Chapter 9: IP Security Flashcards
What three functional areas does IP-level security encompass?
- Authentication
- Confidentiality
- Key management
What is the principal feature of IPSec?
It can can encrypt and/or authenticate ALL traffic at the IP level
What are some benefits of IPSec?
- When implemented in a firewall or router it provides strong security for all traffic passing through the perimeter.
- Is resistant to bypass in a firewall –> if all outside traffic must use IP AND firewall is the only way in.
- Below TCP, UDP and is transparent to applications.
- Can be transparent to end users. No training needed.
- Can provide security for individual users if needed.
What two protocols are used to provide security?
Application Header (AH)
Encapsulating Security Payload (ESP)
What security services does IPSec provide?
- Access control
- Connection-less integrity
- Data origin authentication
- Rejection of replayed packets
- Confidentiality
- Limited traffic flow confidentiality
What is the transport mode?
It provides protection primarily for upper-layer protocols. The protection extends to the payload of an IP packet (IPv4 datagram/IPv6 packet)
Examples: TCP/UDP segment or ICMP packet.
Typically used for end-to-end communication between two hosts.
What is tunnel mode?
It provides protection to the entire IP packet.
The entire packet + security fields are treated as the payload of a new outer IP packet with a new outer IP header.
The entire original , inner, packet travels through a tunnel from one point of an IP network to another; not routers along the way are able to examine the inner IP header.
When is tunnel mode used?
When one or both ends of a security association are a security gateway, such as a firewall or router that implements IPSec.
What is a security association (SA)?
It is a one-way logical connection between a sender and a receiver that affords security services to the traffic carried on it.
If a peer relationship is needed for a two-way secure exchange, then two SAs are required.
What three parameters uniquely identify a SA?
- Security Parameters Index (SPI): Carried in headers to enable the receiving system to select the SA under which a received packet will be processed.
- IP destination
- Security protocol ID: if it is an AH or ESP SA
What is a SAD?
A security association database. It defines the parameters associated with each SA.
What is a security policy database (SPD)?
The means by which IP traffic is related to specific SAs. In its simplest form it contains entries, each of which defines a subset of IP traffic and points to an SA for that traffic.
What are the 5 steps for processing outbound packets?
- Search the SPD for a match
- Match = false –> packet is discarded and error message generated
- Match = true –> processing is determined by the first matching entry in the SPD. Policy = DISCARD or BYPASS. If BYPASS –> forwarded with no further processing.
- Policy = PROTECT, then a SAD search to find a matching entry. If no entry found –> IKE is invoked to create an SA
- The matching entry in the SAD determined the processing for this packet. I.e. encryption/authentication, tunnel/transport. The packet is then forwarded.
What are the 3 steps for processing inbound packets?
- Determines if is unsecured or has an AH or ESP header.
- Unsecured = true –> search SPD for match. If BYPASS –> forward. If PROTECT or DISCARD or no match –> discard.
- Secured = true –> search SAD. No match = discard. Match = applies appropriate processing. Packet is delivered to the next higher layer.
Which parts of an ESP packet are encrypted?
payload data
padding
pad length
next header
What fields are in and ESP packet?
SPI
Sequence number
Payload data
Padding
Pad length
Next header
Integrity check value
Conditional fields:
IV
traffic flow confidentiality
How does the anti-replay service work for ESP packets?
It used the sequence number to thwart that attack.
When a new SA is established the sender init a sequence number counter to 0. Each time a packet is sent on this SA, the counter is incremented. When anti-replay is enabled the sequence number must not cycle past 2^32 - 1 back to 0. If the limit is reached a new SA must be created.
How does transport mode work for ESP?
Encrypts and optionally authenticates the data.
The transport-level segment and the ESP trailer = encrypted. Authentication covers ciphertext and ESP header.
- Source –> encrypts and (optionally) authenticates.
- Routed to the destination. Intermediate routers examine and process the IP header.
- Destination examines and processed the IP header. Then decrypts it.
Drawback = traffic analysis is possible
How does tunnel mode work for ESP?
- Source prepare an inner IP packet, prefixed by an ESP header. the packet and trailers are encrypted and (optionally) authenticated. Encapsulated with a new IP header, destination header = firewall; forms the outer IP packet.
- Outer packet is routed to the destination firewall. Intermediate routers examine the outer IP header.
- Destination firewall examined and processes outer IP header. Decrypts and transmits in the internal network.
- The inner packet is routed to its destination
What is IKE?
Internet Key Exchange. It is the key management of IPSec.
What is the automated key management protocol referred to as and what elements does it consist of?
ISAKMP/Oakley
Oakley key determination protocol: key exchange based on Diffie-Hellman with added security.
Internet security association and key management protocol provided:
1. framework for internet key management
2. framework for specific protocol support (incl. formats and negotiation of security attributes.
Recall the pros and cons of Diffie-Hellman
Pros:
1. Secret keys only created when needed. No long term storage of keys.
2. Exchange requires no pre-existing infrastructure
Cons:
1. Provides no info about identities
2. MITM attack when employing the basic implementation
3. Computationally intensive
What are the five important features of IKE that retains the advantages of DH and counters the weaknesses?
- Cookies to thwart clogging attacks
- Enables two parties to negotiate a group:
- global parameters of DH exchange
- ID of the algorithm - Uses nonces to ensure against replay attacks
- Enabled exchange of DH public key values
- Authenticates DH exchange to thwart MITM attacks:
- Digital signatures
- Public-key
- Symmetric-key
How does the cookie exchange work?
- Requires that each side send a pseudorandom number, the other side acknowledges.
- Repeat in the 1st msg of the DH exchange
- Recommended method to create it is to use a fast hash over the IP source and destination addresses, UDP source and destination ports and a locally generated secret value.
What is the IKE working procedure?
- Traffic requiring IPSec protection is processed
- Establish a secure authenticated channel (IKE SA)
- Creating two IPSec SAs between the IPSec peers
- Data is transmitted
The first two pairs of exchanges are referred to as the initial exchanges, what do they do?
- Two peers exchange information concerning cryptographic algorithms and other security parameters, along with nonces and DH values.
The result is a special SA called IKE SA –> defines parameters for a secure channel between peers
- Two parties authenticate each other and set up a fist IPSec SA to be placed in the SAD(B). Used to protect ordinary (i.e. non-IKE) communication.
What does CREATE_CHILD_SA exchange do?
Used to establish further SAs for protecting traffic
What is the purpose of the informational exchange?
Exchange management information, IKEv2 error messages + other notifications
