IPSec

November 14, 2017

IPSec November 14, 2017 1 / 32

Why IPSec?

Original Internet Protocol (IP) lacks mechanisms to ensure the

authenticity and privacy of data as it is passed over the internet.
IP datagrams are usually routed between two devices over unknown
networks, any information in them is subject to being intercepted and
even possibly changed.

IPSec November 14, 2017 2 / 32

IPSec Overview

Many routers-owned by ”who knows” and administered by ”who

knows”-stand between you and most other devices you want to connect
with, we cannot assume that the data sent or received is secure.
Motivation: Lack of generalized security solutions.
The idea was to design a solution to allow security at the IP level so
all higher-layer protocols in TCP/IP could take advantage of it.

IPSec November 14, 2017 3 / 32

IPSec Services and Functions

IPSec is not a single protocol, but rather a set of services and protocols
that provide a complete security solution for an IP network. Some of the
kinds of protection services offered by IPSec include:
Encryption of user data for privacy.
Message integrity.
Protection against replay attacks.

The ability for devices to negotiate the security algorithms and keys
required to meet their security needs.
Two security modes, tunnel and transport, to meet different
network needs.

IPSec November 14, 2017 4 / 32

IPSec Overview

IPSec is defined in a collection of RFCs (2401-2412) that define the

architecture, services and specific protocols used in IPSec.

Deployment of IPSec has only really started to take off in the last few
years; a major use of the technology is in implementing virtual private
networks (VPNs).

IPSec November 14, 2017 5 / 32

IPSec

When two devices (either end user hosts or intermediate devices such as
routers or firewalls) want to engage in secure communications, they set up
a secure path between themselves that may traverse across many insecure
intermediate systems.

To accomplish this, they must perform (at least) the following tasks:
They must agree on a set of security protocols to use
They must decide on a specific encryption algorithm to use in
encoding data.
They must exchange keys that are used to ”unlock” data that has
been cryptographically encoded.
Once this background work is completed, each device must use the
protocols, methods and keys previously agreed upon to encode data.

IPSec November 14, 2017 6 / 32

IPSec core protocols

Authentication Header (AH): It provides authentication services for

IPSec. Originator authentication, message authentication, protection
against replay attacks.
Encapsulating Security Payload (ESP): The Authentication
Header ensures integrity, but not its privacy. When the information in
a datagram is ”for your eyes only”, it can be further protected using
the ESP protocol, which encrypts the payload of the IP datagram.
IPSec November 14, 2017 7 / 32
IPSec Support Components

AH and ESP are not really distinct protocols but are implemented as
headers.
E/H: AH and ESP are generic and do not specify the exact
mechanism. This gives devices the flexibility to work with a variety of
algorithms. Two common ones used with IPSec are MD5 and
SHA-1.
SPA and MM: Provides means required to keep track of the security
relationships between devices. This is done in IPSec using constructs
called security policies and security associations, and by providing
ways to exchange security association information.
KEF: For two devices to exchange encrypted information they need
to be able to share keys. They also need a way to exchange security
association information. A protocol called the Internet Key
Exchange (IKE) provides these capabilities.

IPSec November 14, 2017 8 / 32

How exactly we get IPSec into IP?

IPSec November 14, 2017 9 / 32

IPSec Implementation Methods

3 different implementation architectures are defined for IPSec in RFC 2401.

The one we use depends on various factors including the version of IP used
(v4 versus v6), the requirements of the application and other factors.
These in turn rest on a primary implementation decision: whether IPSec
should be programmed into all hosts on a network, or just into certain
routers or other ”intermediate devices”.
This implementation decision is one that must be based on the
requirements of the network. There are two options: to implement IPSec
in end hosts, or in routers.

IPSec November 14, 2017 10 / 32

End host implementation

Putting IPSec into all host devices provides the most flexibility and
security. It enables ”end-to-end” security between any two devices on the
network.
However, if there are many hosts on a typical network, so this means far
more work than just implementing IPSec in routers.

IPSec November 14, 2017 11 / 32

Router Implementation

It is much less work because it means changes are made only to a few
routers instead of hundreds or thousands of clients.
It only provides protection between pairs of routers that implement IPSec,
but this may be sufficient for certain applications such as VPNs.
The routers can be used to provide protection only for the portion of the
route that datagrams take outside the organization, leaving connections
between routers and local hosts unsecured (or possibly, secured by other
means).

IPSec November 14, 2017 12 / 32

IPSec Architectures

*Pic courtesy: TCP/IP Guide

IPSec November 14, 2017 13 / 32

Bump In The Wire Architectures

*Pic courtesy: TCP/IP Guide

IPSec November 14, 2017 14 / 32

IPSec Modes: Transport and Tunnel

Both AH and ESP protocols provide protection by adding to a datagram a

header (and possibly other fields) containing security information.
The choice of mode does not affect the method by which each generates
its header, but rather, changes what specific parts of the IP datagram are
protected and how the headers are arranged to accomplish this.

IPSec November 14, 2017 15 / 32

IPSec Transport Mode

*Pic courtesy: TCP/IP Guide

IPSec November 14, 2017 16 / 32

IPSec Tunnel Mode

*Pic courtesy: TCP/IP Guide IPSec November 14, 2017 17 / 32

Security Associations and the Security Association
Database (SAD)

SA and SAD are used to guide the operation of IPSec in a general way
and also in particular exchanges between devices.
Question: What to protect and what not to?
A security policy is a rule that is programmed into the IPSec
implementation that tells it how to process different datagrams
received by the device.
A Security Association (SA) is a set of security information that
describes a particular kind of secure connection between one device
and another. A device’s security associations are contained in its
Security Association Database (SAD).

IPSec November 14, 2017 18 / 32

IPSec Authentication Header (AH)

AH is a protocol that provides authentication of either all or part of the

contents of a datagram through the addition of a header that is calculated
based on the values in the datagram.

IPSec November 14, 2017 19 / 32

IPv6:AH

IPSec November 14, 2017 20 / 32

IPv4:AH)

IPSec November 14, 2017 21 / 32

IPSec Authentication Header (AH)

*Pic courtesy: TCP/IP Guide

IPSec November 14, 2017 22 / 32

IPSec ESP

Encapsulating Security Payload Fields

ESP Header: This contains two fields, the SPI and Sequence Number,
and comes before the encrypted data.
ESP Trailer: This section is placed after the encrypted data. It
contains padding that is used to align the encrypted data.
ESP Authentication Data: This field contains an Integrity Check
Value (ICV), computed in a manner similar to how the AH protocol
works, for when ESP’s optional authentication feature is used.

IPSec November 14, 2017 23 / 32

IPSec ESP

Encapsulating Security Payload Fields

2 reasons why these fields are broken into pieces like this.
The first is that some encryption algorithms require the data to be
encrypted to have a certain block size, and so padding must appear
after the data and not before it.
The second is that the ESP Authentication Data appears separately
because it is used to authenticate the rest of the encrypted datagram
after encryption. This means it cannot appear in the ESP Header or
ESP Trailer.

IPSec November 14, 2017 24 / 32

IPSec ESP IPv6

IPSec November 14, 2017 25 / 32

IPSec ESP IPv4

IPSec November 14, 2017 26 / 32

IPSec ESP Header

*Pic courtesy: TCP/IP Guide

IPSec November 14, 2017 27 / 32

IPSec IKE

Internet Key Exchange is the protocol used to set up a security association

(SA) in the IPsec protocol suite.
IKE uses X.509 certificates for authentication - either pre-shared or
distributed using DNS and a Diffie-Hellman key exchange - to set up
a shared session secret from which cryptographic keys are derived.
In addition, a security policy for every peer which will connect must
be manually maintained.

IPSec November 14, 2017 28 / 32

IKE Architecture

Most IPsec implementations consist of an IKE daemon that runs in user

space and an IPsec stack in the kernel that processes the actual IP
packets.
The IKE protocol uses UDP packets, usually on port 500, and
generally requires 4-6 packets to create an SA on both sides.
The negotiated key material is then given to the IPsec stack.

IPSec November 14, 2017 29 / 32

How to IPsec?

Let us set-up using manually-keyed connections, a very small or primarily

star toplogy networks
Step 1. Install the tools
sudo apt-get install ipsec-tools
Step 2. Edit /etc/ipsec-tools.conf file.
Step 3. Make the conf file not readable to the world:

IPSec November 14, 2017 30 / 32

ipsec-tools.conf file

IPSec November 14, 2017 31 / 32

The End

IPSec November 14, 2017 32 / 32