Pages

Tuesday, 8 May 2012

IPSec INTRODUCTION


IPSec INTRODUCTION





You need to know these terms in order to understand IPsec :-Advanced Encryption Standard (AES)—AES was finalized as a Federal Information Processing Standard (FIPS)-approved cryptographic algorithm to be used in order to protect electronic data transmission (FIPS PUB 197). AES is based on the Rijndael algorithm, which specifies how to use keys with a length of 128, 192, or 256 bits to encrypt blocks with a length of 128, 192, or 256 bits. All nine combinations of key length and block length are possible.

Authentication Header (AH)—This is a security protocol that provides authentication and optional replay-detection services. AH is embedded in the data to be protected, for example, a full IP datagram. AH can be used either by itself or with Encryption Service Payload (ESP).

Authentication—This is one of the functions of the IPsec framework. Authentication establishes the integrity of datastream and ensures that it is not tampered with in transit. It also provides confirmation about datastream origin.

Certification Authority (CA)—This is a third-party entity with the responsibility to issue and revoke certificates. Each device that has its own certificate and public key of the CA can authenticate every other device within a given CA domain. This term also applies to server software that provides these services.

Certificate—A cryptographically signed object that contains an identity and a public key associated with this identity.

Classic crypto—This is Cisco proprietary encryption mechanism used in Cisco IOS Software Release 11.2. Classic crypto is available in Cisco IOS Software Release 11.3. But, IPsec is not retrofitted to Cisco IOS Software Release 11.2. You can also see the name classic crypto referred to as Encryption Express or Cisco Encryption Technology (CET) in the marketing literature.

Certificate Revocation List (CRL)—This is a digitally signed message that lists all of the current but revoked certificates listed by a given CA. This is analogous to a book of stolen charge card numbers that allow stores to reject bad credit cards.

Crypto map—This is a Cisco IOS software configuration entity that performs two primary functions. First, it selects data flows that need security processing. Second, it defines the policy for these flows and the crypto peer that traffic needs to go to.
A crypto map is applied to an interface. The concept of a crypto map was introduced in classic crypto but was expanded for IPsec.

Data integrity—This is data integrity mechanisms, through the use of secret-key based or public-key based algorithms, that allow the recipient of a piece of protected data in order to verify that the data has not been modified in transit.

Data confidentiality—This is the method where protected data is manipulated so that no attacker can read it. This is commonly provided by data encryption and keys that are only available to the parties involved in the communication.

Data origin authentication—This is a security service where the receiver can verify that protected data might have originated only from the sender. This service requires a data integrity service plus a key distribution mechanism, where a secret key is shared only between the sender and receiver.

Data Encryption Standard (DES)—The DES was published in 1977 by the National Bureau of Standards and is a secret key encryption scheme based on the Lucifer algorithm from IBM. The contrast of DES is public-key. Cisco uses DES in classic crypto (40-bit and 56-bit key lengths), IPsec crypto (56-bit key), and on the PIX Firewall (56-bit key).

Diffie-Hellman—This is a method of the establishment of a shared key over an insecure medium. Diffie-Hellman is a component of Oakley, which is defined in this definition list.

DSS—A digital signature algorithm designed by The US National Institute of Standards and Technology (NIST) based on public key cryptography. DSS does not do user datagram encryption. DSS is a component in classic crypto, as well as the Redcreek IPsec card, but not in IPsec implemented in Cisco IOS software.

Encryption Service Adapter (ESA)—This is a hardware based encryption accelerator that is used in:

· Cisco 7204 and 7206 routers
· Second-generation Versatile Interface Processor2-40s (VIP2-40s) in all Cisco 7500 series routers
· VIP2-40 in the Cisco 7000 series routers that have the Cisco 7000 series Route Switch Processor (RSP7000) and Cisco 7000 series Chassis Interface (RSP7000CI) cards installed.IPsec does not use the ESA acceleration, but it does work in a box that has an ESA card on a software-only basis.

Encapsulating Security Payload (ESP)—A security protocol that provides data confidentiality and protection with optional authentication and replay-detection services. ESP completely encapsulates user data. ESP can be used either by itself or in conjunction with AH. Refer to RFC 2406: IP Encapsulating Security Payload (ESP) .

Hash—This is a one way function that takes an input message of arbitrary length and produces a fixed length digest. Cisco uses both Secure Hash Algorithm (SHA) and Message Digest 5 (MD5) hashes within our implementation of the IPsec framework. See the definition for HMAC for more information.

HMAC—This is a mechanism for message authentication that uses cryptographic hashes such as SHA and MD5. Refer to RFC 2104 for an exhaustive discussion of HMAC.

Internet Key Exchange (IKE)—A hybrid protocol that uses part Oakley and part of another protocol suite called SKEME inside the Internet Security Association and Key Management Protocol (ISAKMP) framework. IKE is used to establish a shared security policy and authenticated keys for services, such as IPsec, that require keys. Before any IPsec traffic can be passed, each router/firewall/host must be able to verify the identity of its peer. Manually enter pre-shared keys into both hosts, by a CA service, or the forthcoming secure DNS (DNSSec) in order to do this. This is the protocol formerly known as ISAKMP/Oakley, and is defined in RFC 2409: The Internet Key Exchange (IKE) . A potential point of confusion is that the acronyms ISAKMP and IKE are both used in Cisco IOS software in order to refer to the same thing. These two items are somewhat different.

Internet Security Association and Key Management Protocol (ISAKMP)—This is a protocol framework that defines the mechanics of the implementation of a key exchange protocol and negotiation of a security policy. ISAKMP is defined in the Internet Security Association and Key Management Protocol (ISAKMP).

IPsec NAT Transparency—The IPsec NAT Transparency feature introduces support for IP Security (IPsec) traffic to travel through Network Address Translation (NAT) or Point Address Translation (PAT) points in the network by addressing many known incompatibilities between NAT and IPsec. NAT Traversal is a feature that is auto detected by VPN devices. There are no configuration steps for a router that runs Cisco IOS Software Release 12.2(13)T and later. If both VPN devices are NAT-T capable, NAT Traversal is auto detected and auto negotiated.

ISAKMP/Oakley—See IKE.

Message Digest 5 (MD5)—This is a one way hashing algorithm that produces a 128-bit hash. Both MD5 and Secure Hash Algorithm (SHA) are variations on MD4, which is designed to strengthen the security of this hashing algorithm. SHA is more secure than MD4 and MD5. Cisco uses hashes for authentication within the IPsec framework.

Oakley—This is a key exchange protocol that defines how to acquire authenticated keying material. The basic mechanism for Oakley is the Diffie-Hellman key exchange algorithm. You can find the standard in RFC 2412: The OAKLEY Key Determination Protocol .

Perfect Forward Secrecy (PFS)—PFS ensures that a given IPsec SA key was not derived from any other secret, like some other keys. In other words, if someone breaks a key, PFS ensures that the attacker is not able to derive any other key. If PFS is not enabled, someone can potentially break the IKE SA secret key, copy all the IPsec protected data, and then use knowledge of the IKE SA secret in order to compromise the IPsec SAs setup by this IKE SA. With PFS, breaking IKE does not give an attacker immediate access to IPsec. The attacker needs to break each IPsec SA individually. The Cisco IOS IPsec implementation uses PFS group 1 (D-H 768 bit) by default.

Replay-detection—This is a security service where the receiver can reject old or duplicate packets in order to defeat replay attacks. Replay attacks rely on the attacker to send out older or duplicate packets to the receiver and the receiver to think that the bogus traffic is legitimate. Replay-detection is done by the use of sequence numbers combined with authentication, and is a standard feature of IPsec.

RSA—This is a public key cryptographic algorithm, named after its inventors, Rivest, Shamir and Adleman, with a variable key length. The main weakness of RSA is that it is significantly slow to compute compared to popular secret-key algorithms, such as DES. Cisco IKE implementation uses a Diffie-Hellman exchange in order to get the secret keys. This exchange can be authenticated with RSA, or pre-shared keys. With the Diffie-Hellman exchange, the DES key never crosses the network, not even in encrypted form, which is not the case with the RSA encrypt and sign technique. RSA is not a public domain, and must be licensed from RSA Data Security.

Security Association (SA)—This is an instance of security policy and keying material applied to a data flow. Both IKE and IPsec use SAs, although SAs are independent of one another. IPsec SAs are unidirectional and they are unique in each security protocol. A set of SAs are needed for a protected data pipe, one per direction per protocol. For example, if you have a pipe that supports ESP between peers, one ESP SA is required for each direction. SAs are uniquely identified by destination (IPsec endpoint) address, security protocol (AH or ESP), and security parameter index (SPI).
IKE negotiates and establishes SAs on behalf of IPsec. A user can also establish IPsec SAs manually.
An IKE SA is used by IKE only. Unlike the IPsec SA, it is bi-directional.

Secure Hash Algorithm (SHA)—This is a one way hash put forth by NIST. SHA is closely modeled after MD4 and produces a 160-bit digest. Because SHA produces a 160-bit digest, it is more resistant to brute-force attacks than 128-bit hashes (such as MD5), but it is slower.

Split Tunneling—This is the process of allowing a remote VPN user in order to access a public network, most commonly the Internet, at the same time that the user is allowed to access resources at the remote office. This method of network access enables the user to access remote devices, such as a networked printer and servers at the same time as to access the public network (Internet). An advantage of the use of split tunneling is that it alleviates bottlenecks and conserves bandwidth as Internet traffic does not have to pass through the VPN server. A disadvantage of this method is that it essentially renders the VPN vulnerable to attack as it is accessible through the public, non-secure network.

Transform—A transform describes a security protocol (AH or ESP) with its corresponding algorithms. For example, ESP with the DES cipher algorithm and HMAC-SHA for authentication.

Transport Mode—This is an encapsulation mode for AH/ESP. Transport Mode encapsulates the upper layer payload, such as Transmission Control Protocol (TCP) or User Datagram Protocol (UDP), of the original IP datagram. This mode can only be used when the peers are the endpoints of the communication. The contrast of Transport Mode is Tunnel Mode.

Tunnel Mode—This is the encapsulation of the complete IP Datagram for IPsec. Tunnel Mode is used on order to protect datagrams sourced from or destined to non-IPsec systems, such as in a Virtual Private Network (VPN) scenario

No comments:

Post a Comment