IP Security Issues
IPsec as defined in RFC 2401 provides a security architecture for the Internet Protocol- not a security architecture for the Internet. The distinction is important: IPsec defines security services to be used at the IP layer, both for IPv4 and IPv6. It is often said that IPv6 is " more secure " than IPv4, but the difference is that IPsec is required for all IPv6, whereas it is optional for IPv4 nodes.
The IP Security Protocol (IPsec) provides an interoperable and open standard for building security into the network layer rather than at the application or transport layer. Although applications can benefit from network-layer security, the most important application IPsec enables is the creation of virtual private networks (VPNs) capable of securely carrying enterprise data across the open Internet.
IPsec is often used in conjunction with tunnel management protocols, including the Layer 2 Tunneling Protocol (L2TP), the Layer 2 Forwarding (L2F) protocol designed by Cisco Systems, and Microsoft's Point to Point Tunneling Protocol (PPTP). RFC 2661, " Layer Two Tunneling Protocol ' L2TP, ' " defines L2TP as a standards track specification for tunneling packets sent over a PPP link.
While the tunnel management protocols offer access security services, they don't provide authentication or privacy services, so they are often used in conjunction with IPsec-which does provide those services. However, saying that IPsec specifies protocols for encrypting and authenticating data sent within IP packets is an oversimplifi cation and even obscures IPsec's full potential. IPsec enables the following.
Encryption of data passing between two nodes, using strong public and private key cryptographic algorithms
Authentication of data and its source, using strong authentication mechanisms
Control over access to sensitive data and private networks
Integrity verification of data carried by a connectionless protocol (IP)
Protection against replay attacks, in which an intruder intercepts packets sent between two IP nodes and resends them after decrypting or modifying them
Limitation of traffi c analysis attacks, in which an intruder intercepts protected data and analyzes source and destination information, size and type of packets, and other aspects of the data, including header contents that might not otherwise be protected by encryption
End-to-end security for IP packets, providing assurance to users of endpoint nodes of the privacy and integrity of their transmissions
Secure tunneling through insecure networks such as the global Internet and other public networks
Integration of algorithms, protocols, and security infrastructures into an overarching security architecture.
As defined in RFC 2401, " Security Architecture for the Internet Protocol, " the goal of the IP security architecture is " to provide various security services for traffic at the IP layer, in both the IPv4 and IPv6 environments. " This means security services that have the following features.
Interoperable As with all Internet protocols, interoperability is a fundamental goal. This means that any IP node supporting IPsec can communicate with any other node supporting IPsec. There is a basic set of cryptographic algorithms for encryption and integrity checking, which all IPsec nodes must support, although individual nodes and implementations may support many more, optional, algorithms. Although some nodes are configured to prefer newer or less open algorithms, all nodes are required to support the basic ones.
High quality The baseline for security through IPsec must be set high enough to guarantee a reasonable degree of actual security. Algorithms and key lengths that are to be vulnerable to attack are not acceptable. For example, data encrypted with 40-bit encryption keys can be brute-forced or successfully and quickly decrypted by trying every combination. The number of possible keys is 240 - 1, or roughly 1000 billion; on average, the correct key will be discovered after trying half (about 500 billion) of those combinations. Such attacks are almost trivially easy with commercial off-the-shelf hardware, and thus 40-bit keys are not considered to provide " high-quality " security.
Cryptographically based Cryptographers work with algorithms for encryption, secure hashing, and authentication. Encryption algorithms allow regular data to be transformed into cyphertext , data scrambled so that only the entity holding an appropriate key can decrypt it. Secure hash algorithms operate on any size chunk of data to generate a fixed-length sequence of bits (the hash). An entity can confirm the integrity of the data by running the hashing algorithm on received data; if the transmitted hash and the calculated hash agree, the data is verified as having been sent without change. Authentication of entities through the use of digital signatures depends on public key algorithms. Data encrypted with the public key of a public/private key pair can be decrypted only by an entity with access to the private key; likewise, if an entity encrypts something (such as the text of a message) with its private key, then anyone with access to the public key can decrypt the message and confirm that the sender has access to that key.
By basing IPsec on cryptography rather than on any other mechanisms for security, the protocol designers place limits on the security goals possible to attain through its use while at the same time ensuring that those security goals will be achieved through the use of verifiable and reliable mechanisms.
The IP security architecture allows systems to choose the required security protocols, identify the cryptographic algorithms to use with those protocols, and exchange any keys or other material or information necessary to provide security services.
As may be evident from its highly qualified description, public key cryptographybased mechanisms require that all participants can be confident that public keys are issued only to the entities identified with those keys. When a public key is published purporting to represent Microsoft Corporation, the possibility that the key has been properly issued to Microsoft and not to a computer criminal should approach 100% certainty. Unfortunately, as was demonstrated in early 2001 when it was reported that leading public key infrastructure vendor Verisign, Inc., issued two public key certificates to an impostor claiming to represent Microsoft, this is not always possible.
As a network-layer protocol, IPsec provides security only at the network layer. This means that packets can be protected from the point at which they enter the IP network (the source node's IP interface) to the point at which they leave the IP network (the destination node's IP interface). IPsec cannot substitute for proper application or transport-layer security mechanisms, and IPsec cannot protect against attackers taking control of the source or destination nodes or processes.
In this tutorial:
- IP Security
- IP Security Issues
- Security Goals
- Encryption and Authentication Algorithms
- Symmetric Encryption
- Public Key Encryption
- Key Management
- Secure Hashes
- Digital Signature
- IPSEC: The Protocols
- IP and IPSEC
- Security Associations
- Using Security Associations
- Tunnel and Transport Mode
- Encapsulating Security Payload (ESP)
- Authentication Header
- Calculating the Integrity Check Value (ICV)
- IPsec Headers in Action
- Implementing and Deploying IPSEC