Introduction to Computer Security
Network Security
Pavel Laskov
Circuit switching vs. packet switching
A B A A B B B A A B A A A A A B B B ATCP connection synchronization
Initial handshake
Host A Host B
Send SYN seq=x
Receive SYN
Send SYN seq=y, ACK x+1
Receive SYN + ACK
Send ACK y+1
Receive ACK .. . data transmission
Termination
Host A Host BSend FIN seq=x
Receive FIN Send ACK x+1 Receive ACK
Send FIN seq=y, ACK x+1 Receive FIN + ACK
Send ACK y+1
What can go wrong: TCP session hijacking
Seq: x PSH/ACK: y (60) Seq: y PSH/ACK: x+60 (20) Seq: x+60 PSH/ACK: y+20 (30) Seq: y+20 PSH/ACK: x+90 (20) Seq: x+90 PSH/ACK: y+40 (30) Seq: y+40 PSH/ACK: x+120 (20)
A
A
A
A
C(A)
A
B
B
B
B
B
B
Example: SYN flood
Placement of security instruments
IP layer security: IPsec
Objectives:
secure connectivity of branch offices
secure remote access
Advantages:
bypass resistance
transparency to end users and applications
Disadvantages:
infrastructure support needed
performance degradation
IPsec services and protocols
AH:
Authentication Header
ESP:
Encapsulating Security Payload
Services / Protocols
AH
ESP
ESP + auth.
Access control
X
X
X
Connectionless integrity
X
X
Data origin authentication
X
X
Replay protection
X
X
X
Confidentiality
X
X
IPsec modes
Transport mode
Protection of
packet payload
Used for end-to-end communication
Small performance overhead
Tunnel mode
Protection of
entire packet
(payload and headers)
Communication between gateways
Invisible to intermediate routers
Considerable performance overhead
Transport mode vs. tunnel mode
8.3 / ENCAPSULATING SECURITY PAYLOAD 285Transport and Tunnel Modes
Figure 8.7 shows two ways in which the IPsec ESP service can be used. In the upper part of the figure, encryption (and optionally authentication) is provided directly between two hosts. Figure 8.7b shows how tunnel mode operation can be used to set up a virtual private network. In this example, an organization has four private networks interconnected across the Internet. Hosts on the internal networks use the Internet for transport of data but do not interact with other Internet-based hosts. By terminating the tunnels at the security gateway to each internal network, the configu-ration allows the hosts to avoid implementing the security capability. The former technique is supported by a transport mode SA, while the latter technique uses a tunnel mode SA.
In this section, we look at the scope of ESP for the two modes. The consid-erations are somewhat different for IPv4 and IPv6. We use the packet formats of Figure 8.8a as a starting point.
TRANSPORTMODEESPTransport mode ESP is used to encrypt and optionally authenticate the data carried by IP (e.g., a TCP segment), as shown in Figure 8.8b.
(a) Transport-level security
(b) A virtual private network via tunnel mode Internal network External network Encrypted TCP session Internet Corporate
network Corporatenetwork
Corporate network Corporate network Encrypted tunnels carrying IP traffic
AH service
Transport mode
orig IP
hdr routing, fragment AHhop-by-hop, dest, dest TCP Data IPv6
authenticated except for mutable fields orig IP
hdr AH TCP Data
IPv4
authenticated except for mutable fields
orig IP hdr New IP
hdr AH TCP Data
IPv4
authenticated except for mutable fields in the new IP header (b) Transport Mode
orig IP
hdr extension headers(if present) TCP Data IPv6
orig IP
hdr TCP Data
IPv4
(a) Before Applying AH
new IP
hdr headersext AH orig IPhdr headersext TCP Data IPv6
authenticated except for mutable fields in new IP header and its extension headers
(c) Tunnel Mode
Figure 6.6 Scope of AH Authentication
Tunnel mode
orig IPhdr routing, fragment AHhop-by-hop, dest, dest TCP Data IPv6
authenticated except for mutable fields orig IP
hdr AH TCP Data
IPv4
authenticated except for mutable fields
orig IP hdr New IP
hdr AH TCP Data
IPv4
authenticated except for mutable fields in the new IP header (b) Transport Mode
orig IP
hdr extension headers(if present) TCP Data IPv6
orig IP
hdr TCP Data
IPv4
(a) Before Applying AH
new IP
hdr headersext AH orig IPhdr headersext TCP Data IPv6
authenticated except for mutable fields in new IP header and its extension headers
(c) Tunnel Mode
ESP service
Transport mode
orig IP
hdr routing, fragmenthop-by-hop, dest, IPv6 orig IP hdr IPv4 New IP hdr IPv4
(a) Transport Mode
new IP hdr headersext IPv6 authenticated encrypted authenticated encrypted authenticated encrypted authenticated encrypted (b) Tunnel Mode
Figure 6.9 Scope of ESP Encryption and Authentication
orig IPhdr headersext TCP Data ESPtrlrauthESP ESP hdr ESP auth orig IP hdr TCP Data ESPtrlr ESP auth ESP hdr dest TCP Data TCP Data ESP trlr ESP auth ESP trlr ESP hdr ESP hdr
Tunnel mode
orig IPhdr routing, fragmenthop-by-hop, dest, IPv6 orig IP hdr IPv4 New IP hdr IPv4
(a) Transport Mode
new IP hdr headersext IPv6 authenticated encrypted authenticated encrypted authenticated encrypted authenticated encrypted (b) Tunnel Mode
Figure 6.9 Scope of ESP Encryption and Authentication
orig IPhdr headersext TCP Data ESPtrlrauthESP ESP hdr ESP auth orig IP hdr TCP Data ESPtrlr ESP auth ESP hdr dest TCP Data TCP Data ESP trlr ESP auth ESP trlr ESP hdr ESP hdr
Transport layer security: SSL/TLS
Objectives:
secure information transmission in Internet applications
mutual authentication in Internet applications
Advantages:
secure end-to-end communication over TCP (not limited to
HTTP)
Disadvantages:
PKI support needed
SSL architecture
SSL connection
corresponds to
TCP connections.
SSL sessions
represent an
association between a client and
a server. Sessions define
parameters that can be share
between connections.
SSL Record Protocol
Carries out information transfer
SSL handshake protocol
Client Server Random number Crypto info Random number Crypto info Server certificateRequest client auth.
Extract server public key
Client certificate
Hash over prev. messages
Extract client public key
Random pre-master secret
Calculate master secret Calculate master secret
Switch to master secret End handshake
Switch to master secret End handshake
