1、IPsec VPNsIPsec Components and IPsec VPN FeaturesIPsec OverviewWhat Is IPsec?IPsec is an IETF standard that employs cryptographic mechanisms on the network layer:IPsec是IETF的標準,其在網絡層使用加密機制實現:Authentication of every IP packet IP報文的認證Verification of data integrity for each packet為每一個數據包提供數據完整性的保證Confid

2、entiality of packet payload對數據進行機密性的保護What Is IPsec? (Cont.)Consists of open standards for securing private communicationsIPsec由一系列的開放標準組成，用于保護秘密的通信。Scales from small to very large networks不管是小型的網絡還是大型的網絡都可以實施IPsec技術。Is available in Cisco IOS software version 11.3(T) and laterIs included in PIX Fire

3、wall version 5.0 and laterIPsec Security FeaturesIPsec is the only standard Layer 3 technology that provides:Confidentiality 機密性Data integrity 數據完整性Authentication 認證Replay detection 反重放檢測IPsec ProtocolsIPsec uses three main protocols to create a security framework:Internet Key Exchange (IKE):Provide

4、s framework for negotiation of security parametersEstablishment of authenticated keysEncapsulating Security Payload (ESP):Provides framework for encrypting, authenticating, and securing of dataAuthentication Header (AH):Provides framework for authenticating and securing of dataIPsec HeadersIPsec ESP

5、 provides the following:Authentication and data integrity (MD5 or SHA-1 HMAC) with AH and ESPConfidentiality (DES, 3DES, or AES) only with ESPPeer AuthenticationPeer authentication methods:Username and password OTP (Pin/Tan) (one time password) Biometric (生物特征)Preshared keysDigital certificatesInter

6、net Key ExchangeInternet Key ExchangeIKE solves the problems of manual and unscalable implementation of IPsec by automating the entire key exchange process:Negotiation of SA characteristicsAutomatic key generationAutomatic key refreshManageable manual configurationIKE PhasesPhase 1:Authenticate the

7、peersNegotiate a bidirectional SAMain mode or aggressive modePhase 1.5:XauthMode configPhase 2:IPsec SAs/SPIsQuick modeIKE ModesIKE: Other FunctionsIKE: Other FunctionsDead peer detection (DPD):BidirectionalSent on periodic intervalsSender must receive a reply or disconnectIKE keepalives are unidire

8、ctional and are sent every 10 seconds.NAT traversal:Defined in RFC 3947Encapsulates IPsec packet in UDP packetMode config (Push Config) and Xauth (User Authentication)IPsec and NAT: The ProblemIPsec NAT TraversalNeed NAT traversal with IPsec over TCP/UDP:NAT traversal detection NAT traversal decisio

9、nUDP encapsulation of IPsec packetsUDP encapsulated process for software enginesMode ConfigurationMechanism used to push attributes to IPsec VPN clientsEasy VPNDynamically updated:Central services and security policyOffload VPN function from local devicesClient and network extension modeCentralized

10、control:Configuration and security policy pushed at the time of the VPN tunnel establishmentXauthMechanism used for user authentication for VPN clientsESP and AHESP and AHIPsec protocols:ESP or AHESP uses IP protocol number 50AH uses IP protocol number 51IPsec modes:Tunnel or transport modeTunnel mo

11、de creates a new additional IP headerThe Message is concatenated with a symmetric key ESP and AH HeaderESP allows encryption and authenticates the original packet.AH authenticates the whole packet (including the header) and does not allow encryption.AH Authentication and IntegrityESP ProtocolProvide

12、s confidentiality with encryptionProvides integrity with authenticationTunnel and Transport ModeMessage Authentication and Integrity CheckMessage Authentication andIntegrity Check Using HashA MAC is used for message authentication and integrity check.Hashes are widely used for this purpose (HMAC).Co

13、mmonly Used Hash FunctionsMD5 provides 128-bit output.SHA-1 provides 160-bit output (only first 96 bits used in IPsec).SHA-1 is computationally slower than MD5, but more secure.Symmetric vs. Asymmetric Encryption AlgorithmsSymmetric vs. AsymmetricEncryption AlgorithmsSymmetric algorithm:Secret key c

14、ryptographyEncryption and decryption use the same keyTypically used to encrypt the content of a messageExamples: DES, 3DES, AESAsymmetric algorithm:Public key cryptographyEncryption and decryption use different keysTypically used in digitalcertification and key managementExample: RSAKey Lengths of S

15、ymmetric vs.Asymmetric Encryption AlgorithmsSymmetric Key LengthAsymmetric Key Length80102411220481283072192768025615,360Comparable key lengths required for asymmetric keys compared to symmetric keysSecurity Level of Cryptographic AlgorithmsSecurity LevelWork FactorAlgorithmsWeakO(240)DES, MD5Legacy

16、O(264)RC4, SHA-1BaselineO(280)3DESStandardO(2128)AES-128, SHA-256HighO(2192)AES-192, SHA-384UltraO(2256)AES-256, SHA-512Symmetric Encryption: DESSymmetric key encryption algorithmBlock cipher: Works on 64-bit data block, uses 56-bit key (last bit of each byte used for parity)Mode of operation: Apply

17、 DES to encrypt blocks of dataSymmetric Encryption: 3DES168-bit total key lengthMode of operation decides how to process DES three timesNormally: encrypt, decrypt, encrypt3DES requires more processing than DESSymmetric Encryption: AESFormerly known as RijndaelSuccessor to DES and 3DESSymmetric key b

18、lock cipherStrong encryption with long expected lifeAES can support 128-, 192-, and 256-bit keys; 128-bit key is considered safeAsymmetric Encryption: RSABased on Diffie-Hellman key exchange (IKE) principlesPublic key to encrypt data, and to verify digital signaturesPrivate key to decrypt data, and

19、to sign with a digital signaturePerfect for insecure communication channelsDiffie-Hellman Key ExchangeDiffie-Hellman Key Exchange (Cont.)PKI EnvironmentPKI Environment Certificate AuthorityThe trust basis of a PKI systemVerifies user identity, issues certificates by binding identity of a user to a p

20、ublic key with a digital certificateRevokes certificates and publishes CRLIn-house implementation or outsourcingX.509 v3 CertificatePKI Message ExchangePKI CredentialsHow to store PKI credentials:RSA keys and certificatesNVRAMeToken:Cisco 871, 1800, 2800, 3800 Series routerCisco IOS Release 12.3(14)

21、T image Cisco USB eTokenA k9 imageSummaryIPsec provides a mechanism for secure data transmission over IP networks.The IKE protocol is a key management protocol standard used in conjunction with the IPsec standard. IKE has some additional functions: DPD, NAT traversal, encapsulation in UDP packet, co

22、nfig mode, and Xauth.The two IP protocols used in the IPsec standard are ESP and AH.For message authentication and integrity check, an HMAC is used. The two types of encryption are symmetric encryption and asymmetric encryption. PKI provides customers with a scalable, secure mechanism for distributi

23、ng, managing, and revoking encryption and identity information in a secured data network. IPsec VPNsSite-to-Site IPsec VPN OperationSite-to-Site IPsec VPN OperationsFive Steps of IPsecStep 1: Interesting TrafficStep 2: IKE Phase 1IKE Policy Negotiates matching IKE transform sets to protect IKE excha

24、ngeDiffie-Hellman Key ExchangeAuthenticate Peer IdentityPeer authentication methods:Preshared keysRSA signaturesRSA encrypted noncesStep 3: IKE Phase 2Negotiates IPsec security parameters, IPsec transform setsEstablishes IPsec SAsPeriodically renegotiates IPsec SAs to ensure securityOptionally, perf

25、orms an additional Diffie-Hellman exchangeIPsec Transform SetsA transform set is a combination of algorithms and protocols that enact a security policy for traffic.Security AssociationsSA database:Destination IP addressSPIProtocol (ESP or AH)Security policy database:Encryption algorithmAuthenticatio

26、n algorithmModeKey lifetimeSA LifetimeData transmitted-basedTime-basedStep 4: IPsec SessionSAs are exchanged between peers.The negotiated security services are applied to the traffic. Step 5: Tunnel TerminationA tunnel is terminated by one of the following:By an SA lifetime timeoutIf the packet coun

27、ter is exceededIPsec SA is removedConfiguring IPsecConfiguration Steps forSite-to-Site IPsec VPNEstablish ISAKMP policyConfigure IPsec transform setConfigure crypto ACLConfigure crypto mapApply crypto map to the interfaceConfigure interface ACLSite-to-Site IPsec Configuration: Phase 1Site-to-Site IP

28、sec Configuration: Phase 1Site-to-Site IPsec Configuration: Phase 2Site-to-Site IPsec Configuration: Phase 2Site-to-Site IPsec Configuration: Apply VPN ConfigurationSite-to-Site IPsec Configuration:Apply VPN ConfigurationSite-to-Site IPsec Configuration: Interface ACLSite-to-Site IPsec Configuration

29、:Interface ACLWhen filtering at the edge, there is not much to see:IKE: UDP port 500ESP and AH: IP protocol numbers 50 and 51, respectivelyNAT transparency enabled:UDP port 4500TCP (port number has to be configured)Router1#show access-listsaccess-list 102 permit ahp host 172.16.172.10 host 172.16.171.20access-list 102 permit esp host 172.16.172.10 host 172.16.171.20access-list 102 permit udp host 172.16.172.10 host 172.