Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
Traditional Connectivity
What is VPN?
Virtual Private Network is a type of private network that uses public telecommunication, such as the Internet, instead of leased lines to communicate.
VPN TOPOLOGY
How does a VPN work?
Remote Access: Remote access enables telecommuters and mobile workers to access e-mail and business applications. A dial-up connection to an organizations modem pool is one method of access for remote workers, but it is expensive because the organization must pay the associated long distance telephone and service costs. Remote access VPNs greatly reduce expenses by enabling mobile workers to dial a local Internet connection and then set up a secure IPSec-based VPN communications to their organization.
Intranets: Intranets connect an organizations locations. These locations range from the headquarters offices, to branch offices, to a remote employees home. Often this connectivity is used for e-mail and for sharing applications and files. While Frame Relay, ATM, and MPLS accomplish these tasks, the shortcomings of each limits connectivity. The cost of connecting home users is also very expensive compared to Internet-access technologies, such as DSL or cable. Because of this, organizations are moving their networks to the Internet, which is inexpensive, and using IPSec to create these networks.
Extranets: Extranets are secure connections between two or more organizations. Common uses for extranets include supply-chain management, development partnerships, and subscription services. These undertakings can be difficult using legacy network technologies due to connection costs, time delays, and access availability. IPSecbased VPNs are ideal for extranet connections. IPSec-capable devices can be quickly and inexpensively installed on existing Internet connections.
VPN Characteristics
Cheaper than WANs
dedicated leased lines are very expensive
Firewall based
Server based
Windows Routing and Remote Access Service NT supports only PPTP, W/2000 supports PPTP, L2TP and IPSec comes with everything needed to establish a VPN Linux Blowfish, Free S/WAN, PPP over SSL, PPTP, L2TP with IP masquerading/IP Chains and additional open source software can be used to create a very robust VPN UNIX many incorporating IPSec into their TCP/IP stacks Be aware that VPN traffic leaving your LAN traverses the LAN twice once to the RRAS service as regular LAN traffic, once encapsulated to the firewall
Benefits to Enterprise
Protocols
Operates at layer 2 or 3 of OSI model
Layer 2 frame Ethernet Layer 3 packet IP
Tunneling
allows senders to encapsulate their data in IP packets that hide the routing and switching infrastructure of the Internet to ensure data security against unwanted viewers, or hackers.
IP Security (IPSec)
Transport mode Tunnel mode
Most VPNs are really tunnels, whereby Point-to-Point Protocol (PPP) frames or IP packets are tunneled inside some other protocol. Microsoft Point-to-Point Tunneling Protocol (PPTP) (see the Layer 2 module) is a Layer 2 technique, where IP is used to encapsulate and transport PPP and IP packets to a corporate gateway or server. Cisco Layer 2 Forwarding (L2F) and Layer 2 Tunneling Protocol (L2TP) are also Layer 2 techniques. They simulate PPP connectivity directly from a client PC to a corporate gateway router or server.
Multiprotocol Label Switching (MPLS), generic routing encapsulation (GRE), and IPSec are, however, Layer 3 tunnels, where Layer 3 information is transported directly inside another Layer 3 header across the intervening SP network. The terms Layer 2 and Layer 3 may be imprecise when applied to VPNs. Some people consider Frame Relay and ATM to be Layer 2 VPNs. Others consider that to be an out-of-date usage of the term VPN.
Tunnelling
Contd..
Contd..
IPSec
Outline
Why IPSec? IPSec Architecture Internet Key Exchange (IKE) IPSec Policy discussion
43
IP is not Secure!
IP protocol was designed in the late 70s to early 80s
Part of DARPA Internet Project Very small network
All hosts are known! So are the users! Therefore, security was not an issue
44
Security Issues in IP
source spoofing replay packets no data integrity or confidentiality
DOS attacks
Fundamental Issue:
Goals of IPSec
to verify sources of IP packets
authentication
46
IPSec is an Internet Engineering Task Force (IETF) standard suite of protocols that provides data authentication, integrity, and confidentiality as data is transferred between communication points across IP networks. IPSec provides data security at the IP packet level. IPSec emerged as a viable network security standard because enterprises wanted to ensure that data could be securely transmitted over the Internet. IPSec protects against possible security exposures by protecting data while in transit.
IPSec Architecture
The IPSec Security Model
Secure
Insecure
48
IPSec Architecture
AH
Authentication Header
IPSec Security Policy
IPSec Architecture
IPSec provides security in three situations:
Host-to-host, host-to-gateway and gatewayto-gateway
50
IPsec Architecture
Transport Mode
Router
Router
Tunnel Mode
51
Various Packets
Original
IP header TCP header data
Transport mode
IP header
IPSec header
TCP header
data
Tunnel mode
IP header
IPSec header
IP header
TCP header
data
52
IPSec
A collection of protocols (RFC 2401)
Authentication Header (AH)
RFC 2402
53
54
AH Details
Use 32-bit monotonically increasing sequence number to avoid replay attacks Use cryptographically strong hash algorithms to protect data integrity (96-bit)
Use symmetric key cryptography HMAC-SHA-96, HMAC-MD5-96
55
AH Packet Details
New IP header
Next header Payload length Reserved
57
ESP Details
Same as AH:
Use 32-bit sequence number to counter replaying attacks Use integrity check algorithms
Only in ESP:
Data confidentiality:
Uses symmetric key encryption algorithms to encrypt packets
58
Data
Pad Pad length Next
Authentication Data
59
Question?
1. Why have both AH and ESP? 2. Both AH and ESP use symmetric key based algorithms
Why not public-key cryptography? How are the keys being exchanged? What algorithms should we use? Similar to deciding on the ciphersuite in SSL
60
61
IPsec/IKE Acronyms
Security Association (SA)
Collection of attribute associated with a connection Is asymmetric!
One SA for inbound traffic, another SA for outbound traffic Similar to ciphersuites in SSL
62
IPsec/IKE Acronyms
Security Parameter Index (SPI)
A unique index for each entry in the SADB Identifies the SA associated with a packet
63
SADB
SA-2
SPI
SPI
64
As SPD B
From A From A To B To B Protocol Any Protocol AH Port Any SPI 12 Policy AH[HMAC-MD5] SA Record HMAC-MD5 key
D
Tunnel Mode
As SADB
From
To
Port Any
Tunnel Dest D
Asub
From
Bsub
To
Cs SPD
Cs SADB
65
Asub
Bsub
How It Works
IKE operates in two phases
Phase 1: negotiate and establish an auxiliary end-to-end secure channel
Used by subsequent phase 2 negotiations Only established once between two end points!
66
IKE Phase 1
Goal: to establish a secure channel between two end points
This channel provides basic security features:
Source authentication Data integrity and data confidentiality Protection against replay attacks
67
IKE Phase 1
Rationale: each application has different security requirements But they all need to negotiate policies and exchange keys! So, provide the basic security features and allow application to establish custom sessions
68
IPSec (Phase 1)
Four different way to authenticate (either mode)
Digital signature Two forms of authentication with public key encryption Pre-shared key
IPSec (Phase 2)
Goal: to establish custom secure channels between two end points
End points are identified by <IP, port>:
e.g. <www.mybank.com, 8000>
Or by packet:
e.g. All packets going to 128.124.100.0/24
70
IPSec (Phase 2)
Only one mode: Quick Mode Multiple quick mode exchanges can be multiplexed Generate SAs for two end points Can use secure channel established in phase 1
71
IP Payload Compression
Used for compression Can be specified as part of the IPSec policy Will not cover!
72
IPSec Policy
IPsec Policy
Phase 1 policies are defined in terms of protection suites Each protection suite
Must contain the following:
Encryption algorithm Hash algorithm Authentication method Diffie-Hellman Group
74
IPSec Policy
Phase 2 policies are defined in terms of proposals Each proposal:
May contain one or more of the following
AH sub-proposals ESP sub-proposals IPComp sub-proposals Along with necessary attributes such as
Key length, life time, etc
75
Discussion
IPSec is not the only solution!
Security features can be added on top of IP!
e.g. Kerberos, SSL
Confused?
IP, IPSec protocols are very complex!
Two modes, three sub protocols
76
Discussion
Has it been used?
Yesprimarily used by some VPN vendors
But not all routers support it
77