Psec

IPsec is best thought of as a set of features that protects IP data as it travels from one location to another. The locations involved in the VPN typically define the type of VPN. A location could be an end client (such as a PC), a small remote office, a large branch office, a corporate headquarters, a data center, or even a service provider. The combination of any two of these locations determines the type of VPN in use. For example, a small remote office connecting to a corporate headquarters would be a site-to-site VPN.

It is important to remember that IPsec can protect only the IP layer and up (transport layer and user data). IPsec cannot extend its services to the data link layer. If protection of the data link layer is needed, then some form of link encryption is needed. Such encryption is typically performed within a trusted infrastructure, where the security of the link can be assured. Such encryption is not feasible in the Internet because intermediate links are not controlled by the end users.

Often, the use of encryption is assumed to be a requirement of IPsec. In reality, encryption, or data confidentiality, is an optional (although heavily implemented) feature of IPsec. IPsec consists of the following features, which are further explained later in this chapter:

■ Data confidentiality

■ Data integrity

■ Data origin authentication

The features, or services, of IPsec are implemented by a series of standards-based protocols. It is important that the implementation of IPsec is based on open standards to ensure interoperability between vendors. The IPsec protocols do not specify any particular authentication, encryption algorithms, key generation techniques, or security association (SA) mechanisms. The three main protocols that are used by IPsec are as follows:

■ Internet Key Exchange (IKE)

■ Encapsulating Security Payload (ESP)

■ Authentication Header (AH)

These protocols are detailed a bit later in this chapter in the section "IPsec Protocols." It is important to understand that these protocols are based on open standards. IPsec uses the preceding protocols to establish the rules for authentication and encryption, and existing standards-based algorithms provide the actual means of authentication, encryption, and key management.

Remember that IPsec is used to protect the flow of data through a VPN. However, a VPN does not necessarily imply that the contents are protected. A VPN can simply be a tunnel, or link, between two endpoints. As such, a new outer header or tag may be applied, but the internal contents are still available for inspection to anyone between the endpoints. So, an IPsec VPN can be considered safe and protected, while other types of VPNs might not share this luxury.

IPsec Features

As noted earlier, the primary features of IPsec consist of the following:

■ Data confidentiality

■ Data integrity

■ Data origin authentication (peer authentication)

It is important to understand the meaning of each of these features. The protocols that implement these features are covered later in this chapter.

Data confidentiality involves keeping the data within the IPsec VPN private between the participants of the VPN. As noted earlier, most VPNs are used across the public Internet. As such, it is possible for data to be intercepted and examined. In reality, any data in transit is subject to examination, so the Internet should not be viewed as the only insecure media.

Data confidentiality involves the use of encryption to scramble the data in transit. Encrypted packets cannot be easily, if ever, understood by anyone other than the intended recipient. The use of encryption involves the selection of an encryption algorithm and a means of distributing encryption keys to those involved. IPsec encryption algorithms are covered later in this chapter.

Data confidentiality, or encryption, is not required for IPsec VPNs. More often than not, packets are encrypted as they pass through the VPN. But data confidentiality is an optional feature for IPsec.

Data integrity is a guarantee that the data was not modified or altered during transit through the IPsec VPN. Data integrity itself does not provide data confidentiality. Data integrity typically uses a hash algorithm to check if data within the packet was modified between endpoints. Packets that are determined to have been changed are not accepted.

Data origin authentication validates the source of the IPsec VPN. This feature is performed by each end of the VPN to ensure that the other end is exactly who you want to be connected to. Note that the use of the data origin authentication feature is dependent upon the data integrity service. Data origin authentication cannot exist on its own.

Anti-replay ensures that no packets are duplicated within the VPN. This is accomplished through the use of sequence numbers in the packets and a sliding window on the receiver. The sequence number is compared to the sliding window and helps detect packets that are late. Such late packets are considered duplicates, and are dropped. Like data confidentiality, anti-replay is considered an optional IPsec feature.

IPsec Protocols

IPsec consists of three primary protocols to help implement the overall IPsec architecture:

■ Internet Key Exchange (IKE)

■ Encapsulating Security Payload (ESP)

■ Authentication Header (AH)

Together, these three protocols offer the various IPsec features mentioned earlier. Every IPsec VPN uses some combination of these protocols to provide the desired features for the VPN.

Internet Key Exchange (IKE) is a framework for the negotiation and exchange of security parameters and authentication keys. The IPsec security parameters will be examined later in the "Internet Key Exchange (IKE)" section. For now, it is important to understand that there are a variety of possible options between two IPsec VPN endpoints. The secure negotiation of these parameters used to establish the IPsec VPN characteristics is performed by IKE.

IKE also exchanges keys used for the symmetrical encryption algorithms within an IPsec VPN. Compared to other encryption algorithms, symmetrical algorithms tend to be more efficient and easier to implement in hardware. The use of such algorithms requires appropriate key material, and IKE provides the mechanism to exchange the keys.

Encapsulating Security Payload (ESP) provides the framework for the data confidentiality, data integrity, data origin authentication, and optional anti-replay features of IPsec. While ESP is the only IPsec protocol that provides data encryption, it also can provide all of the IPsec features mentioned earlier. Because of this, ESP is primarily used in IPsec VPNs today. The following encryption methods are available to IPsec ESP:

■ Data Encryption Standard (DES)—An older method of encrypting information that has enjoyed widespread use.

■ Triple Data Encryption Standard (3DES)—A block cipher that uses DES three times.

■ Advanced Encryption Standard (AES)—One of the most popular symmetric key algorithms used today.

Authentication Header (AH) provides the framework for the data integrity, data origin authentication, and optional anti-replay features of IPsec. Note that data confidentiality is not provided by AH. AH ensures that the data has not been modified or tampered with, but does not hide the data from inquisitive eyes during transit. As such, the use of AH alone in today's networks has faded in favor of ESP. Both AH and ESP use a Hash-based Message Authentication Code (HMAC) as the authentication and integrity check. Table 12-2 shows the HMAC hash algorithms in IPsec.

Table 12-2 Hash Algorithms

Hash Algorithm

Input

Output

Used by IPsec

Message Digest 5 (MD5)

Variable

128 bits

128 bits

Secure Hash Algorithm (SHA-1)

Variable

160 bits

First 96 bits

Both MD5 and SHA-1 use a shared secret key for both the calculation and verification of the message authentication values. The cryptographic strength of the HMAC is dependent upon the properties of the underlying hash function. Both MD5 and SHA-1 take variable-length input data and create a fixed-length hash. The difference is the size and strength of the hash created. Although IPsec uses only the first 96 bits of the 160-bit SHA-1 hash, it is considered more secure than MD5 (although SHA-1 is computationally slower than MD5).

IPsec Modes

IPsec defines two modes that determine the extent of protection offered to the original IP packet. Remember that the IPsec header follows an IP header, because it is referenced by an IP protocol number. As such, encryption and integrity services can be offered only beyond the IP header. The two IPsec modes are tunnel mode and transport mode.

When IPsec headers are simply inserted in an IP packet (after the IP header), it is called transport mode. In transport mode, the original IP header is exposed and unprotected. Data at the transport layer and higher layers benefits from the implemented IPsec features. Another way to think of this is that transport mode protects the transport layer and up. As such, when the IPsec packet travels across an untrusted network, all of the data within the packet is safe (based on the IPsec services selected). Devices in the untrusted network can see only the actual IP addresses of the IPsec participants.

IPsec offers a second mode called tunnel mode. In tunnel mode, the actual IP addresses of the original IP header, along with all the data within the packet, are protected. Tunnel mode creates a new external IP header that contains the IP addresses of the tunnel endpoints (such as routers or VPN Concentrators). The exposed IP addresses are the tunnel endpoints, not the device IP addresses that sit behind the tunnel end points. Figure 12-1 shows the two IPsec modes compared to a "normal" IP packet.

Figure 12-1 IPsec Modes

Generic Frame/Packet

IP Frame/Packet

Generic Frame/Packet

IP Frame/Packet

L2 Header

L3 Header

L4 Header

Data

L2 Header

IP Header

TCP/UDP Header

Data

Transport Mode

L2

IP

ESP or

TCP/UDP

Data

Header

Header

AH

Header

Tunnel Mode

L2

New IP

ESP or

IP

TCP/UDP

Data

Header

Header

AH

Header

Header

As mentioned earlier, the endpoints of the IPsec tunnel can be any device. Figure 12-1 shows routers as endpoints, which might be used for site-to-site VPNs (explained in Chapter 13, "Site-to-Site VPN Operations"). It is also important to remember that the concept of a VPN tunnel is used with both VPN modes—transport and tunnel. In transport mode, the packet contents are protected between the VPN endpoints, whereas in tunnel mode, the entire original IP packet is protected.

IPsec Headers

Both AH and ESP are implemented by adding headers to the original IP packet. The IPsec VPN uses AH or ESP, or both (but the use of AH along with ESP has no appreciable benefit). Remember that ESP implements all of the IPsec features mentioned earlier, while AH offers all features except data confidentiality. Both AH and ESP are recognized by their particular IP protocol numbers, which makes each a transport layer protocol. AH and ESP are recognized by their respective IP protocol numbers (51 and 50).

The placement of these headers means that the IPsec features that they provide (confidentiality and integrity) can only be for portions of the IP packet that follow the AH or ESP header.

Figure 12-2 shows how the ESP and AH headers are applied to an existing IP packet. Both transport and tunnel modes are shown for comparison.

Figure 12-2 AH and ESP Headers

Figure 12-2 AH and ESP Headers

Frame/ Packet

Transport Mode

AH Tunnel Mode

ESP Transport Mode

ESP Tunnel Mode

L2

IP

TCP/UDP

Data

Header

Header

Header

ESP Transport Mode

L2 Header

IP Header

AH Header

TCP/UDP Header

Data

Authenticated

L2 Header

New IP Header

AH Header

IP Header

TCP/UDP Header

Data

Authenticated

L2 Header

IP Header

ESP Header

TCP/UDP Header

Data

ESP Trailer

ESP Auth

Encrypted

Authenticated

ESP Tunnel Mode

L2 Header

New IP Header

ESP Header

IP Header

TCP/UDP Header

Data

ESP Trailer

ESP Auth

Encrypted

Authenticated

As shown in Figure 12-2, AH authenticates the entire packet after the Layer 2 header. If ESP authentication is used, the outer IP header is not authenticated. Also note that if ESP performs both encryption and authentication, encryption occurs first, and then the encrypted contents along with the ESP headers are authenticated.

Peer Authentication

As described thus far, IPsec has the capability to protect data in transit. It can encrypt the data to prevent those in the middle from seeing it (data confidentiality), and it can ensure that the data has not been modified while in flight (data integrity). However, these functions lose their appeal if one VPN endpoint is not sure of whom the other endpoint truly is. IPsec can secure the data transfer, but before such services are employed, the endpoints of the IPsec VPN must be validated.

The concept of peer authentication certifies that the remote IPsec endpoint is truly who it says it is. There are five different methods to authenticate an IPsec peer:

■ Username and password—A username and password must be predefined and preconfigured in the IPsec endpoints. As such, they are typically used for long periods of time. They are generally not considered very safe, because if someone guesses or learns the username/ password combination, that person can establish an IPsec connection with you.

■ One-time password (OTP)—An OTP is typically implemented as a personal identification number (PIN) or a transaction authentication number (TAN). Such numbers are good for only one IPsec instantiation. If someone were to learn of an old OTP, it would be useless to establish a new IPsec connection.

■ Biometrics—Biometric technologies analyze physical human characteristics, such as fingerprints, hand measurements, eye retinas and irises, voice patterns, and facial patterns. Such characteristics are difficult, if not impossible, to duplicate. Any combination of these can be used to authenticate a person, and thus provide assurance of who is at the other end of the IPsec connection.

■ Preshared keys—Preshared keys are similar to the username/password concept. In this case, a single key (value) is preconfigured in each IPsec peer. Like the username/password, it is important that such manually configured information remain safeguarded. If someone were able to determine the preshared key, they would have the ability to establish an IPsec connection with you.

■ Digital certificates—Digital certificates are a very popular way to authenticate people and devices. Typically, a digital certificate is issued to a device from a trusted third-party certification authority (CA). This certificate is only good for the machine it was issued to.

When that device needs to authenticate, it presents its certificate, which is then validated against the third-party CA. If another device attempts to use the certificate, the authentication will fail.

Was this article helpful?

0 0

Post a comment