What is VPN
A Virtual Private Network carries private traffic over public network.
A restricted-use, logical computer network that is constructed from the system resources of a relatively public, physical network (such as the Internet), often by using encryption, and often by tunneling links of the virtual network across the real network. (RFC2828)
Benefits of VPN
Confidentiality
Authentication
Integrity
Nonrepudiation
Access Control
Cryptography Building Blocks
Encryption vs. Hash
1.Encryption keeps communications Private.
2.Encryption and decryption can
3.use same or different keys.
4.Achieved by various algorithms, e.g. DES, CAST.
5.Need key management.
1.Hash transforms message into fixed-size string.
2.One-way hash function.
3.Strongly collision-free hash.
4.Message digest can be viewed as “digital fingerprint”.
5.Used for message integrity
6.check and digital certificate.
7.Hash is generally faster than encryption.
Commonly Used Hash Functions (MD5 and SHA)
Both MD5 and SHA are derived based on MD4.
MD5 provides 128-bit output, SHA provide 160-bit output.
Both of MD5 and SHA are considered one-way strongly collision-free hash functions.
SHA is computationally slower than MD5, but more secure
Data Encryption Standard (DES)
Symmetric key encryption algorithm
Block cipher: works on 64-bit data block, use 56-bit key.
Mode of operation: how to apply DES to encrypt blocks of data
Electronic Code Book (ECB)
Cipher Block Chaining (CBC)
K-bit Cipher FeedBack (CFB)
K-bit Output FeedBack (OFB)
Triple-DES
168-bit total key length
Mode of operation decides how to process DES three times.
More secure than DES
Diffie-Hellman Key Exchange
Asymmetric key algorithm.
The protocol allows two users to exchange secret key (used by symmetric algorithms) over an insecure channel without prior secrets.
Diffie-Hellman (DH) groups: size of modulus p, for examples:
DH group 1 (768-bit)
p= 2^768 - 2^704 - 1 + 2^64 * { [2^638 pi] + 149686 }
g= 2
DH group 2 (1024-bit)
Vulnerable to man-in-the-middle attack.
IPSec Definition and Services
IPSec Definition and Services
IPSec Stands for IP Security.
“A security protocol in the network layer will be developed to provide cryptographic security services that will flexibly support combinations of authentication, integrity, access control, and confidentiality” (IETF).
IPSec Services
Data Origin Authentication
Data Integrity
Confidentiality
Replay Detection
Access control and Traffic flow confidentiality
Security Association
Defines one-way relation between IPSec peers which apply security services to the traffic carried.
Two SAs are needed for two-way secure communication.
ISAKMP
ISAKMP: Internet Security Association and Key Management Protocol.
Define procedure and packet format to establish, negotiate, modify and delete security association:
Standardized payload
Exchange types
Payload Processing rules
Domain of Interpretation defines the syntax and semantics.
Defined in RFC 2408.
Internet Key Exchange (IKE)
Hybrid protocol: combination of ISAKMP, Oakley Key exchange and SKEME protocols.
Define the mechanism to derive authenticated keying material and negotiate security associations (used for AH, ESP)
Uses UDP port 500
Defined in RFC 2409
IKE (Two-Phase Protocol)
Two-phase protocol:
Phase I exchange: two peers establish a secure, authenticated channel with which to communicate. Main mode or aggressive mode accomplishes a phase I exchange.
Phase II exchange: security associations are negotiated on behalf of IPSec services. Quick mode accomplishes a phase II exchange.
Each phase has its SAs: ISAKMP SA (phase I) and IPSec SA (phase II).
IKE Authentication Methods
Pre-shared secret
Easy to deploy, not scalable
Public-key signatures (rsa-signature)
Most secure, require infrastructure.
Public-key encryption (rsa-nonce)
Similar security to rsa-sig, requires prior knowledge of peer’s public key, limited support.
