Lecture 19: IPSec and VPN

Question 1

What is IPsec a framework for?

Answer 1

ensuring secure communications over IP (internet protocol) networks

Question 2

What does IPsec stand for?

Answer 2

IP security

Question 3

What does IPsec provide?

Answer 3

Security services similar as TLS, but at a lower layer in the communications protocol stack

Question 4

What is the security in the application layer in the TCP/IP stack?

Answer 4

SSH, S-MIME, PGP

Question 5

What is the security in the transport layer in the TCP/IP stack?

Answer 5

SSL, TLS

Question 6

What is the security in the network layer in the TCP/IP stack?

Answer 6

IPsec

Question 7

What is the security in the data-link layer in the TCP/IP stack?

Answer 7

WEP, WPA, WPA2, etc

Question 8

Give the diagram for cryptography in the TCP/IP stack

Answer 8

See slide 5 in set 19

Question 9

What does IP layer security provide?

Answer 9

protection for any higher layer protocol, including arbitrary TCP and UDP sessions

commonly used to provide virtual private networks (VPNs)

Question 10

What does the IP layer security use?

Answer 10

encryption
authentication
key management algorithms

Question 11

What are the 5 security services that the IP layer security has?

Answer 11

1) message confidentiality
2) message integrity
3) limited traffic analysis protection
4) message replay protection
5) peer authentication

Question 12

What is the security service of message confidentiality i.t.o IP layer security?

Answer 12

Protecting against unauthorized data disclosure

–> By using encryption mechanisms

Question 13

What is the security service of message integrity i.t.o IP layer security?

Answer 13

Determining if data has been changed(either intentionally or unintentionally)
–> By using message authentication codes (MACs)

Question 14

What is the security service of limited traffic analysis protection i.t.o IP layer security?

Answer 14

Possibly difficult to know which parties are communicating, how often, or how much data is being sent when monitoring network traffic

–> By concealing IP datagram details such as source and destination addresses

Question 15

What is the security service of message replay protection i.t.o IP layer security?

Answer 15

Data not delivered multiple times, and not delivered badly out of order

Question 16

What is the security service of peer authentication i.t.o IP layer security?

Answer 16

Ensuring network traffic to be sent from the expected host

–> Each IPsec endpoint confirms its identity of the other IPsec endpoint with which it wishes to communicate

Question 17

What does gateway-to-gateway security provide?

Answer 17

secure communications between 2 networks

Question 18

Where is network traffic routed through in gateway-to-gateway architecture?

Answer 18

through IPsec connection, protecting it appropriately

Question 19

Where does gataway-to-gateway architecture protect data?

IMPORTANT

Answer 19

only between 2 gateways

Question 20

When is gateway-to-gateway architecture used?

Answer 20

Often used when connecting 2 secured networks

e.g. Linking a branch office to headquarters over the Internet

Question 21

Is gateway-to-gateway architecture more or less costly than private wide area network (WAN) circuits?

Answer 21

less costly

Question 22

What is host-to-gateway architecture commonly used to provide?

Answer 22

secure remote access

–> e.g. organization deploys a VPN gateway onto its network

Question 23

What does each remote access user establish and between what in a host-to-gateway architecture

Answer 23

Each remote access user establishes a VPN connection between the local computer (host) and the gateway

Question 24

In a host-to-gateway architecture, what are the two options for a VPN gateway to be?

Answer 24

1) dedicated device

2) part of another network device

Question 25

When is a host-to-gateway architecture often used?

Answer 25

when connecting hosts on unsecured networks to resources on secured networks

Question 26

What is host-to-host architecture typically used for?

Answer 26

special purpose needs e.g. System administrators performing remote management of a single server

Question 27

In a host-to-host architecture, where does it provide data protection? **IMPORTANT**

Answer 27

throughout its transit(end-to-end)

Question 28

Is a host-to-host architecture resource-intensive to implement and maintain in terms of user and host management?

Answer 28

yes!

Question 29

What do all user systems and servers participating in VPNS in a host-to-host architecture need to have?

Answer 29

VPN software installed and/or configured

Question 30

Comment on host-to-host architectures key management process

Answer 30

through a manual process

Question 31

What are the 3 types of IP layer security protocols?

Answer 31

1) ESP 2) AH 3) IKE

Question 32

What does ESP stand for i.t.o IP layer security protocols?

Answer 32

Encapsulating security payload

Question 33

What does AH stand for i.t.o IP layer security protocols?

Answer 33

Authentication header

Question 34

What does IKE stand for i.t.o IP layer security protocols?

Answer 34

Internet key exchange

Question 35

What does the EPS protocol provide?

Answer 35

Providing confidentiality, authentication, integrity and replay protection

Question 36

What does the AH protocol provide?

Answer 36

Providing authentication, integrity and replay protection, but NOT confidentiality --> IAH is now deprecated.

Question 37

What does the IKE protocol provide?

Answer 37

Negotiating, creating and managing session keys insecurity associations (SAs)

Question 38

What protocol is used in the IPsec connection setup?

Answer 38

IKEv2 protocol

Question 39

What protocol does the IKEv2 protocol in the IPsec connection setup and how is it authenticated?

Answer 39

a Diffie-Hellman protocol authenticated using signatures with public keys in X.509 certificates

Question 40

Why does IPsec connection setup include cookies?

Answer 40

to mitigate denial-of-service (DoS) attacks --> Providing Proof of Reachability before any expensive cryptographic processing is completed

Question 41

What is a mechanism to mitigate the DoS attack called?

Answer 41

stateless cookie

Question 42

Explain how the mechanism of a stateless cookie is used

Answer 42

the initial request is responded with a calculated stateless cookie --> a value that can be re-calculated based on values in the initial request without storing responder-side state The initial request is then expected to repeat, this time including the stateless cookie

Question 43

Which standard is the mechanism of stateless cookie in?

Answer 43

RFC 7296 Section 2.6

Question 44

RFC 7296 Section 2.6 contained the mechanism of stateless cookie. What did RFC 7296 Section 3 add?

Answer 44

Proof of Work --> by calculating a pre-image for a partial hash value Setting an upper bound determined by the attacker’s CPU to the number of negotiations it can initiate in a unit of time

Question 45

What does proof of work involved?

Answer 45

calculating a pre-image for a partial hash value

Question 46

What do security associations contain?

Answer 46

1) info needed by an IPsec endpoint to support an IPsec connection 2) possibly cryptographic keys and algorithms, key lifetimes, security parameter index (SPI), security protocol identifier (ESP and/or AH) 3) SPI included in IPsec header to associate a packet with the appropriate SA

Question 47

What do security associations tell the endpoint?

Answer 47

how to process inbound IPsec packets and/or how to generate outbound packets

Question 48

Are security associations unidirectional?

Answer 48

yes

Question 49

What does it mean for security associations to be unidirectional?

Answer 49

one SA for each direction of connection

Question 50

What must IKEv2 established?

Answer 50

keys used in SAs

Question 51

What does SA stand for?

Answer 51

security association

Question 52

What are cryptographic suites similar to? Explain

Answer 52

TLS cipher suites | --> Several standardised cryptographic suites, incorporating both public key and symmetric key algorithms

Question 53

What are special groups of cryptographic suites available for?

Answer 53

Diffie-Hellman (in finite fields and on elliptic curves)

Question 54

In cryptographic suits, what are used for encryption? In which modes?

Answer 54

3DES and AES | either in CBC or GCM mode

Question 55

In cryptographic suits, what are used for integrity?

Answer 55

HMAC or CMAC (variant) used for integrity if GCM mode is not used

Question 56

What are the two modes that each protocol (either ESH or AH) operate in?

Answer 56

transport or tunnel mode

Question 57

Outline the transport mode of operation

Answer 57

Maintaining IP header of the original packet and protecting the payload --> Generally used in host-to-host architectures

Question 58

Outline the tunnel mode of operation

Answer 58

Encapsulating the original packet into a new one, and letting the payload be the original packet --> Generally used in gateway-to-gateway and host-to-gateway architectures

Question 59

Give and explain the diagram for transport mode

Answer 59

See slide 18 in set 19

Question 60

Give and explain the diagrams for tunnel mode

Answer 60

See slide 18 in set 19

Question 61

Explain the server to client example (gateway to host)

Answer 61

See slide 19 in set 19

Question 62

What does the ESP header contain?

Answer 62

SPI identifying the SA and sequence numbers

Question 63

What does the EPS trailer contain?

Answer 63

padding and its length, and possibly including extra padding to enhance traffic flow confidentiality

Question 64

What does the ESP auth contain?

Answer 64

MAC of the encrypted data and ESP header --> Possibly not required if an authenticated encryption mode is used

Question 65

Give the diagram of the original IP packet i.t.o the transport mode with ESP

Answer 65

See slide 21 in set 19

Question 66

Give the diagram of the original IP packet protected by transport mode ESP i.t.o the transport mode with ESP

Answer 66

See slide 21 in set 19

Question 67

In terms of outbounding packet processing for transport mode ESP, what is the data after the original IP header padded by?

Answer 67

adding an ESP trailer

Question 68

In terms of outbounding packet processing for transport mode ESP, what is the data after the original IP encrypted using?

Answer 68

symmetric cipher and key agreed in the SA

Question 69

In terms of outbounding packet processing for transport mode ESP, where is the ESP header?

Answer 69

prepended to data after the original IP header

Question 70

In terms of outbounding packet processing for transport mode ESP, if SA uses the authentication service, what is calculated and appended?

Answer 70

ESP MAC calculated over the data prepared so far and appended

Question 71

In terms of outbounding packet processing for transport mode ESP, the original IP header prepended BUT some fields must be changed. What are these?

Answer 71

1) Protocol field changed from TCP to ESP 2) Total length field changed to reflect the addition of ESP header 3) Checksums recalculated

Question 72

Give the diagram of the original IP packet protected by tunnel mode ESP i.t.o the tunnel mode with ESP

Answer 72

See slide 23 in set 19

Question 73

In terms of outbounding packet processing for tunnel mode ESP, what is done to the entire original packet?

Answer 73

1) padded by adding EPS trailer | 2) encrypted using symmetric cipher and key agreed in the SA

Question 74

In terms of outbounding packet processing for tunnel mode ESP, where is the header?

Answer 74

EPS header prepended to entire original packet

Question 75

In terms of outbounding packet processing for tunnel mode ESP, if SA uses the authentication service, what is calculated and appended?

Answer 75

ESP MAC calculated over the data prepared so far and appended

Question 76

In terms of outbounding packet processing for tunnel mode ESP, what is the new outer IP header that is prepended?

Answer 76

1) Inner IP header of original IP packet carrying the ultimate source and destination addresses 2) Outer IP header may contain distinct IP addresses (e.g. addresses of security gateways) 3) Outer IP header protocol field set to ESP

Question 77

Comment on the active attacks that exist for encryption-only mode of EPS protocol i.t.o IP layer security

Answer 77

Providing encryption without integrity is known to be insecure Unlike earlier IPsec versions, the 2005 version does not require implementations to support encryption-only modes, but still allows it

Question 78

Comment on attacks due to MAC-then-encrypt configurations i.t.o modes used in IP layer security

Answer 78

AH applies encryption after MAC (MAC-then-encrypt) ESP applies encryption before MAC (encrypt-then-MAC)

Question 79

What doe VPNs provide?

Answer 79

a secure distributed network

Question 80

What doe VPNs create?

Answer 80

secure channels over the insecure Internet

Question 81

What are the three types of VPNs?

Answer 81

1) Branch office interconnect (Intranet VPN) 2) Supplier/business partner access (Extranet VPN) 3) Remote access

Question 82

Explain the VPN diagram on slide 27 in set 19

Answer 82

See slide 27 in set 19

Question 83

In terms of the branch office interconnect type of VPN, how is a VPN established and between what?

Answer 83

Establishing a VPN tunnel between router/firewall 1 and router/firewall 2 --> Using AH to authenticate data from tunnel endpoints(routers/firewalls) --> Using ESP to encrypt data over the Internet

Question 84

In terms of the branch office interconnect type of VPN, what are the only things that need to support IPsec?

Answer 84

routers/firewalls | --> no change to Intranet resoures

Question 85

Give the diagram for the branch office interconnect type of VNP

Answer 85

See slide 28 in set 19

Question 86

In terms of the supplier network type of VPN, comment on the supplier

Answer 86

supplier may not be part of the entreprise --> VPN extended to operate between router/firewall 1 and individual parts of supplier network

Question 87

Give the diagram for the supplier network type of VNP

Answer 87

See slide 29 in set 19

Question 88

In terms of remote access type of VPN, what can ISPs provide?

Answer 88

ISPs can provide VPN services across the untrusted Internet

Question 89

Give the diagram for the remove access type of VNP

Answer 89

See slide 30 in set 19