《ch16-IP-Security》由会员分享,可在线阅读,更多相关《ch16-IP-Security(24页珍藏版)》请在金锄头文库上搜索。
1、Cryptography and Network SecurityChapter 16Fourth Editionby William StallingsLecture slides by Lawrie BrownChapter 16 IP SecurityIf a secret piece of news is divulged by a spy before the time is ripe, he must be put to death, together with the man to whom the secret was told.The Art of War, Sun TzuI
2、P Securityhave a range of application specific security mechanismsl leg. S/MIME, PGP, Kerberos, SSL/HTTPSeg. S/MIME, PGP, Kerberos, SSL/HTTPShowever there are security concerns that cut across protocol layerswould like security implemented by the network for all applicationsIPSecgeneral IP Security
3、mechanismsprovidesl lauthenticationauthenticationl lconfidentialityconfidentialityl lkey managementkey managementapplicable to use over LANs, across public & private WANs, & for the InternetIPSec UsesBenefits of IPSecin a firewall/router provides strong security to all traffic crossing the perimeter
4、in a firewall/router is resistant to bypassis below transport layer, hence transparent to applicationscan be transparent to end userscan provide security for individual userssecures routing architectureIP Security Architecturespecification is quite complexdefined in numerous RFCsl lincl. RFC 2401/24
5、02/2406/2408incl. RFC 2401/2402/2406/2408l lmany others, grouped by categorymany others, grouped by categorymandatory in IPv6, optional in IPv4have two security header extensions:l lAuthentication Header (AH)Authentication Header (AH)l lEncapsulating Security Payload (ESP)Encapsulating Security Payl
6、oad (ESP)IPSec ServicesAccess controlConnectionless integrityData origin authenticationRejection of replayed packetsl la form of partial sequence integritya form of partial sequence integrityConfidentiality (encryption)Limited traffic flow confidentialitySecurity Associationsa one-way relationship b
7、etween sender & receiver that affords security for traffic flowdefined by 3 parameters:l lSecurity Parameters Index (SPI)Security Parameters Index (SPI)l lIP Destination AddressIP Destination Addressl lSecurity Protocol IdentifierSecurity Protocol Identifierhas a number of other parametersl lseq no,
8、 AH & EH info, lifetime etcseq no, AH & EH info, lifetime etchave a database of Security AssociationsAuthentication Header (AH)provides support for data integrity & authentication of IP packetsl lend system/router can authenticate user/append system/router can authenticate user/appl lprevents addres
9、s spoofing attacks by tracking prevents address spoofing attacks by tracking sequence numberssequence numbersbased on use of a MACl lHMAC-MD5-96 or HMAC-SHA-1-96HMAC-MD5-96 or HMAC-SHA-1-96parties must share a secret keyAuthentication HeaderTransport & Tunnel ModesEncapsulating Security Payload (ESP
10、)provides provides message content confidentiality & message content confidentiality & limited traffic flow confidentialitylimited traffic flow confidentialitycan optionally can optionally provide the same authentication provide the same authentication services as AHservices as AHsupports range of c
11、iphers, modes, paddingsupports range of ciphers, modes, paddingl lincl. DES, Triple-DES, RC5, IDEA, CAST etcincl. DES, Triple-DES, RC5, IDEA, CAST etcl lCBC & other modesCBC & other modesl lpadding needed to fill blocksize, fields, for traffic flowpadding needed to fill blocksize, fields, for traffi
12、c flowEncapsulating Security PayloadTransport vs Tunnel Mode ESPtransport mode is used to encrypt & optionally authenticate IP datal ldata protected but header left in cleardata protected but header left in clearl lcan do traffic analysis but is efficientcan do traffic analysis but is efficientl lgo
13、od for ESP host to host trafficgood for ESP host to host traffictunnel mode encrypts entire IP packetl ladd new header for next hopadd new header for next hopl lgood for VPNs, gateway to gateway securitygood for VPNs, gateway to gateway securityCombining Security AssociationsSAs can implement either
14、 AH or ESPto implement both need to combine SAsl lform a security form a security association association bundlebundlel lmay terminate at different or same endpointsmay terminate at different or same endpointsl lcombined bycombined by transport adjacencytransport adjacency iterated tunnelingiterated
15、 tunnelingissue of authentication & encryption order Combining Security AssociationsKey Managementhandles key generation & distributiontypically need 2 pairs of keysl l2 per direction for AH & ESP2 per direction for AH & ESPmanual key managementl lsysadmin manually configures every systemsysadmin ma
16、nually configures every systemautomated key managementl lautomated system for on demand creation of automated system for on demand creation of keys for SAs in large systemskeys for SAs in large systemsl lhas Oakley & ISAKMP elementshas Oakley & ISAKMP elementsOakleya key exchange protocolbased on Di
17、ffie-Hellman key exchangeadds features to address weaknessesl lcookies, groups (global params), nonces, DH cookies, groups (global params), nonces, DH key exchange with authenticationkey exchange with authenticationcan use arithmetic in prime fields or elliptic curve fieldsISAKMPInternet Security As
18、sociation and Key Management Protocolprovides framework for key managementdefines procedures and packet formats to establish, negotiate, modify, & delete SAsindependent of key exchange protocol, encryption alg, & authentication methodISAKMPISAKMP Payloads & Exchangeshave a number of ISAKMP payload t
19、ypes:l lSecurity, Proposal, Transform, Key, Security, Proposal, Transform, Key, Identification, Certificate, Certificate, Hash, Identification, Certificate, Certificate, Hash, Signature, Nonce, Notification, DeleteSignature, Nonce, Notification, Delete ISAKMP has framework for 5 types of message exc
20、hanges:l lbase, identity protection, authentication only, base, identity protection, authentication only, aggressive, informationalaggressive, informationalSummaryhave considered:l lIPSec security frameworkIPSec security frameworkl lAHAHl lESPESPl lkey management & Oakley/ISAKMPkey management & Oakley/ISAKMP2424 以上有不当之处,请大家给与批评指正,以上有不当之处,请大家给与批评指正,谢谢大家!谢谢大家!