Sunday, July 4, 2010

A Tour inside IPSec Tunnel..

Internet Protocol security (IPsec) is a suite of protocols for securing network connections or a framework of open standards for protecting communications over Internet Protocol (IP) networks through the use of cryptographic security services. IPsec supports network-level peer authentication, data origin authentication, data integrity, data confidentiality (encryption), and replay protection.

IPsec provides mechanism, not policy: rather than define such-and-such encryption algorithm or a certain authentication function, it provides a framework that allows an implementation to provide nearly anything that both ends agree upon…I mean anything!! J

Terms used in IPSec

AH versus ESP

Authentication Header (AH) "Encapsulating Security Payload" (ESP) are the two main wire-level protocols used by IPsec. Where Authentication Header (AH) only authenticates ..ESP does both the encryption and authentication. Though, they independently used one from another ..Though,we can combine it and use it.

Tunnel mode versus Transport mode

Transport mode only encapsulates IP packets payload (data) ..where, the tunnel mode encapsulates entire IP packet and creates a secure end tunnel between two peers across the untrusted public Network (Internet).

MD5/SHA1 and DES/3DES/AES…

Setting up an IPsec connection involves all kinds of crypto choices ;

Authentication :

Authentication is performs Integrity Check Value (ICV) on the packets needs to be sent based on cryptographic hash algorithm such as MD5 or SHA. It incorporates a secret key only known for both the ends. ..and once packet will reach the destination ICV will be calculated and if the ICV of the sender is same as the recipient that means it successfully authenticated .

AH always provides authentication, and ESP does so optionally.

Encryption:

Encryption is to Modify the packet data in something unreadable format based on algorithms like DES,3DES or AES and which reversible to original format by decrypting these algorithms .

Main mode versus aggressive mode:

"Main mode" requires six packets back and forth, but affords complete security during the establishment of an IPsec connection, while Aggressive mode uses only 3 exchanges providing a bit less security because some information is transmitted in clear text. We will talk it in detail about this …

Main mode is preferred because:

· Main mode is partially encrypted, from the point at which the shared DH key is known to both peers.

· Main mode is less susceptible to Denial of Service (DoS) attacks. In main mode, the DH computation is performed after authentication. In aggressive mode, the DH computation is performed parallel to authentication. A peer that is not yet authenticated can force processor intensive Diffie-Hellman computations on the other peer.

In symmetric cryptographic systems, both communicating parties use the same key for encryption and decryption. The material used to build these keys must be exchanged in a secure fashion. Information can be securely exchanged only if the key belongs exclusively to the communicating parties.

IKE

The goal of the Internet Key Exchange (IKE) is for both sides to independently produce the same symmetrical key. This key then encrypts and decrypts the regular IP packets used in the bulk transfer of data between VPN peers. IKE builds the VPN tunnel by authenticating both sides and reaching an agreement on methods of encryption and integrity. The outcome of an IKE negotiation is a Security Association (SA) .

Need to be noted that this agreement upon keys and methods of encryption must also be performed securely. For this reason IKE is composed of two phases. The first phase lays the foundations for the second.

Diffie-Hellman (DH) is that part of the IKE protocol used for exchanging the material from which the symmetrical keys are built. The Diffie-Hellman algorithm builds an encryption key known as a "shared secret" from the private key of one party and the public key of the other.

IKE Phase I

During IKE Phase I:

1.The peers authenticate, either by certificates or via a pre-shared secret.

2.A Diffie-Hellman key is Generated. The nature of the Diffie-Hellman protocol means that both sides can independently create the shared secret, a key which is known only to the peers.

It happens something like this ;

a)From a pool of random bits , each side produces DH private key .

b)Each peer derives a public key from its private key .

c)Public keys are exchanged between these two sites .

d)Each side creates a shared secret from their own private key and the public key received from the peer ( we call it as shared key or DH key.

This DH key is used to exchange

3. Key material (random bits and other mathematical data) as well as an agreement on methods for IKE phase II are exchanged between the peers. It lays the foundation for the IKE Phase 2 (Quick mode/IPSec mode)

IKE Phase 2 :

IKE phase II is encrypted according to the keys and methods agreed upon in IKE phase I. The key material exchanged during IKE phase II is used for building the IPSec keys.

The outcome of phase II is the IPSec Security Association. The IPSec SA is an agreement on keys and methods for IPSec, thus IPSec takes place according to the keys and methods agreed upon in IKE phase II.

How things work in IKE Phase 2 :

a)Peer exchange more key material and agree upon encryption (AES.DES.3DES) and Integrity (MD5,SHA1) methods for IPsec.

b) DH keys created in Phase 1 will be combined with the key materials to produce Symmetrical IPSec key .

c)Symmetric IPsec keys used in Bulk data transfer.

In summary :

1.IKE negotiations builds the tunnel .

2.Ipsec keys used to create encrypted IP Packets for transferring the data.

3.Data payload is encrypted using the various encryption mechanism like DES,AES..

4.Data integrity is ensured with one-way hash functions like MD5,SHA1.

5.Data transfer over the tunnel.

Perfect Forward Secrecy (PFS)

Perfect Forward Secrecy (PFS) refers to the condition in which the compromise of a current session key or long-term private key does not cause the compromise of earlier or subsequent keys. Security gateways meet this requirement with a PFS mode. When PFS is enabled, a fresh DH key is generated during IKE phase II, and renewed for each key exchange.

However, because a new DH key is generated during each IKE phase I, no dependency exists between these keys and those produced in subsequent IKE Phase I negotiations. Enable PFS in IKE phase II only in situations where extreme security is required.

No comments: