a
selected portion of IP datagram.
– Should preserve the end-to-end security
protection for user data.
23 www.ee.surrey.ac.uk/CCSR
24. Approaches - Transport Layer
Security
• Using a transport-layer security mechanism as an
alternative to IPsec to provide security services.
• The transport-layer mechanism, such as secure
sockets layer (SSL) or transport layer security
(TLS) operates above TCP and works well with
TCP PEP:
– it encrypts the TCP data while leaving the TCP header
in unencrypted and unauthenticated form
• Limitations:
– Vulnerable to traffic analysis attack
– SSL/TLS only works on TCP but not on UDP so the
range of applications is limited
24 www.ee.surrey.ac.uk/CCSR
25. Approaches –
Tunnelling one security protocol
• This approach tries to use transport layer
security protocols, SSL/TLS, inside IPsec.
• SSL/TLS will protect the TCP data and
IPSec will protect TCP header information
• Limitations:
– wastage of resources because TCP data will
be encrypted twice by SSL/TLS and IPsec,
– IPsec still encrypts the whole TCP information
including header and data part
25 www.ee.surrey.ac.uk/CCSR
26. Approaches - Using a Transport
Friendly ESP Format
• The transport-friendly ESP (TF-ESP)
protocol format was proposed:
– The TCP state information (such as flow
identifications and sequence numbers) are in a
disclosure header outside the encryption
scope, bbut authenticated.
• Limitations:
– Vulnerable to traffic analysis attack
– it does not work well with TCP spoofing when a
write access is needed
26 www.ee.surrey.ac.uk/CCSR
27. Approaches – Splitting IPsec into
Two Segments
• IPsec protection can be applied twice, once
between sender and security gateway and
second time between security gateway and
destination.
• Limitations:
– It exposes the information to intermediate
nodes while confidentiality is only meant for
end-to-end
27 www.ee.surrey.ac.uk/CCSR
28. Approaches – Multi - Layer IP
Security Protocol
• ML-IPsec breaks the IP datagram into
different parts and apply different security
mechanisms on different parts:
– one security mechanism for transport header
– different security mechanism for application
data
• This approach allows the intermediate
nodes to co-exist with end-to-end IPsec
• Limitations:
– More complex than IPsec
28 www.ee.surrey.ac.uk/CCSR
29. Standardization & Issues
• Many meetings were attended at IETF to
present the idea of IPSec and internet draft was
written.
• IETF Concerns:
– Application domains is limited (Satellite Networks
only).
– Implementation complexity is increased. (shown
feasible via implementation in IPSec).
– Two more implementations required to prove the
points.
• Key Management Complexity is major issue.
29 www.ee.surrey.ac.uk/CCSR
31. Principle of ML-IPSec Security
Protection
• Multilayer protection model:
• Divides IP datagram into zones
• Different protection schemes for different zones
(e.g. SA, public/private keys, access control rules
etc.)
31 www.ee.surrey.ac.uk/CCSR
32. General Model of IPSec Processing
• .
Multicast
Key Exchange
32 www.ee.surrey.ac.uk/CCSR
33. Composite Security Association
(CSA)
• Security Association
• one-way relationship
between sender and
receiver.
• defines set of
parameters (e.g.
sequence number, anti-
replay window, lifetime
of SA, Path MTU etc).
• Controls outbound,
inbound processing.
33 www.ee.surrey.ac.uk/CCSR
34. CSA Continued..
• CSA has two elements:
– Zone Map: defines coverage of each zone in
IP datagram.
– Zone List: is a list of all SAs for all zones. (all
stored in “Security Association Database
(SAD)”).
34 www.ee.surrey.ac.uk/CCSR
35. Zones and Zone Map
• A zone is any portion of IP datagram under same security
protection.
• Entire IP datagram can be broken into zones.
• Zones can not overlap.
• A zone can be split into multiple sub zones (continuous part of
IP datagram).
• A zone map is a mapping
relationship between IP octets
and zones.
• Remains Constant for a
security relationship.
• zones that covers last part
of IP datagram (data) should
35
be variable according to size. www.ee.surrey.ac.uk/CCSR
36. Composite Security Association
(CSA)
• Zone Map
• Zone List
– In zone list area we show the SAs, their
36 parameters and access control. www.ee.surrey.ac.uk/CCSR
37. Zone List continued
• SA (designated)
– Sequence Number Counter (64 bit)
– Sequence Counter Overflow
– Anti-Replay Window (64 bit)
– Protocol mode (Transport or Tunnel)
– Path MTU
– Lifetime
– Encryption algorithm (DES-CBC)
– Encryption Key
– Authentication algorithm (HMAC-MD5-32)
– Authentication Key
37 www.ee.surrey.ac.uk/CCSR
38. Outbound Processing (zone by
zone)
Outbound: IP datagram
Zone map
Plain Text (masked and concatenated)
Encryption (using ESP)
AH
SA
Cipher Text (ESP)
Authentication
ICV
AH or ESP authentication data
ESP paylod data
38 www.ee.surrey.ac.uk/CCSR
39. Inbound Processing (zone by zone)
Outbound: IP datagram
Zone map
Plain Text (masked and concatenated)
Decryption (using ESP)
AH
SA
Cipher Text (ESP)
Authentication
ICV
AH or ESP authentication data
ESP paylod data
39 www.ee.surrey.ac.uk/CCSR
40. ESP Header
• Security Parameter Index:
Identifies Security Association
(SA).
• Sequence Number: Counts the
packet sent.
• Encrypted Payload Data for
Zone: contains the encrypted
payload data (IP payload data,
padding, pad length, Next
Header).
• Authentication Data for Zone:
Contains the Integrity Check
Values (ICV) for each zone.
40 www.ee.surrey.ac.uk/CCSR
41. Implementation and Evaluation
• Two different evaluations of ML-IPSec
shall be performed.
– Simulations based, to see the scalability and
reliability behaviour.
• Impact of network bandwidth on Performance ( SA
establishment latency, TCP throughput and delay).
• Impact of different data packet size on
performance and security protocol behaviour.
– Reference Implementation of ML-IPSec to
see the overhead on real network.
41 www.ee.surrey.ac.uk/CCSR
42. Testbed Experiment
Requirements
• Use Cases
– IP Only: running standard IP with no security.
– IPSec: running IPSec using ESP with authentication
mode enabled.
– ML-IPSec (1 Zone) = IPSec
– ML-IPSec (2 Zone)
– ML-IPSec (3 Zones)
• The ML-IPSec experiment will be evaluated for
processing delays, CPU overload and bandwidth
overhead
42 www.ee.surrey.ac.uk/CCSR
43. Testbed Experiment
Requirements
Processing Delay – Network speed will be fixed.
• The processing delay will be – Throughput and protocol
measured by taking following overhead relationship will be
studied
parameters into consideration:
– One Host pinging other Comparing CPU Overload
– Packet size will be fixed. • For evaluation of CPU
– Processing Time will be overhead environment will be
evaluated. configured as given below:
Bandwidth Overhead – One host generate and send
packets as fast as it can and
– One host generate and send
other counting after receiving.
packets as fast as it can and
other counting after receiving. – CPU speed will be fixed.
– Network speed will be fixed. .
– CPU speed will be fixed.
– Throughput and CPU load
relationship will be studied.
43 www.ee.surrey.ac.uk/CCSR
44. ML-IPSec Testbed
• Current Status
– Fedora 13 Installed
– Computers are
configured as shown
in diagram.
• Future Plans
– Need to configure
network’s speed.
– Need to configure
NIST Net according
to requirements.
44 www.ee.surrey.ac.uk/CCSR
45. Simulations & Standalone
Implementation Plans
• NIST has performed IPSec simulations as part
of project “NIIST(NIST IPSec and IKE Simulation
Tool”.
•SPD: Security Policy
Database
•SAD: Security
Association Database
•PF_Key: Generic
Socket Key
Management API
45 www.ee.surrey.ac.uk/CCSR
47. Conclusion
• Intermediate gateways can have access to
partial IP datagram (e.g. TCP header) by partial
keys.
• Can solve the conflict between IPSec and TCP
PEPs being used in satellite networks.
• The current new and future networks can
improve quality of service using fair queuing,
differential services etc.
• IPSec problems are solved.
47 www.ee.surrey.ac.uk/CCSR