IPSEC, short for IP Security, is a
suite of protocols, standards, and algorithms to secure traffic over an
untrusted network, such as the Internet. IPSEC is supported on both Cisco IOS
devices and PIX Firewalls.
IPsec is
not a single protocol, but a framework for securing IP communications.
IPsec Overview
- We can add IPsec to IPv4 or IPv6 by using additional headers.
- IPsec can then both encrypt and authenticate each IP packet of a session between hosts on a LAN or across the internet.
- If we look at security tools in the TCP/IP stack, we see that IPsec provides security at the network layer and can protect a much wider range of application than SSL.
IPsec has four main components:
- Security protocols:
- The security protocols include the Authentication Header (AH). Now this provides support for data integrity and authentication of IP packets.
- And the Encapsulating Security Payload (ESP) provides a combination encryption and authentication of IP packets.
- Key Management:
- Key management can either use manual, which is practical for small static environments, or automated using the Internet Key Exchange (IKE) in an enterprise network.
- Security Associations:
- Security Associations is a relationship between two entities and describes the components for the entities including the security protocols, algorithms, and keys required for the services requested for either the Encapsulating Security Payload protocol or the Authentication Header process.
- Algorithms:
- Now, within the security association, you see several different algorithms.
- Algorithms are essential in providing the following: Key exchange, integrity, encryption, and authentication.
IPsec Benefits
- IPsec provides flexibility in how it’s set up and what level of security is required.
- IPsec can protect one or more paths that include host to host, gateway to gateway, and outside host to the gateway.
- Services IPsec can provide include access control, integrity, authentication, preventing replay attacks, and confidentiality.
- IPsec provides security services at the IP layer by enabling a system to select required security protocols, determine the algorithm(s) to use for the service(s), and put in place any cryptographic keys required to provide the requested services.
- IPsec can be used to protect one or more "paths" between a pair of hosts, between a pair of security gateways, or between a security gateway and a host.
IPsec Framework
- On the left-hand side, we see the encapsulating security payload protocol which includes encryption algorithms such as AES cipher-block chaining mode.
- On the right, we see the authentication header protocol, which includes authentication algorithms such as SHA-256.
- And because cryptographic techniques and algorithms rely on keys, encompassing all of this thing is key management.
Because IPsec works at the network layer, it can then protect upper layer traffic.
The IPSEC standard is outlined in RFC 2401.
IPsec services
IPsec provides many services. IPSEC provides below four core services:
- Confidentiality – prevents the theft of data, using encryption. By encrypting our data, nobody except the sender and receiver will be able to read our data.
- Integrity – ensures that data is not tampered or altered, using a hashing algorithm. We want to make sure that nobody changes the data in our packets. By calculating a hash value, the sender and receiver will be able to check if changes have been made to the packet.
- Authentication – confirms the identity of the host sending data, using pre-shared keys or a Certificate Authority (CA). The sender and receiver will authenticate each other to make sure that we are really talking with the device we intend to.
- Anti-replay – prevents duplication of encrypted packets, by assigning a unique sequencing number. Even if a packet is encrypted and authenticated, an attacker could try to capture these packets and send them again. By using sequence numbers, IPsec will not transmit any duplicate packets.
It provides:
- Confidentiality using encryption
- Integrity using hash algorithms
- Authentication using key exchange
- Secure key exchange using Diffie-Hellman.
Confidentiality and Encryption
Data sent in clear text across the
Internet can easily be intercepted and stolen. Because of this, sensitive data
should be encrypted when sent across an untrusted network or domain. Keys are generated
values used to both encrypt and decrypt data. The longer the key, the more
secure that key is. The length of a key is measured in bits.
Two types of keys exist:
- Symmetric keys can be used to both encrypt and decrypt data. More specifically, the same key is used to both encrypt a packet (at the sending device) and then decrypt that packet (at the receiving device).
- Symmetric key encryption is efficient but does not scale well in large environments.
- Symmetric keys are not openly shared during data transmit and must instead be installed on each machine prior to the transfer of data.
- This can be accomplished using a variety of (inefficient and insecure) methods: email, sneaker-net, and even snail-mail.
- Each device on a network would require every other device’s symmetric key, and thus the lack of scalability.
- Asymmetric keys require a separate key for encryption (the public key) and decryption (the private key).
- Public keys are openly exchanged between devices to encrypt data during transfer.
- Private keys are never exchanged. Only the private keys can decrypt the data.
- Thus, even if the data and the public keys were intercepted, confidentiality is ensured.
A variety of popular standards and protocols utilize D-H key exchange, including SSL (Secure Socket Layer), SSH (Secure Shell), and IPSEC.
The generated public keys encrypt data payload using one of several available encryption algorithms:
- DES (Data Encryption Standard) – 56-bit key
- 3DES (Triple Data Encryption Standard) – 168-bit key
- AES (Advanced Encryption Standard) - 128, 192, or 256-bit key
- Blowfish – up to a 448-bit key
Additionally, the strength of a
key is determined by the D-H group used to generate that key. There are several
D-H groups:
- Group 1 – 768 bits
- Group 2 – 1024 bits
- Group 5 – 2048 bits
Data Integrity and Hashing
Data sent across the Internet can
not only be stolen but can also be maliciously altered.
To combat this, a hashing
algorithm computes and appends a specific hash value as each packet is sent.
Once the data is received, it is run through the hashing algorithm again. If
the hash value is different, the packet was altered in transit.
Hashed Message Authentication Code
(HMAC) is used to perform this hashing function. HMAC utilizes a secret key
when computing the hash value, thus preventing an attacker from altering the
packet and then recomputing the correct hash.
Two HMAC algorithms are commonly
used:
- HMAC-MD5 (Message-Digest 5) – 128-bit hashed key
- HMAC-SHA1 (Secure Hash Algorithm) – 160-bit hashed key
Authentication using key exchange
Another concern when sending data across the Internet is the source or origin of that data.
It is possible to
masquerade or spoof one’s identity or address.
For an IPSEC VPN tunnel to be
established, both sides of the tunnel must be authenticated.
To accomplish
this, either pre-shared keys or RSA digital signatures are used.
- When using pre-shared keys, a secret string of text is used on each device to authenticate each other. This string must be pre-agreed upon and identical on each device. This string is then hashed into a digital signature.
- When using RSA Digital signatures, a Certificate Authority (CA) is used to apply a verified digital signature.
Certificate Authorities
Remember, two methods exist to
authenticate an IPSEC tunnel:
- When using pre-shared keys, a secret string of text is used on each device to authenticate each other. This string must be pre-agreed upon and identical on each device. This string is then hashed into a digital signature.
- When using RSA Digital signatures, a Certificate Authority (CA) is used to apply a verified digital signature. This provides a more scalable solution than pre-shared keys.
The certificate process works as
follows:
- First, a client creates a “blank” or unsigned certificate, and sends it to the CA. Included on this blank certificate is the client’s ID. This communication is secured using a D-H private/public key exchange.
- Next, the CA computes an encrypted hash, which is applied to the blank certificate. Thus, the certificate is now signed with the CA’s digital signature. The signed certificate is sent back to the client, where it is stored until it is deleted or expires.
- The client then sends the signed certificate, along with its keys, to any VPN peers, “authenticating” its origin.
REMEMBER: Digital signatures, and Certificate Authority servers,
are not used to encrypt data. Instead, the digital signatures are used to
authenticate a device’s keys. Essentially, the digital signature gives the key
a stamp of authenticity.
Obviously, one must “trust” the CA
that signs these digital certificates. This is why third-party CAs are often
used, such as VeriSign or Entrust.
Cisco IOS devices can function
with several CA vendors:
- Microsoft Windows Certificate Services
- Entrust
- VeriSign
This is available on the server Resource Kit for Windows Certificate Servers.
Configure
IPsec
- The network administrator has flexibility in the way they can configure IPsec.
- During configuration, when preparing the site for IPsec, the device will list the most current options. And then once the network administrator has made the selection, IPsec will then create the security association.
- A security association is a relationship between two entities and describes the components for the entities, including the security protocols, algorithms and key required for the services requested.
- And then both sides must share the same security association.
Final IPsec Frameworks
As a framework, IPsec uses a variety of protocols to implement the features as described above. Here’s an final overview:
IPsec can be used on many different devices, it’s used on routers, firewalls, hosts and servers. Here are some examples how you can use it:
- Between two routers to create a site-to-site VPN that “bridges” two LANs together.
- Between a firewall and windows host for remote access VPN.
- Between two linux servers to protect an insecure protocol like telnet.
Key Management
Now, key
management is also another consideration, and, in most cases, the network
administrator will opt for dynamic key exchange, and this allows the VPN servers
on each end of the connection to negotiate new keys at specified intervals using
internet key exchange.
Now,
Internet Key Exchange (IKE) is a protocol used to setup security association in
IPsec.
This provides
a standard method for dynamically authenticating IPsec peers, negotiating
security services and generating shared keys.
IKE Functions
Internet
Key Exchange (IKE) has two distinct functions.
- ISAKMP (Internet Security Association and Key Management Protocol, defines procedures for authenticating a communicating peer, and the creation and management of security association key generation techniques.
- Oakley is a key distribution process that supports perfect forward secrecy. Oakley allows the devices to exchange keys using Diffie-Hellman key exchange algorithm.
Now, in later section will take a closer look at each of the different components.