CRYPTOGRAPHY

Course Code: 18CS744

MODULE 5
 Course Outcomes
• Define cryptography and its principles

• Explain Cryptography algorithms

• Illustrate Public and Private key cryptography

• Explain Key management, distribution and

certification
• Explain authentication protocols
 SYLLABUS
MODULE 5
IP Security: IP Security overview, applications of IPsec,
benefits of IPsec, Routing applications, IPsec documents,
IPsec services, transport and tunnel modes, IP Security
policy, Security associations, Security associations
database, Security policy database, IP traffic processing,
Encapsulating Security payload, ESP format, encryption
and authentication algorithms, Padding, Anti replay service

Transport and tunnel modes, combining security

associations, authentication plus confidentiality, basic
combinations of security associations, internet key
exchange, key determinations protocol, header and payload
formats, cryptographic suits.
IP security
• The IP security (IPSec) is an Internet Engineering Task
Force (IETF) standard suite of protocols between 2
communication points across the IP network that provide data
authentication, integrity, and confidentiality.
• IPsec is a group of protocols that are used together to set up
encrypted connections between devices.
• It helps keep data sent over public networks secure.
• IPsec is often used to set up VPNs, and it works by
encrypting IP packets, along with authenticating the source
where the packets come from.
IP security
• To provide security, the IAB included authentication and
encryption as necessary security features in the next-
generation IP, which has been issued as IPv6.

• Fortunately, these security capabilities were designed to be

usable both with the current IPv4 and the future IPv6.

• This means that vendors can begin offering these features

now, and many vendors now do have some IPsec capability in
their products.

• The IPsec specification now exists as a set of Internet

standards.
Applications of IPsec
• IPsec provides the capability to secure communications
across a LAN, across private and public WANs, and
across the Internet.

• Examples of its use include:

• Secure branch office connectivity over the Internet
• Secure remote access over the Internet
• Establishing extranet and intranet connectivity with
partners
• Enhancing electronic commerce security
typical scenario of IPsec usage
Benefits of IPsec
• When IPsec is implemented in a firewall or router, it
provides strong security that can be applied to all traffic
crossing the perimeter.
• IPsec in a firewall is resistant to bypass if all traffic from the
outside must use IP and the firewall is the only means of
entrance from the Internet into the organization.
• IPsec is below the transport layer (TCP, UDP) and so is
transparent to applications. There is no need to change
software on a user or server system when IPsec is
implemented in the firewall or router.
• IPsec can be transparent to end users. There is no need to
train users on security mechanisms, issue keying material
on a per-user basis, or revoke keying material when users
leave the organization.
• IPsec can provide security for individual users if needed
 Routing Applications
• IPsec can play a vital role in the routing architecture required
for internetworking
• IPsec can assure that
• A router advertisement (a new router advertises its
presence) comes from an authorized router.
• A neighbor advertisement (a router seeks to establish or
maintain a neighbor relationship with a router in another
routing domain) comes from an authorized router.
• A redirect message comes from the router to which the
initial IP packet was sent.
• A routing update is not forged.
 IPsec Documents
• IPsec encompasses three functional areas:
authentication, confidentiality, and key management.
• The totality of the IPsec specification is scattered across
dozens of RFCs and draft IETF documents, making this
the most complex and difficult to grasp of all IETF
specifications.
• The documents can be categorized into the following
groups.
• Architecture
• Authentication Header (AH)
• Encapsulating Security Payload (ESP)
• Internet Key Exchange (IKE)
• Cryptographic algorithms:
• Other:
 IPsec Documents
• Architecture: Covers the general concepts, security
requirements, definitions, and mechanisms defining IPsec
technology. The current specification is RFC 4301, Security
Architecture for the Internet Protocol.
• Authentication Header (AH): AH is an extension header to
provide message authentication. The current specification is
RFC 4302, IP Authentication Header. Because message
authentication is provided by ESP, the use of AH is deprecated.
It is included in IPsecv3 for backward compatibility but should
not be used in new applications.
• Encapsulating Security Payload (ESP): ESP consists of an
encapsulating header and trailer used to provide encryption or
combined encryption/authentication. The current specification is
RFC 4303, IP Encapsulating Security Payload (ESP).
 IPsec Documents
• Internet Key Exchange (IKE): This is a collection of documents
describing the key management schemes for use with IPsec. The
main specification is RFC 5996, Internet Key Exchange (IKEv2)
Protocol, but there are a number of related RFCs.

• Cryptographic algorithms: This category encompasses a large

set of documents that define and describe cryptographic
algorithms for encryption, message authentication, pseudorandom
functions (PRFs), and cryptographic key exchange.

• Other: There are a variety of other IPsec-related RFCs, including

those dealing with security policy and management information
base (MIB) content.
 IPsec Services
• Access control
• Connectionless integrity
• Data origin authentication
• Rejection of replayed packets (a form of partial sequence
integrity)
• Confidentiality (encryption)
• Limited traffic flow confidentiality
Transport and Tunnel Modes

Both AH and ESP support two modes of use:

• Transport mode

• Tunnel mode
 Transport Mode:
• Transport mode provides protection primarily for upper-layer
protocols. That is, transport mode protection extends to the
payload of an IP packet.
• Examples include a TCP or UDP segment or an ICMP packet, all
of which operate directly above IP in a host protocol stack.
Typically, transport mode is used for end to- end communication
between two hosts (e.g., a client and a server, or two
workstations).
• When a host runs AH or ESP over IPv4, the payload is the data
that normally follow the IP header. For IPv6, the payload is the
data that normally follow both the IP header and any IPv6
extensions headers that are present, with the possible exception
of the destination options header, which may be included in the
protection.
• ESP in transport mode encrypts and optionally authenticates the
IP payload but not the IP header. AH in transport mode
authenticates the IP payload and selected portions of the IP
header.
 Tunnel Mode
• Tunnel mode provides protection to the entire IP packet.
• To achieve this, after the AH or ESP fields are added to the
IP packet, the entire packet plus security fields is treated as
the payload of new outer IP packet with a new outer IP
header.
• The entire original, inner, packet travels through a tunnel
from one point of an IP network to another; no routers along
the way are able to examine the inner IP header.
• the original packet is encapsulated, the new, larger packet
may have totally different source and destination addresses,
adding to the security.
• Tunnel mode is used when one or both ends of a security
association (SA) are a security gateway, such as a firewall
or router that implements IPsec
Security association (SA)
• An association is a one-way logical connection between a
sender and a receiver that affords security services to the
traffic carried on it.

• With the help of the defined IPsec protocols, SAs offer data
protection for unidirectional traffic.

• Generally, an IPsec tunnel features two unidirectional SAs,

which offer a secure, full-duplex channel for data.

• A security association consists of features like traffic

encryption key, cryptographic algorithm and mode, and also
parameters required for the network data.
 I P Security Policy
• Fundamental to the operation of IPsec is the concept of a security
policy applied to each IP packet that transits from a source to a
destination.

• IPsec policy is determined primarily by the interaction of two

databases, the security association database (SAD) and the
security policy database (SPD)
Security association (SA)

• A key concept that appears in both the authentication and

confidentiality mechanisms for IP is the security association
(SA).

• An association is a one-way logical connection between a

sender and a receiver that affords security services to the traffic
carried on it

• A security association is uniquely identified by three parameters:

• Security Parameters Index (SPI)
• IP Destination Address
• Security Protocol Identifier
 Security Association Database
• In each IPsec implementation, there is a nominal Security
Association Database that defines the parameters
associated with each SA

• A security association is normally defined by the following

parameters in an SAD entry:
• Security Parameter Index
• Sequence Number Counter
• Sequence Counter Overflow
• Anti-Replay Window
• AH Information
• ESP Information
• Lifetime of this Security Association
• IPsec Protocol Mode
• Path MTU
 Security Association Database
• Security Parameter Index: A 32-bit value selected by the receiving
end of an SA to uniquely identify the SA. In an SAD entry for an
outbound SA, the SPI is used to construct the packet’s AH or ESP
header. In an SAD entry for an inbound SA, the SPI is used to map
traffic to the appropriate SA.
• Sequence Number Counter: A 32-bit value used to generate the
Sequence Number field in AH or ESP headers,
• Sequence Counter Overflow: A flag indicating whether overflow
of the Sequence Number Counter should generate an auditable
event and prevent further transmission of packets on this SA
• Anti-Replay Window: Used to determine whether an inbound AH
or ESP packet is a replay,
• AH Information: Authentication algorithm, keys, key lifetimes,
and related parameters being used with AH
• ESP Information: Encryption and authentication algorithm,
keys, initialization values, key lifetimes, and related
parameters being used with ESP
• Lifetime of this Security Association: A time interval or byte
count after which an SA must be replaced with a new SA
(and new SPI) or terminated, plus an indication of which of
these actions should occur.
• IPsec Protocol Mode: Tunnel, transport, or wildcard.
• Path MTU: Any observed path maximum transmission unit
(maximum size of a packet that can be transmitted without
fragmentation)
 Security Policy Database
• Security Policy Database (SPD) specifies what security
services are to be applied to IP packets and how.
• An SPD discriminates between traffic that is to be IPSec-
protected and traffic allowed to bypass IPSec.
• Each SPD entry is defined by a set of IP and upper-layer
protocol field values, called selectors
• The following selectors determine an SPD entry
• Remote IP Address
• Local IP Address
• Next Layer Protocol
• Name
• Local and Remote Ports:
26
Host SPD Example
Outbound processing obeys the following general
sequence for each IP packet
1. Compare the values of the appropriate fields in the
packet (the selector fields) against the SPD to find a
matching SPD entry, which will point to zero or more SAs.
2. Determine the SA if any for this packet and its
associated SPI.
3. Do the required IPsec processing (i.e., AH or ESP
processing).
IP Traffic Processing
• IPsec is executed on a packet-by-packet basis.
• When IPsec is implemented:
• Each outbound IP packet is processed by the IPsec
logic before transmission
• Each inbound packet is processed by the IPsec logic
after reception and before passing the packet
contents on to the next higher layer (e.g., TCP or
UDP)
Processing Model for Outbound Packets
Processing Model for Inbound Packets
Encapsulating Security Payload