DOCSLIB.ORG

Design and Implementation to Support Multiple Key Exchange Protocols for Ipsec

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Design and Implementation to Support Multiple Key Exchange Protocols for Ipsec Design and Implementation to Support Multiple Key Exchange Protocols for IPsec Kazunori Miyazawa Shoichi Sakane Yokogawa Electric Corporation Yokogawa Electric Corporation [email protected] [email protected] Ken-ichi Kamada Mitsuru Kanda Yokogawa Electric Corporation Toshiba Corporation [email protected] [email protected] Atsushi Fukumoto Toshiba Corporation [email protected] Abstract methods to share IPsec SAs between two enti- ties. One is manual configuration and the other is automatic key exchange. Manual configura- The racoon2 project has been developing an ap- tion is basically used for a small static system or plication, the racoon2, which simultaneously debugging because of its scalability. Automatic supports multiple key exchange protocols for key exchange is used in a practical system. IPsec [6]. The racoon2 supports IKEv2 [1] and KINK [11], and works on Linux, NetBSD, and We have used the Internet Key Ex- FreeBSD. This paper describes issues to sup- change(IKEv1) [2] protocol to support port the multiple key exchange protocols on automatic key exchange. But it does not those operating systems, and describes our ap- clearly specify the ways to re-key and delete proach. This paper also describes design and SAs and dead peer detection. The vendors implementation of the racoon2. have been extending it to support them and it caused interoperability issues. Additionally, it needs at least 6 messages to exchange IPsec SAs. According to the background IETF IPsec 1 Background working group had discussed a successor of IKEv1. The working group defines the Internet Key Exchange version 2 (IKEv2) and IETF IPsec provides security services in IP layer. To published it in 2005 as a conclusion of the use the services, we need to share IPsec SAs discussion. IKEv2 reduces the messages to between two entities. IPsec SA consists of a set exchange keys from 6 messages to 4 messages. of security parameters such as IPsec protocol, It also specifies to re-key and delete SAs and cipher algorithm, key and so on. There are two to detect the dead peer and introduces more 144 • Design and Implementation to Support Multiple Key Exchange Protocols for IPsec functionality. 2 Supporting the multiple key ex- change protocols KINK, Kerberised Internet Negotiation of We considered two kinds of architecture to im- Keys, is another key exchange protocol. It is plement the multiple key exchange protocols defined at KINK working group in IETF. It uses on Linux, NetBSD and FreeBSD operating sys- Kerberos to authenticate peers and establishes tems. One is implementing all protocols into IPsec SAs only using symmetric key cipher al- single daemon. The other is implementing dae- gorithm. Therefore it is available for low-end mons for each protocol. devices which can not calculate public key al- gorithm in a practical period. KINK reuses the We adopted the latter approach. Because sin- encoding format of IKEv1 to represent infor- gle daemon architecture consumes useless re- mation of IPsec SA so that its payloads are sim- sources when user want to use only one proto- ilar to IKEv1. col. Additionally, it tends to reduce the modu- larity so that it is possibly difficult to extend to implement new protocols. racoon is widely used as an implementation of IKEv1 on Linux, NetBSD, FreeBSD and oth- The current Linux kernel does not assume to ers. racoon was developed originally by the support multiple daemons which process each KAME project [5] as the implementation on key exchange protocol. It accordingly can not the BSDs. The IPsec-Tools project [4] did keep the relationship between an IPsec policy porting it on Linux when Linux introduced and a key exchange protocol. NetBSD and KAME compatible IPsec stack. The IPsec- FreeBSD can not keep the information either. Tools project currently maintains and extends We had had a choice to change the kernels. We it to support various functions. however decided to solve the issue within the user-land instead of changing the kernels be- cause of the advantage of deployment of the The racoon2, a successor of racoon, however racoon2. introduced different architecture and configura- It is necessary to strictly manage the relation- tion model. The configuration includes IPsec ship to get a daemon to process a key exchange policy to supports the multiple key exchange request based on a user configuration. Sepa- protocols. Because it tightly links the policy, ration of a IPsec policy and the key exchange IPsec SAs, and the key exchange protocol, a protocol configuration like racoon does causes user can specify and easily prospect the re- possibility of the application to use a different sults of the configuration. It accordingly breaks protocol against a key exchange request. backward compatibility of the configuration. Instead of separated the configuration of racoon, the racoon2 configuration unifies and In this paper, we discuss issue to support the includes IPsec policies, IPsec SAs and the key multiple key exchange protocols in section 2. exchange protocols. Using this configuration We describe data structure and architecture of model, user can clearly configure what proto- the racoon2 in section 3. We show current sta- col must be used against the IPsec policy. On tus and future works in section 4. We summa- the other hand, user can not configure them sep- rize this paper in section 5. arately like the usage of racoon. 2006 Linux Symposium, Volume Two • 145 As mentioned above, the kernel can not keep its action. selector is pointed from remote the relationship because it does not have a field when it supports road-warriors. selector of the key exchange protocol in IPsec policy represents simplex traffic so that there are data structure, which is struct xfrm_policy on two selectors for an normal bidirectional the Linux. The daemon accordingly needs traffic. The IKE daemon uses the values in to search the IPsec policy which triggers the selector as an IKEv2 Traffic selector pay- SADB_ACQUIRE message, when receiving it. load or an IKEv1 ISAKMP ID payload in phase 2. In KINK protocol, it will be used The PF_KEY [8] API of Linux, NetBSD and as a KINK_ISAKMP ID payload. FreeBSD contains extension derived from the KAME implementation. The stack has IPsec • sa contains information of an IPsec SA. policy ID. In the Linux kernel the index of the They are an IPsec protocol and candidates struct xfrm_policy corresponds it. The index is of cipher algorithm. assigned by the kernel and identifies the policy uniquely. The kernel also returns the ID against • ipsec contains parameter to create IPsec a request of installing an IPsec policy. SA bundle. The information consists of common values of bundled IPsec SAs When there is no IPsec SA corresponding the such as lifetime. The racoon2 restricts the IPsec policy in the kernel, it acquires the IPsec type of IPsec SA bundle like the table 3.1. SADB_ACQUIRE SA by sending a message to ipsec points more than one IPsec SA to the daemons which listens to PF_KEY socket. create bundle. KAME extends SADB_ACQUIRE message to contain the ID so that the daemon which re- ceives the message can search the IPsec pol- type of bundle the results packet AH_ESP [IP][AH][ESP][Payload] icy which triggers it. As mentioned above, the AH_IPCOMP [IP][AH][IPCOMP][Payload] racoon2 adopts unified configuration model. ESP_IPCOMP [IP][ESP][IPCOMP][Payload] The daemons can exactly search the original AH_ESP_IPCOMP [IP][AH][ESP][IPCOMP][Payload] configuration. Table 1: The types of IPsec SA bundle 3 The racoon2 • policy contains parameter of action against the traffic which matches the selector. The action can be “discard”, “bypass” or 3.1 The racoon2 data structure “auto_ipsec” to apply IPsec. policy also contains mode of IPsec and end point’s The data structure basically consists of selec- addresses if the mode is “tunnel”. a pol- tor, policy, ipsec, sa and remote. They are icy connects components of the racoon2 linked by their identifiers. The current racoon2 data structure. a policy points some ipsec directly uses this model as its configuration. to make a proposal when the action is “auto_ipsec”. • selector contains parameters to select traf- • remote contains parameter for the key ex- fic through the IPsec stack such as IP ad- change protocol. They are identifier of a dresses, an upper layer protocol, port num- peer, the IP addresses, the authentication bers and so on. selector points a policy as information, algorithm and so on. 146 • Design and Implementation to Support Multiple Key Exchange Protocols for IPsec A user can flexibly build configuration by link- kernel broadcasts a SADB_ACQUIRE mes- ing those components corresponding what user sage to all daemons which listens to PF_KEY. want. For example, in case of that two types iked and kinkd accordingly receive the same of traffic shares a pair of IPsec SA whose pro- SADB_ACQUIRE message. The racoon2 posal is AH and ESP bundle or single ESP, adopts the unified configuration model and all the configuration consists of the components daemons read an identical configuration file to linked like figure 1 share the parameter. The configuration file cur- rently reflects the racoon2 data structure. Figure 1: racoon2 data structure Figure 2: the racoon2 architecture An initiator can retrieve whole configuration from selector. When it is a responder, it can search a remote from peer’s identifier. If it spmd reads selector, policy and ipsec from the finds remote, it validates the peer and searches configuration files and installs IPsec policies the selector from IKEv2 Traffic Selector Pay- into the kernel via PF_KEY socket. The ker- load, ISAKMP ID Payload in IKEv1 phase 2 nel returns the message including IPsec policy or KINK_ISAKMP ID Payload. In the case of ID and spmd creates a mapping table of IPsec supporting road-warrior a responder uses link policy ID and selector identifier.
Load more

Recommended publications
  • Efficient, Dos-Resistant, Secure Key Exchange
    Efficient, DoS-Resistant, Secure Key Exchange for Internet Protocols∗ William Aiello Steven M. Bellovin Matt Blaze AT&T Labs Research AT&T Labs Research AT&T Labs Research [email protected] [email protected] [email protected] Ran Canetti John Ioannidis Angelos D. Keromytis IBM T.J. Watson Research Center AT&T Labs Research Columbia University [email protected] [email protected] [email protected] Omer Reingold AT&T Labs Research [email protected] Categories and Subject Descriptors While it might be possible to “patch” the IKE protocol to fix C.2.0 [Security and Protection]: Key Agreement Protocols some of these problems, it may be perferable to construct a new protocol that more narrorwly addresses the requirements “from the ground up.” We set out to engineer a new key exchange protocol General Terms specifically for Internet security applications. We call our new pro- Security, Reliability, Standardization tocol “JFK,” which stands for “Just Fast Keying.” Keywords 1.1 Design Goals We seek a protocol with the following characteristics: Cryptography, Denial of Service Attacks Security: No one other than the participants may have access to ABSTRACT the generated key. We describe JFK, a new key exchange protocol, primarily designed PFS: It must approach Perfect Forward Secrecy. for use in the IP Security Architecture. It is simple, efficient, and secure; we sketch a proof of the latter property. JFK also has a Privacy: It must preserve the privacy of the initiator and/or re- number of novel engineering parameters that permit a variety of sponder, insofar as possible.
    [Show full text]
  • Network Access Control and Cloud Security
    Network Access Control and Cloud Security Raj Jain Washington University in Saint Louis Saint Louis, MO 63130 [email protected] Audio/Video recordings of this lecture are available at: http://www.cse.wustl.edu/~jain/cse571-17/ Washington University in St. Louis http://www.cse.wustl.edu/~jain/cse571-17/ ©2017 Raj Jain 16-1 Overview 1. Network Access Control (NAC) 2. RADIUS 3. Extensible Authentication Protocol (EAP) 4. EAP over LAN (EAPOL) 5. 802.1X 6. Cloud Security These slides are based partly on Lawrie Brown’s slides supplied with William Stallings’s book “Cryptography and Network Security: Principles and Practice,” 7th Ed, 2017. Washington University in St. Louis http://www.cse.wustl.edu/~jain/cse571-17/ ©2017 Raj Jain 16-2 Network Access Control (NAC) AAA: Authentication: Is the user legit? Supplicant Authenticator Authentication Server Authorization: What is he allowed to do? Accounting: Keep track of usage Components: Supplicant: User Authenticator: Network edge device Authentication Server: Remote Access Server (RAS) or Policy Server Backend policy and access control Washington University in St. Louis http://www.cse.wustl.edu/~jain/cse571-17/ ©2017 Raj Jain 16-3 Network Access Enforcement Methods IEEE 802.1X used in Ethernet, WiFi Firewall DHCP Management VPN VLANs Washington University in St. Louis http://www.cse.wustl.edu/~jain/cse571-17/ ©2017 Raj Jain 16-4 RADIUS Remote Authentication Dial-In User Service Central point for Authorization, Accounting, and Auditing data ⇒ AAA server Network Access servers get authentication info from RADIUS servers Allows RADIUS Proxy Servers ⇒ ISP roaming alliances Uses UDP: In case of server failure, the request must be re-sent to backup ⇒ Application level retransmission required TCP takes too long to indicate failure Proxy RADIUS RADIUS Network Remote Access User Customer Access ISP Net Server Network Server Ref: http://en.wikipedia.org/wiki/RADIUS Washington University in St.
    [Show full text]
  • Lecture 12: Security Systems Using Public Keys 11.1 PGP 11.2 SSL/TLS 11.3 IPSEC Stallings: Ch 16,17
    T-79.4501 Cryptography and Data Security Lecture 12: Security systems using public keys 11.1 PGP 11.2 SSL/TLS 11.3 IPSEC Stallings: Ch 16,17 1 Pretty Good Privacy • Email encryption program • Bottom–up approach to the distribution of trust • Each user acts as his/her own CA and signs the public keys of other users • User can accept authenticity of a public key based on recommendation by a third trusted user • RSA public key encryption used for distribution of session keys *) • Digital signatures produced by RSA or DSA signature algorithms • Hash functions are MD5 and SHA-1 • Symmetric encryption performed using IDEA in CFB mode (self- synchronising stream cipher) • Public keys held in ”Key-ring” • Revocation of public keys is a problem *) A data encryption protocol, where the data is encrypted using symmetric encryption, and the symmetric encryption key is encrypted using public key encryption, is called as ”hybrid encryption” 2 1 Secure Sockets Layer /Transport Layer Security • SSL (by Netscape) adds security to the TCP level of the Internet Protocol stack • Reliable end-to-end service. • TLS developed by IETF is basically equivalent to SSL v 3.1 Structure: SSL SSL Change SSL Handshake Cipher Spec Alert HTTP Protocol Protocol Protocol SSL Record Protocol TCP IP • Hypertext Transfer Protocol (Web client/server interaction) can operate on top of SSL (https://...) 3 SSL Record Protocol Application data fragment compressed fragment MAC added encrypted SSL record header appended 4 2 SSL Record Protocol Crypto • The MAC is similar to HMAC (indeed, an early version of HMAC) with the difference that OPAD and IPAD fields are concatenated to the key data (not xored as in HMAC).
    [Show full text]
  • Pf3e Index.Pdf
    INDEX Note: Pages numbers followed by f, n, priority-based queues, 136–145 or t indicate figures, notes, and tables, match rule for queue assignment, respectively. 137–138 overview, 134–135 Symbols performance improvement, 136–137 # (hash mark), 13, 15 queuing for servers in DMZ, ! (logical NOT) operator, 42 142–144 setting up, 135–136 A on FreeBSD, 135–136 on NetBSD, 136 Acar, Can Erkin, 173 on OpenBSD, 135 ACK (acknowledgment) packets transitioning to priority and class-based bandwidth allocation, queuing system, 131–133 139–140 anchors, 35–36 HFSC algorithm, 124, 126, 142 authpf program, 61, 63 priority queues, 132, 137–138 listing current contents of, 92 two-priority configuration, loading rules into, 92 120–121, 120n1 manipulating contents, 92 adaptive.end value, 188 relayd daemon, 74 adaptive firewalls, 97–99 restructuring rule set with, 91–94 adaptive.start value, 188 tagging to help policy routing, 93 advbase parameter, 153–154 ancontrol command, 46n1 advskew parameter, 153–154, 158–159 antispoof tool, 27, 193–195, 194f aggressive value, 192 ARP balancing, 151, 157–158 ALTQ (alternate queuing) framework, atomic rule set load, 21 9, 133–145, 133n2 authpf program, 59–63, 60 basic concepts, 134 basic authenticating gateways, class-based bandwidth allocation, 60–62 139–140 public networks, 62–63 overview, 135 queue definition, 139–140 tying queues into rule set, 140 B handling unwanted traffic, 144–145 bandwidth operating system-based queue actual available, 142–143 assignments, 145 class-based allocation of, 139–140 overloading to
    [Show full text]
  • Implementing Ipv6: Experiences at KAME Project
    Implementing IPv6: experiences at KAME project Jun-ichiro Hagino, IIJ research laboratory itojun@{iijlab.net,kame.net} Outline What is IPv6, and why IPv6 (brief summary) What is KAME project Some technical insights observed at KAME Implmentation status What are the TODOs, issues from both specification/implementation What is IPv6? Expansion of address space - 32bit -> 128bit 32bit: 4.3 billion nodes maximum not sufficient, blocking new IP-based applications from appearing 128bit: 3.4 x 10^38 nodes maximum Make new technologies mandatory IPv4: designed in 1970’s IPv6: designed in 1990’s autoconfiguration, multicast, security, ... Why? - IPv4 address space is filled up, NAT is killing us all When? - Already there, so you should How? - (next slide) How to operate IPv6? IPv6 is "IP with bigger address space", almost no difference with IPv4 bigger address space makes a huge difference Base spec NAT-free 128bit address, simpler base header, extensible header format Enables many future application deployment and uses Routing - OSPFv3, RIPng, BGP4+ QoS - diffserv, RSVP (separate effort from IPv6 itself) more friendly than IPv4 Mobility - mobile-ip6 No foreign agent necessary Security - IPsec (separate effort from IPv6 itself) A "fully conformant IPv6 implementation" must have IPsec code Autoconfiguration stateless autoconf, DHCPv6 Multicast - PIM, MLD (= IGMP) Applications - HTTP, FTP, VoIP, whatever you do with IPv4 New applications would appear when IPv6 hits the critical mass Problem we had in 1995... IPv6 specification is out, but there’s
    [Show full text]
  • Nist Sp 800-77 Rev. 1 Guide to Ipsec Vpns
    NIST Special Publication 800-77 Revision 1 Guide to IPsec VPNs Elaine Barker Quynh Dang Sheila Frankel Karen Scarfone Paul Wouters This publication is available free of charge from: https://doi.org/10.6028/NIST.SP.800-77r1 C O M P U T E R S E C U R I T Y NIST Special Publication 800-77 Revision 1 Guide to IPsec VPNs Elaine Barker Quynh Dang Sheila Frankel* Computer Security Division Information Technology Laboratory Karen Scarfone Scarfone Cybersecurity Clifton, VA Paul Wouters Red Hat Toronto, ON, Canada *Former employee; all work for this publication was done while at NIST This publication is available free of charge from: https://doi.org/10.6028/NIST.SP.800-77r1 June 2020 U.S. Department of Commerce Wilbur L. Ross, Jr., Secretary National Institute of Standards and Technology Walter Copan, NIST Director and Under Secretary of Commerce for Standards and Technology Authority This publication has been developed by NIST in accordance with its statutory responsibilities under the Federal Information Security Modernization Act (FISMA) of 2014, 44 U.S.C. § 3551 et seq., Public Law (P.L.) 113-283. NIST is responsible for developing information security standards and guidelines, including minimum requirements for federal information systems, but such standards and guidelines shall not apply to national security systems without the express approval of appropriate federal officials exercising policy authority over such systems. This guideline is consistent with the requirements of the Office of Management and Budget (OMB) Circular A-130. Nothing in this publication should be taken to contradict the standards and guidelines made mandatory and binding on federal agencies by the Secretary of Commerce under statutory authority.
    [Show full text]
  • Guidelines for the Secure Deployment of Ipv6
    Special Publication 800-119 Guidelines for the Secure Deployment of IPv6 Recommendations of the National Institute of Standards and Technology Sheila Frankel Richard Graveman John Pearce Mark Rooks NIST Special Publication 800-119 Guidelines for the Secure Deployment of IPv6 Recommendations of the National Institute of Standards and Technology Sheila Frankel Richard Graveman John Pearce Mark Rooks C O M P U T E R S E C U R I T Y Computer Security Division Information Technology Laboratory National Institute of Standards and Technology Gaithersburg, MD 20899-8930 December 2010 U.S. Department of Commerce Gary Locke, Secretary National Institute of Standards and Technology Dr. Patrick D. Gallagher, Director GUIDELINES FOR THE SECURE DEPLOYMENT OF IPV6 Reports on Computer Systems Technology The Information Technology Laboratory (ITL) at the National Institute of Standards and Technology (NIST) promotes the U.S. economy and public welfare by providing technical leadership for the nation’s measurement and standards infrastructure. ITL develops tests, test methods, reference data, proof of concept implementations, and technical analysis to advance the development and productive use of information technology. ITL’s responsibilities include the development of technical, physical, administrative, and management standards and guidelines for the cost-effective security and privacy of sensitive unclassified information in Federal computer systems. This Special Publication 800-series reports on ITL’s research, guidance, and outreach efforts in computer security and its collaborative activities with industry, government, and academic organizations. National Institute of Standards and Technology Special Publication 800-119 Natl. Inst. Stand. Technol. Spec. Publ. 800-119, 188 pages (Dec. 2010) Certain commercial entities, equipment, or materials may be identified in this document in order to describe an experimental procedure or concept adequately.
    [Show full text]
  • Nanosec™ ] Mocana’S Comprehensive Ipsec and Ikev1/V2 Solution with Integrated Certificate Management Functionality
    Security of Things Connectivity [ NanoSec™ ] Mocana’s comprehensive IPsec and IKEv1/v2 solution with integrated certificate management functionality. Features & Benefits • Small footprint, high performance • Full NIST USGv6 compliant implementation of IETF IPsec version 3 • FIPS 140-2 Level 1 validated (optional) • Guaranteed “GPL-Free” code protects your • Complete IPSec & IKEv1/v2 solution with intellectual property certificate management • Zero-threaded, asynchronous architecture • Dramatically speeds integration & testing of IPsec and certificate management • Expert development support from Mocana engineers •NIST-Approved “Suite B” cryptography included IPsec/IKE is a standard designed by IETF to provide interoperable, high quality, cryptographically- based security for IP communication. It’s useful for providing authentication (to ensure peers are communicating with the intended trusted parties), data confidentiality (to ensure data cannot be read in transit) and message integrity (to ensure traffic has not been altered in transit). These security services are provided at the IP layer, offering protection to all the protocols carried over PI . IPsec provides a great deal of flexibility and granular control over the security services offered. The most popular application of IPsec is the VPN (Virtual Private Network) which creates a secure encrypted “tunnel” over the unsecured Internet. Once a VPN is established, the two ends can run virtually any data, voice and video application securely. IPsec is terrific for reducing the threat of packet sniffers or man-in-the-middle attacks. Unfortunately, most IPsec packages are designed for PC’s, not embedded devices. That means that they can be somewhat unwieldy in memory-constrained device environments...and the performance of typical commercial or open-source IPsec offerings can be pretty disappointing, as well.
    [Show full text]
  • Linux Ipsec Tutorial
    Linux IPsec Tutorial Sowmini Varadhan (Oracle) & Paul Wouters (Redhat) Netdev0x12, July 2018, Montreal, Canada Agenda • Background: brief introduction to IPsec and IKE terminology • IPsec datapath walk-through: trace the life of a UDP packet for the transmit and receive path as it passes through the Linux kernel’s network stack (Sowmini Varadhan) • IPsec control plane walk-through: everything you wanted to know about the IKE control plane (Paul Wouters) Netdev0x12, July 2018, Montreal, Canada First, a review of IPsec/IKE terminology/definitions Netdev0x12, July 2018, Montreal, Canada What is IPsec? • IP Security • Suite of protocols for encryption (adding a “ESP” header) and Authentication (adding a “AUTH” header) • Encryption parameters (e.g., key, algorithm) are determined from two databases: – Security Policy database (SPD) – Security Association database (SADB) Netdev0x12, July 2018, Montreal, Canada SPD and SADB • SPD: Security Policy Database – What must be done: e.g., “for packets in 13.0.0.0/24, perform IPsec ESP processing”, “discard packets in 192.168.0.0/16” – Multiple transforms may be specified, e.g., “for packets from 12.0.0.1→12.0.0.2, apply ESP, then apply compression” – May need to create/lookup a Security Association to perform the action defined the SPD entry • SADB: Security Association Database – How to apply the security transform(s): e.g., “for packets from 13.0.0.1 → 13.0.0.2, apply AES-GCM-256 with the key 0x1234.. and a 128 bit IV” – IKE (Internet Key Exchange) protocol for negotiating and establishing SADB parameters
    [Show full text]
  • Implementation of Ipv6 in Internet Key Exhange Version 2
    Implementation of IPv6 in Internet Key Exhange version 2 Marko Salkić, Stjepan Groš, Vlado Glavinić Department of Electronics, Microelectronics, Computer and Intelligent Systems Faculty of Electrical Engineering and Computing Address: Unska 3, 10000 Zagreb, Croatia Telephone: +385 1 6129-935 E-mail: [email protected] Summary ± IKEv2 is a protocol for key exchange in Internet concluded in section five, followed by a list of references security architecture. We have implemented first, stripped- in section six. down version of IKEv2 that supported only IPv4 addresses. The implementation had some provisions that have been introduced in order to make later implementation of IPv6 II. IKEV2 PROTOCOL easier. Currently, we are extending IKEv2 implementation with missing functionality in order to make it fully IP security (IPsec) is a suite of security protocols and functional. In this paper we describe implementation details open standards developed by the Internet Engineering of IPv6 introduction into IKEv2 protocol implementation. Task Force (IETF) for secure transmission over unprotected networks, such as Internet. IPsec is required I. INTRODUCTION for IPv6 and optional for IPv4, but has not yet been widely deployed. Using cryptographic security services, IPsec IPv4 address architecture [1] is currently dominating provides confidentiality, data integrity, authenticity and on the Internet. This version has been in use for over 20 availability. Setting the parameters of an IPsec security years and during this period of time many deficiencies association (SA) manually does not scale well [4], so were discovered and identified. This led to a new version, another protocol ± Internet Key Exchange (IKE) ± is used IPv6 architecture [2], that has been in active development to automate and enhance negotiation of parameters and for over a decade.
    [Show full text]
  • Subliminal Channels in High-Speed Signatures
    Die approbierte Originalversion dieser Diplom-/ Masterarbeit ist in der Hauptbibliothek der Tech- nischen Universität Wien aufgestellt und zugänglich. http://www.ub.tuwien.ac.at institute of telecommunications The approved original version of this diploma or master thesis is available at the main library of the Vienna University of Technology. http://www.ub.tuwien.ac.at/eng Subliminal Channels in High-Speed Signatures Master’s Thesis for obtaining the academic degree Diplom-Ingenieur as part of the study Electrical Engineering and Information Technology carried out by Alexander Hartl student number: 01125115 Institute of Telecommunications at TU Wien Supervision: Univ. Prof. Dipl.-Ing. Dr.-Ing. Tanja Zseby Dipl.-Ing. Robert Annessi, B.Sc Acknowledgments I want to express my gratitude for everyone who assisted or encouraged me in various ways during my studies. In particular, I would like to thank Prof. Tanja Zseby and Dipl.-Ing. Robert Annessi for giving me the opportunity to write this thesis, for supporting me actively while I was working on it and for many valuable comments and suggestions. I owe special thanks to my family, especially my parents Edith and Rudolf, for their endless support during all these years. Thank you, Sabrina, for encouraging me and for so many cheerful hours in my life. Abstract One of the fundamental building blocks for achieving security in data networks is the use of digital signatures. A digital signature is a bit string which allows the receiver of a message to ensure that the message indeed originated from the apparent sender and has not been altered along the path.
    [Show full text]
  • Cryptography and Public Key Infrastructure on the Internet
    Cryptography and Public Key Infrastructure on the Internet Klaus Schmeh Gesellsschaft für IT-Sicherheit AG Bochum, Germany Cryptography and Public Key Infrastructure on the Internet Cryptography and Public Key Infrastructure on the Internet Klaus Schmeh Gesellsschaft für IT-Sicherheit AG Bochum, Germany Copyright © 2001 by dpunkt.verlag GmbH, Heidelberg, Germany. Title of the German original: Kryptografie und Publik-Key-Infrastrukturen im Internet. ISBN: 3 932588 90 8 English translation Copyright 2003 by John Wiley & Sons Ltd, The Atrium, Southern Gate, Chichester, West Sussex PO19 8SQ, England. All rights reserved National 01243 779777 International (+44) 1243 779777 e-mail (for orders and customer service enquiries): [email protected] Visit our Home Page on http://www.wileyeurope.com or http://www.wiley.com All Rights Reserved. No part of this publication may be reproduced, stored in a retrieval system or transmitted in any form or by any means, electronic, mechanical, photocopying, recording, scanning or otherwise, except under the terms of the Copyright, Designs and Patents Act 1988 or under the terms of a licence issued by the Copyright Licensing Agency Ltd, 90 Tottenham Court Road, London W1T 4LP, UK, without the permission in writing of the Publisher, with the exception of any material supplied specifically for the purpose of being entered and executed on a computer system, for exclusive use by the purchaser of the publication. Requests to the Publisher should be addressed to the Permissions Department, John Wiley & Sons Ltd, The Atrium, Southern Gate, Chichester, West Sussex PO19 8SQ, England, or emailed to [email protected], or faxed to (+44) 1243 770571.
    [Show full text]