453 Network Security


Nov 2, 2013 (4 years and 6 months ago)


453 Network Security

Section 7: IPSec/SSL

Dr. E.C. Kulasekere

Sri Lanka Institute of Information


IP Security

S/MIME (Multipurpose Internet Main
Extension), PGP, Kerberos are some
examples of application specific security

However there are security concerns that
cut across protocol layers

Would like security implemented by the
network for all applications, even for
ignorant applications.

Need for IP Security

Here is an example of a secure private
TCP/IP network with

Disallowing links to untrusted sites

Encrypting packets that leave the premises

Authenticating packets that enter the

All of the above varying requirements can
be met if you provide IP level security.

With IP security applications of all kinds
will be covered.


The functional areas general IP Security
mechanisms provides

Authentication: This provides source

Confidentiality: encryption

key management: transfer of keys securely.

applicable to use over LANs, across public
& private WANs, & for the Internet

IP Security Overview

This was introduced to address: IP
Spoofing, eavesdropping, packet sniffing

Came after IPv4, actually for IPv6. But can
also be used with IPv4.

The principle feature of IPsec is that it
supports varied applications and
authenticate all traffic at the IP level. This
is primarily good for distributed

Applications of IPsec

Secure branch office connectivity over the

A company can build a secure VPN over the

Hence the internet is used heavily and no
private network is required.

Saving in cost and network management
overhead is the end result.

Applications of IPsec

Secure remote access over the internet.

The office system has to be equipped with

The user dials into the ISP and then gains
access securely to the company network.

This reduces the toll charges for traveling
employees and telecommuters.

Enhancing e
commerce security

Web and eCommerce applications have built
in security protocols, the use of IPsec will
enhance this.

IPSec Uses

Benefits of IPSec

in a firewall/router provides strong security
to all traffic crossing the perimeter. The
traffic within the company or workgroup
will not incur additional overhead.

is resistant to bypass in a firewall.

is below transport layer, hence transparent
to applications

can be transparent to end users as well.

can provide security for individual users if

Routing Applications of IPsec

In addition to protecting the premises and
users it will additionally play a role in
routing architectures in internetworking. It
can assure that

A router advertisement comes from an
authorized router.

A neighbor advertisement comes from an
authorized router.

A redirect message comes from the router to
which the initial packet was sent.

A routing update is not forged.

IP Security Architecture

specification is quite complex

defined in numerous RFC’s

incl. RFC 2401/2402/2406/2408

many others, grouped by category

mandatory in IPv6, optional in IPv4. In
both cases the security features are
implemented as extension headers that
follow the main IP header.

Areas Addressed in the IPsec

Architecture. General concepts and

Encapsulating security payload (ESP):
packet format for encryption.

Authentication header (AH): packet format
for authentication.

Encryption algorithm: different algorithms.

Key management:

IPSec Services

Access control

Connectionless integrity

Data origin authentication

Rejection of replayed packets

a form of partial sequence integrity

Confidentiality (encryption)

Limited traffic flow confidentiality

IPsec Services Provided by AH and ESP

Security Associations (SA)

This is the key concept common to both
authentication and confidentiality.

An association is a one
way relationship
between the sender and the receiver that
affords security services to the traffic carried
on it.

If this is required to have a two way secure
communication, then TWO SAs are required.

Security services are afforded to an SA for
the use of AH or ESP, but not both. Since
both require different packet formats which
cannot be achieved simultaneously

Security Associations

defined by 3 parameters:

Security Parameters Index (SPI): only of local
significance. The SPI is carried in AH and ESP
headers to enable the receiving system to select the
SA under which a received packet will be processed.

IP Destination Address: The address of the
destination endpoint of the SA eg. End user system
firewall or router

Security Protocol Identifier: This indicates whether the
association is an AH or ESP security association.

has a number of other parameters: seq no, AH & EH
info, lifetime etc

have a database of Security Associations: Security
policy database (SPD)

Modes of Use for AH and ESP

Transport Mode: This mode provides
protection primarily for upper layer

ESP in transport mode encrypts and
optionally authenticates the IP payload but not
the IP header (used for end

AH in transport mode authenticates the IP
payload and selected portions of the IP

Modes of Use for AH and ESP

Tunnel Mode: This mode provides
protection to the entire packet.

After the AH and ESP fields are added to the
IP packet, the entire packet plus the security
fields are treated as the payload of new
`outer’ IP packet with a new outer IP header.

No routers on the way are able to examine
the inner IP header.

Since the total is encapsulated, the
destination and source addresses may be
completely different adding security to the
packet during transition.

Tunnel and Transport Mode

Authentication Header (AH)

provides support for data integrity &
authentication of IP packets in transit

end system/router can authenticate user/app

prevents address spoofing attacks by tracking
sequence numbers

based on use of a MAC

96 or HMAC

parties must share a secret key

Authentication Header (pp.491)

Replay Service

This is the type of attack where the
attacker obtains a copy of an
authenticated packet and later transmit it
to the intended destination.

This is circumvented using the sequence

The sequence number is initialized when
the new SA is established and then
incremented for each subsequent packet.

Replay Service …

Since IP is connectionless, the delivery of the
packet is not guaranteed. Hence the receiver
implements a window size of W before it
determines that the packet expires.

Transport & Tunnel Modes


pp. 495

Encapsulating Security Payload (ESP)

message content confidentiality &
limited traffic flow confidentiality

can optionally
provide the same
authentication services as AH

supports range of ciphers, modes, padding

incl. DES, Triple

CBC most common

pad to meet block size, for traffic flow

Encapsulating Security Payload

Transport vs. Tunnel Mode ESP

transport mode is used to encrypt & optionally
authenticate IP data

data protected but header left in clear

can do traffic analysis but is efficient

good for ESP host to host traffic

Transport vs. Tunnel Mode ESP …

tunnel mode encrypts entire IP packet

add new header for next hop

good for VPNs, gateway to gateway security

Combining Security Associations

SA’s can implement either AH or ESP

to implement both need to combine SA’s

form a security bundle

have 4 cases (see next)

Combining SAs

Case 1

All security is provided between end

The secret key should be shared by end systems

The following combinations possible

AH in transport mode, ESP in transport mode, AH followed
by ESP in transport mode, any of the above inside an AH
or ESP in tunnel mode

Combining SAs

Case 2

Security is provided between gateways routers
firewalls etc and no host implements IPsec.

A single tunnel SA using AH, ESP or ESP with
authentication can be used. Nested tunnels are
not required.

Combining SAs

Case 3

Builds on case 2 by adding end
end security.

Combining SAs

Case 4

Provides support for a remote host that uses the
internet to reach an organization’s firewall and
then to gain access to some server or
workstation behind the firewall. Only tunnel
mode is required.

Web Security

Web now widely used by business,
government, individuals

but Internet & Web are vulnerable

have a variety of threats



denial of service


need added security mechanisms

A Comparison of Threats on the

Categorization of Web Security

Active/Passive attacks

Passive attack

Eavesdropping of network
traffic between browser and server and
gaining information about the web server that
is suppose to be restricted.

Active attacks

Impersonating, altering
messages in transit between the client and
the web server and in extreme cases altering
web site content.

Security threat based on location.

At web server, at web browser, transit
between browser and server, etc.

Web Security based on the Relative
location on the TCP/IP Stack

Web Traffic Security Approaches.

Network level (using IPSec)

Adv: transparent to end user+application, general
purpose solution, has IP filtering capabilities (will not
add overhead to all traffic)

Transport level

Just above TCP stack. Eg. SSL. Transparent to
application if provided in the protocol. Or can be
embedded in specific applications such as Netscape.

Application level

Embedded in application, advantage of being able to
customize the security t the application. Eg. SET