Computer Computer Science Science IPSec CPSC499 Information Security Management
Computer Computer ScienceScience
IPSec
CPSC499 Information Security Management
Computer Computer ScienceScience
Outline
• Internet Protocol– Datagram format– IPv4 addressing– NAT– IPv6
• IPSec– Security Association (SA)– IPSec Base Protocol (AH, ESP)– Encapsulation Mode (transport, tunnel)– Key Management
Computer Computer ScienceScience
The Internet Network layer
forwardingtable
Host, router network layer functions:
Routing protocols•path selection•RIP, OSPF, BGP
IP protocol•addressing conventions•datagram format•packet handling conventions
ICMP protocol•error reporting•router “signaling”
Transport layer: TCP, UDP
Link layer
physical layer
Networklayer
Computer Computer ScienceScience
IP datagram format
ver length
32 bits
data (variable length,typically a TCP
or UDP segment)
16-bit identifier
Internet checksum
time tolive
32 bit source IP address
IP protocol versionnumber
header length (bytes)
max numberremaining hops
(decremented at each router)
forfragmentation/reassembly
total datagramlength (bytes)
upper layer protocolto deliver payload to
head.len
type ofservice
“type” of data flgsfragment
offsetupper layer
32 bit destination IP address
Options (if any) E.g. timestamp,record routetaken, specifylist of routers to visit.
how much overhead with TCP?
• 20 bytes of TCP
• 20 bytes of IP
• = 40 bytes + app layer overhead
Computer Computer ScienceScience
IP Fragmentation & Reassembly
• network links have MTU (max.transfer size) - largest possible link-level frame.– different link types, different
MTUs
• large IP datagram divided (“fragmented”) within net– one datagram becomes
several datagrams
– “reassembled” only at final destination
– IP header bits used to identify, order related fragments
fragmentation: in: one large datagramout: 3 smaller datagrams
reassembly
Computer Computer ScienceScience
IP Fragmentation and Reassembly
ID=x
offset=0
fragflag=0
length=4000
ID=x
offset=0
fragflag=1
length=1500
ID=x
offset=185
fragflag=1
length=1500
ID=x
offset=370
fragflag=0
length=1040
One large datagram becomesseveral smaller datagrams
Example• 4000 byte
datagram• MTU = 1500 bytes
1480 bytes in data field
offset =1480/8
Computer Computer ScienceScience
Outline
• Internet Protocol– Datagram format– IPv4 addressing– NAT– IPv6
• IPSec– Security Association (SA)– IPSec Base Protocol (AH, ESP)– Encapsulation Mode (transport, tunnel)– Key Management
Computer Computer ScienceScience
IP Addressing: introduction
• IP address: 32-bit identifier for host, router interface
• interface: connection between host/router and physical link– router’s typically have
multiple interfaces– host may have multiple
interfaces– IP addresses
associated with each interface
223.1.1.1
223.1.1.2
223.1.1.3
223.1.1.4 223.1.2.9
223.1.2.2
223.1.2.1
223.1.3.2223.1.3.1
223.1.3.27
223.1.1.1 = 11011111 00000001 00000001 00000001
223 1 11
Computer Computer ScienceScience
Subnets
• IP address: – subnet part (high order
bits)
– host part (low order bits)
• What’s a subnet ?– device interfaces with
same subnet part of IP address
– can physically reach each other without intervening router
223.1.1.1
223.1.1.2
223.1.1.3
223.1.1.4 223.1.2.9
223.1.2.2
223.1.2.1
223.1.3.2223.1.3.1
223.1.3.27
network consisting of 3 subnets
LAN
Computer Computer ScienceScience
Subnets
223.1.1.0/24223.1.2.0/24
223.1.3.0/24
Recipe• To determine the
subnets, detach each interface from its host or router, creating islands of isolated networks. Each isolated network is called a subnet.
Subnet mask: /24
Computer Computer ScienceScience
IP addressing: CIDR
CIDR: Classless InterDomain Routing– subnet portion of address of arbitrary length– address format: a.b.c.d/x, where x is # bits in subnet
portion of address
11001000 00010111 00010000 00000000
subnetpart
hostpart
200.23.16.0/23
Computer Computer ScienceScience
IP addresses: how to get one?
Q: How does host get IP address?• hard-coded by system admin in a file
– Wintel: control-panel->network->configuration->tcp/ip->properties
– UNIX: /etc/rc.config• DHCP: Dynamic Host Configuration Protocol: dynamically get
address from as server– “plug-and-play”
(more in next chapter)
Computer Computer ScienceScience
IP addresses: how to get one?
Q: How does network get subnet part of IP addr?
A: gets allocated portion of its provider ISP’s address space
ISP's block 11001000 00010111 00010000 00000000 200.23.16.0/20
Organization 0 11001000 00010111 00010000 00000000 200.23.16.0/23 Organization 1 11001000 00010111 00010010 00000000 200.23.18.0/23 Organization 2 11001000 00010111 00010100 00000000 200.23.20.0/23 ... ….. …. ….
Organization 7 11001000 00010111 00011110 00000000 200.23.30.0/23
Computer Computer ScienceScience
Outline
• Internet Protocol– Datagram format– IPv4 addressing– NAT– IPv6
• IPSec– Security Association (SA)– IPSec Base Protocol (AH, ESP)– Encapsulation Mode (transport, tunnel)– Key Management
Computer Computer ScienceScience
NAT: Network Address Translation
10.0.0.1
10.0.0.2
10.0.0.3
10.0.0.4
138.76.29.7
local network(e.g., home network)
10.0.0/24
rest ofInternet
Datagrams with source or destination in this networkhave 10.0.0/24 address for
source, destination (as usual)
All datagrams leaving localnetwork have same single source
NAT IP address: 138.76.29.7,different source port numbers
Computer Computer ScienceScience
NAT: Network Address Translation
• Motivation: local network uses just one IP address as far as outside word is concerned:– no need to be allocated range of addresses from ISP: -
just one IP address is used for all devices– can change addresses of devices in local network
without notifying outside world– can change ISP without changing addresses of devices
in local network– devices inside local net not explicitly addressable, visible
by outside world (a security plus).
Computer Computer ScienceScience
NAT: Network AddressTranslation
Implementation: NAT router must:
– outgoing datagrams: replace (source IP address, port #) of every outgoing datagram to (NAT IP address, new port #)
. . . remote clients/servers will respond using (NAT IP address, new port #) as destination addr.
– remember (in NAT translation table) every (source IP address, port #) to (NAT IP address, new port #) translation pair
– incoming datagrams: replace (NAT IP address, new port #) in dest fields of every incoming datagram with corresponding (source IP address, port #) stored in NAT table
Computer Computer ScienceScience
NAT: Network Address Translation
10.0.0.1
10.0.0.2
10.0.0.3
S: 10.0.0.1, 3345D: 128.119.40.186, 80
1
10.0.0.4
138.76.29.7
1: host 10.0.0.1 sends datagram to 128.119.40, 80
NAT translation tableWAN side addr LAN side addr
138.76.29.7, 5001 10.0.0.1, 3345…… ……
S: 128.119.40.186, 80 D: 10.0.0.1, 3345
4
S: 138.76.29.7, 5001D: 128.119.40.186, 80
2
2: NAT routerchanges datagramsource addr from10.0.0.1, 3345 to138.76.29.7, 5001,updates table
S: 128.119.40.186, 80 D: 138.76.29.7, 5001
3
3: Reply arrives dest. address: 138.76.29.7, 5001
4: NAT routerchanges datagramdest addr from138.76.29.7, 5001 to 10.0.0.1, 3345
Computer Computer ScienceScience
NAT: Network Address Translation
• 16-bit port-number field: – 60,000 simultaneous connections with a single LAN-
side address!
• NAT is controversial:– routers should only process up to layer 3– violates end-to-end argument
• NAT possibility must be taken into account by app designers, eg, P2P applications
– address shortage should instead be solved by IPv6
Computer Computer ScienceScience
Outline
• Internet Protocol– Datagram format– IPv4 addressing– NAT– IPv6
• IPSec– Security Association (SA)– IPSec Base Protocol (AH, ESP)– Encapsulation Mode (transport, tunnel)– Key Management
Computer Computer ScienceScience
IPv6 Header
• Initial motivation: – 32-bit address space soon to be completely allocated.
– Expands addresses to 128 bits• 430,000,000,000,000,000,000 for every square inch of
earth’s surface!• Solves IPv4 problem of insufficient address space
• Additional motivation:– header format helps speed processing/forwarding– header changes to facilitate QoS IPv6 datagram format: – fixed-length 40 byte header– no fragmentation allowed
Computer Computer ScienceScience
IPv6 Header (Cont)
Priority: identify priority among datagrams in flowFlow Label: identify datagrams in same “flow.” (concept of“flow” not well defined).Next header: identify upper layer protocol for data
Computer Computer ScienceScience
Other Changes from IPv4
• Checksum: removed entirely to reduce processing time at each hop
• Options: allowed, but outside of header, indicated by “Next Header” field
• ICMPv6: new version of ICMP– additional message types, e.g. “Packet Too Big”– multicast group management functions
Computer Computer ScienceScience
IPv6 Security – IPsec mandated
• IPsec is mandated in IPv6– This means that all implementations (i.e. hosts, routers,
etc) must have IPsec capability to be considered as IPv6-conformant
• When (If?) IPv6 is in widespread use, this means that IPsec will be installed everywhere– At the moment, IPsec is more common in network devices
(routers, etc) than user hosts, but this would change with IPsec
• All hosts having IPsec => real end-to-end security possible
Computer Computer ScienceScience
IPv6 Security
• Enough IP addrs for every imaginable device
+ Real end-to-end security
= Ability to securely communicate from anything to anything
Computer Computer ScienceScience
IPv6 Security – harder to scan networks
• With IPv4, it is easy to scan a network– With tools like nmap, can scan a typical subnet in a
few minutes
– Returning list of active hosts and open ports– Many worms also operate by scanning
• e.g. Blaster, Slammer
– Attackers (& worms) scan for proxies, weak services and back doors
see: http://www.insecure.org/nmap/
Computer Computer ScienceScience
IPv6 Security – harder to scan networks
• With IPv6, sparse address allocation makes such brute force scanning impractical– It is 4 billion times harder to scan 1 IPv6 subnet than
all of IPv4
• No more Blaster, Slammer, …
• Use of “dense” address allocations makes it easier though
Computer Computer ScienceScience
Transition From IPv4 To IPv6
Transition from IPv4 to IPv6 will take time:• Due to need to support legacy systems and
applications, not all system can be upgraded simultaneously
• Instead, organisations deploy IPv6 piecewise with pilot/experimental implementations first
• Thus need for IPv4-IPv6 coexistence– Have dual-stack systems (supporting both v4 and v6)– Tunnelling used to deliver IPv6 packets over IPv4
networks• Tunneling: IPv6 carried as payload in IPv4 datagram
among IPv4 routers
known as “6to4”
Computer Computer ScienceScience
Tunneling
B-to-C:IPv6 inside
IPv4
D-to-E:IPv6 inside
IPv4
A B E F
IPv6 IPv6 IPv6 IPv6
tunnelLogical view:
Physical view:A B E F
IPv6 IPv6 IPv6 IPv6
C D
IPv4 IPv4
Flow: XSrc: ADest: F
data
Flow: XSrc: ADest: F
data
Flow: XSrc: ADest: F
data
Src:BDest: E
Flow: XSrc: ADest: F
data
Src:BDest: E
A-to-B:IPv6
E-to-F:IPv6
Computer Computer ScienceScience
Outline
• Internet Protocol– Datagram format– IPv4 addressing– NAT– IPv6
• IPSec– Security Association (SA)– IPSec Base Protocol (AH, ESP)– Encapsulation Mode (transport, tunnel)– Key Management
Computer Computer ScienceScience
IP Security (IPsec)
• Suite of protocols from Internet Engineering Task Force (IETF) providing encryption and authentication at the IP layer– Arose from needs identified in RFC 1636– Specifications in:
• RFC 2401: Security architecture• RFC 2402: Authentication• RFC 2406: Encryption• RFC 2408: Key management
• Objective is to encrypt and/or authenticate all traffic at the IP level.
Computer Computer ScienceScience
IP Security Issues
• Eavesdropping• Modification of packets in transit• Identity spoofing (forged source IP addresses)• Denial of service
• Many solutions are application-specific– TLS for Web, S/MIME for email, SSH for remote login
• IPSec aims to provide a framework of open standards for secure communications over IP– Protect every protocol running on top of IPv4 and IPv6
Computer Computer ScienceScience
Typical Usage
Computer Computer ScienceScience
IPSec Services
• Data origin authentication• Confidentiality• Connectionless and partial sequence integrity
– Connectionless = integrity for a single IP packet– Partial sequence integrity = prevent packet replay
• Limited traffic flow confidentiality– Eavesdropper cannot determine who is talking
• These services are transparent to applications above transport (TCP/UDP) layer
Computer Computer ScienceScience
Major IPSec Components
• Security Association (SA) Database• Each SA refers to all the security parameters of one communication
direction• For two-way communications, at least two SAs are needed.
• Two Protocols• AH – Authentication Header• ESP – Encapsulating Security Payload
1. Encryption only
2. Encryption with authentication• Two Encapsulation modes
1. Transport mode
2. Tunnel mode
Computer Computer ScienceScience
Outline
• Internet Protocol– Datagram format– IPv4 addressing– NAT– IPv6
• IPSec– Security Association (SA)– IPSec Base Protocol (AH, ESP)– Encapsulation Mode (transport, tunnel)– Key Management
Computer Computer ScienceScience
Security Association (SA)
• In order to communicate, each pair of hosts must set up SA with each other
• Acts as virtual connection for which various parameters are set:– Type of protection– Algorithms– Keys– …
• Simplex: a one way relationship between a sender and a receiver.
• For either AH or ESP, but not both
Computer Computer ScienceScience
Security Association (SA)
• Each SA uniquely identified by:– Security Parameters Index (SPI)
• 32-bit string assigned to this SA (local meaning only)
– IP destination address of packets• May be end user system, or firewall or router
– Security Protocol Identifier (e.g. AH, ESP)
• For each IP packet, governing SA is identified by:– Destination IP address in packet header– SPI in extension header (AH or ESP)
Computer Computer ScienceScience
Security Association (SA)
• It contains all the security parameters needed for one way communication– Sequence number counter– Anti-replay window– Protocol (e.g. AH / ESP)– Transform mode (e.g. transport / tunnel mode /
wildcard)– Protocol parameters (e.g. AES, 128-bit, CBC mode,
SHA-1)– Lifetime of the SA– etc.
Computer Computer ScienceScience
Outline
• Internet Protocol– Datagram format– IPv4 addressing– NAT– IPv6
• IPSec– Security Association (SA)– IPSec Base Protocol (AH, ESP)– Encapsulation Mode (transport, tunnel)– Key Management
Computer Computer ScienceScience
Two IPSec Base Protocols
• Authentication Header (AH)– Provides message
authentication and integrity check of IP data payload, but not confidentiality.
– Also Provides authentication for as much of the IP header as possible.
– Next header: TCP, UDP, etc.– Sequence Number: Starts at
1, never recycle (optional)
Computer Computer ScienceScience
Two IPSec Base Protocols
• Encapsulating Security Payload (ESP)• Provides confidentiality and
authentication. Either is optional.• When not used, the NULL
algorithm defined in RFC-2410 is used.
• The authentication trailer must be omitted if not used.
• Either encryption or authentication (or both) must be enabled (NULL-NULL is an invalid option)
Computer Computer ScienceScience
Outline
• Internet Protocol– Datagram format– IPv4 addressing– NAT– IPv6
• IPSec– Security Association (SA)– IPSec Base Protocol (AH, ESP)– Encapsulation Mode (transport, tunnel)– Key Management
Computer Computer ScienceScience
Two Encapsulation Modes• IPsec defines two encapsulation modes for an IP packet
– Transport
– Tunnel
IP header
TCP header
data
IP header
TCP header
dataIPsec
header
IP header
TCP header
dataIPsec
headerIP
header
Original IP packet
Transport mode protected packet
Tunnel mode protected packet
Computer Computer ScienceScience
Transport mode
• Intercept Network layer packets Encrypt / Authenticate these packets preserving most of the original IP header
• End-to-end security between two hosts– Typically, client to gateway (e.g., PC to remote host)
• Requires IPSec support at each host
IP header TCP header data
IP header TCP header dataIPsec header
Original IP packet
Transport mode protected packet
Network
BA
Computer Computer ScienceScience
Tunnel Mode
• Gateway-to-gateway security– Internal traffic behind gateways not protected– Typical application: virtual private network (VPN)
• Only requires IPSec support at gateways
Computer Computer ScienceScience
Tunnel Mode Illustration
IPSec protects communication on the insecure part of the network
ImplementsIPSec
ImplementsIPSec
Computer Computer ScienceScience
Tunnel mode• Intercept Network layer packets
Encrypt / Authenticate these packets, while encapsulating the original IP packet entirely
IP header
TCP header
data
IP header
TCP header
dataIPsec
headerIP
header
Original IP packet
Tunnel mode protected packet
• Versatile and has many deployment modes– Host-to-host– Host-to-router (i.e. remote access)– Router-to-router (a.k.a. Gateway-to-gateway)
Computer Computer ScienceScience
Tunnel mode(Router-to-router / Gateway-to-gateway)
Nested packet format
Network
RB
3.3.3.12.3.2.2RA
2.2.2.11.1.1.2
HostB
3.3.3.2
HostA
1.1.1.1
Packet flow
Secure Tunnel
IP header TCP header dataIPsec header IP header
Src = 2.2.2.1Dst = 2.3.2.2
Src = 1.1.1.1Dst = 3.3.3.2
Computer Computer ScienceScience
Tunnel mode(Host-to-Router / Remote Access)
HostA
Secure Tunnel
Internet / Intranet
HostB
SGW
Computer Computer ScienceScience
• Transport mode secures packet payload and leaves IP header unchanged
• Tunnel mode encapsulates both IP header and payload into IPSec packets
Transport Mode vs. Tunnel Mode
IP header(real dest) IPSec header TCP/UDP header + data
IP header(gateway) IPSec header TCP/UDP header + dataIP header
(real dest)
Computer Computer ScienceScience
Encapsulation Modes
Transport Mode Tunnel Mode
AH
Authenticates IP payload and selected portions of IP header and
IPv6 extension headers
Authenticates entire inner IP packet plus selected
portions of outer IP header
ESPEncrypts IP payload and any IPv6
extension headerEncrypts inner IP packet
ESP with authentication
Encrypts IP payload and any IPv6 extesion header. Authenticates IP
payload but no IP header
Encrypts inner IP packet. Authenticates inner IP packet but no outer IP
header
Computer Computer ScienceScience
• Adds extra field to traditional IP packet• This is used to verify authenticity & integrity of
the packet
Before applying AH:
Transport Mode: data is authenticated, as
well as parts of IP header
Tunnel Mode: entire original packet
is authenticated + parts of new header
Authenticated (Data + orig IP header + parts of new header)
Authentication Header (AH)
Authenticated (Data + parts of IP header)
Computer Computer ScienceScience
• Protection against replay attack with use of sequence number
• Why have an Authentication-only protocol (AH)?– May be used where export/import/use of encryption is
restricted– Faster implementation– Receiver can choose whether expend the effort to
verify authenticity/integrity
Authentication Header (AH)
Computer Computer ScienceScience• Provides integrity and origin authentication
• Authenticates portions of the IP header• Anti-replay service (to counter denial of service)• No confidentiality
AH: Authentication Header
Next header(TCP) Payload length Reserved
Security parameters index (SPI)
Sequence number
ICV: Integrity Check Value
(HMAC of IP header, AH, TCP payload)
Identifies securityassociation (shared
keys and algorithms)
Anti-replay
Authenticates source,
verifies integrity ofpayload
Computer Computer ScienceScience
Prevention of Replay Attacks
• When SA is established, sender initializes 32-bit counter to 0, increments by 1 for each packet– If wraps around 232-1, new SA must be established
• Recipient maintains a sliding 64-bit window– If a packet with high sequence number is received, do
not advance window until packet is authenticated
Computer Computer ScienceScience
Original IP packet:
Transport Mode: only data is encrypted &
authenticated
Tunnel Mode: entire packet encrypted &
authenticated
Authenticated (optionally)
Encrypted
Authenticated (optionally)
Encrypted
Encapsulating Security Payload (ESP)
Computer Computer ScienceScience
ESP Packet
Identifies securityassociation (shared
keys and algorithms)
Anti-replay
TCP segment (transport mode)
orentire IP packet (tunnel
mode)Pad to block size for cipher,
also hide actual payload length
Type of payload
HMAC-based IntegrityCheck Value (similar to
AH)
Computer Computer ScienceScience
Encapsulating Security Payload (ESP)
• Content of IP packet is encrypted and encapsulated between header and trailer fields.
• Authentication data optionally added
Computer Computer ScienceScience
• Confidentiality and integrity for packet payload– Symmetric cipher negotiated as part of security assoc
• Provides authentication (similar to AH)• Can work in transport…
• …or tunnel mode
Authentication + Confidentiality (ESP)
encrypted
Original IPheader ESP header TCP/UDP segment ESP trailer ESP auth
authenticated
New IPheader
Original IPheaderESP header TCP/UDP segment ESP trailer ESP auth
Computer Computer ScienceScience
Combining Security Associations
• SAs can implement either AH or ESP• to implement both need to combine SAs
– form a security bundle
• have 4 cases (see next)
Computer Computer ScienceScience
Selection of Protocol Modes(Host-to-Host)
• Transport Mode• Tunnel Mode
Computer Computer ScienceScience
Selection of Protocol Modes(Router-to-Router)
• Tunnel Mode
Computer Computer ScienceScience
Selection of Protocol Modes(Pass-through IPSec)
• Tunnel mode for gateway-to-gateway• Transport mode / tunnel mode for host-to-host
Computer Computer ScienceScience
Selection of Protocol Modes(Remote access)
• Tunnel mode for host-to-gateway• Transport mode / tunnel mode for gateway-to-host
Computer Computer ScienceScience
Outline
• Internet Protocol– Datagram format– IPv4 addressing– NAT– IPv6
• IPSec– Security Association (SA)– IPSec Base Protocol (AH, ESP)– Encapsulation Mode (transport, tunnel)– Key Management
Computer Computer ScienceScience
Key Management in IPsec
• Generation and distribution of secret keys
• Manual– Sysadmin configures keys (doesn’t scale well)
• automated key management– automated system for on demand creation of keys
for SA’s in large systems– has Oakley & ISAKMP elements
Computer Computer ScienceScience
Oakley
• a key exchange protocol• based on Diffie-Hellman key exchange• adds features to address weaknesses
– cookies, groups (global params), nonces, DH key exchange with authentication
Computer Computer ScienceScience
Diffie-Hellman Setup
• all users agree on global parameters:– large prime integer or polynomial q– α a primitive root mod q
• each user (eg. A) generates their key– chooses a secret key (number): xA < q
– compute their public key: yA = αxA mod q
• each user makes public that key yA
Computer Computer ScienceScience
Diffie-Hellman Calculation
• shared session key for users A & B is KAB: KAB = α
xA.xB mod q
= yA
xB mod q (which B can compute)
= yB
xA mod q (which A can compute)
• KAB is used as session key in private-key encryption scheme between Alice and Bob
• if Alice and Bob subsequently communicate, they will have the same key as before, unless they choose new public-keys
• attacker know q and public key YA, not possible to calculate private key XA, nor shared session key
Computer Computer ScienceScience
ISAKMP
• Internet Security Association and Key Management Protocol (ISAKMP)
• provides framework for key management• defines procedures and packet formats to
establish, negotiate, modify, & delete SAs• independent of key exchange protocol,
encryption alg, & authentication method
Computer Computer ScienceScience
ISAKMP
Computer Computer ScienceScience
IPsec Benefits
• Provides a level of security for all applications.– Allows deployment of new/emerging applications that
may not have their own security.
• Transparent to transport layer• Transparent to end-users
– No need for training, key issue, key revocation, etc.
• Can be provided to individual users where needed (e.g. off-site workers)
• Extensible to new, stronger, cryptographic methods as these become available
Computer Computer ScienceScience
IPsec Drawbacks
• Processing performance overhead– Protection is applied to all traffic, though only a small
portion may be security-sensitive
• Blocks access to non-IPsec hosts• Hosts must have security association
– Not great for short-lived connections
• Not practical for broadcast
Computer Computer ScienceScience
Uses of IPsec
• Virtual Private Network (VPN) establishment– For connecting remote offices and users using
public Internet
• Low-cost remote access– e.g. teleworker gains secure access to company
network via local call to ISP
• Extranet connectivity– Secure communication with partners, suppliers, etc.
Computer Computer ScienceScience
Note on VPN concept
• Private Network– A set of computers connected together and
protected from the Internet (usually with a firewall)
– Traditionally made up of LAN(s) within individual locations. If needed, wide area (e.g. inter-branch) connection is made by secure leased telecommunications lines.
Computer Computer ScienceScience
Note on VPN concept
• Virtual Private Network (VPN)– Uses public (insecure) Internet for parts of
network connectivity
– Made possible by use of cryptography
– Can be enabled by IPsec or SSH tunnelling, among other methods
Computer Computer ScienceScience
Virtual Private Networks
(a) A leased-line private network. (b) A virtual private network.
Computer Computer ScienceScience
• A virtual private network (VPN) is the extension of a private network.
• A VPN enables you to send data between two computers across the Internet in a manner that emulates the properties of a point-to-point private link.
• To emulate a point-to-point link, data is encapsulated (or wrapped) with a header that provides routing information allowing it to traverse the Internet to reach its endpoint.
• To emulate a private link, the data being sent is encrypted for confidentiality.
Virtual Private Networks (VPNs)
Computer Computer ScienceScience
Components of a VPN Connection
• VPN server: A computer that accepts VPN connections from VPN clients.
• VPN client: A computer that initiates a VPN connection to a VPN server.
• Tunnel: The portion of the connection in which your data is encapsulated (or wrapped) according to a tunneling protocol.
• VPN connection: The portion of the connection in which your data is encrypted.
Computer Computer ScienceScience
VPN Connections
• Router-to-Router VPN connection
• Remote Access VPN connection
Computer Computer ScienceScience
Standards
• RFC2401 IPSec
• RFC2402 AH
• RFC2403 HMAC MD5
• RFC2404 HMAC SHA-1
• RFC2405 DES CBC with IV
• RFC2406 IP ESP
• RFC2407 DOI for ISAKMP
• RFC2408 ISAKMP
• RFC2409 IKE
Computer Computer ScienceScienceIPSec Document Overview
Computer Computer ScienceScience
Outline
• Internet Protocol– Datagram format– IPv4 addressing– NAT– IPv6
• IPSec– Security Association (SA)– IPSec Base Protocol (AH, ESP)– Encapsulation Mode (transport, tunnel)– Key Management