SECURE NETWORKING MACsec Fundamentals TABLE OF CONTENTS Introduction - 3 Overview - 3 What are typical use cases for MACsec? - 4 The OSI model for communication - 5 Data Link Layer Functions - 7 Link Layer Vulnerabilities - 8 Physical security- 9 MACsec Security Properties - 9 Hop-by-hop security architecture - 9 Connectionless data integrity- 10 Data origin authenticity - 10 Confidentiality - 10 Replay protection - 10 Bounded receive delay - 10 MACsec protocol process - 11 Control plane: MACsec authentication - 12 Data plane: MACsec data encryption - 12 Inside Secure Solutions - 12 About Inside Secure - 14 For more information: - 15 Terminology - 15 3 INTRODUCTION This document is a high level introduction to the MACsec (Media Access Control Security) protocol. OVERVIEW Until recently, most network security has been focused on neutralizing external threats to an enterprise. Enterprises were mainly concerned with securing the network from outside attackers. In today’s constantly changing enterprise environment, the source of a large number of threats has reversed direction to data and privacy breaches internal to the enterprise. As network access expands to consultants, contractors, and even guests, network security behind external firewalls has become a top priority. MACsec is an IEEE 802 standard that specifies how encryption may be used at Link Layer level to secure links behind external firewalls on a Ethernet Local Area Network (LAN). MACsec can be used on a Metropolitan Area Network (MAN) and in some cases even a Wide Area Network (WAN). As encryption-based security is more and more often required by organizations and governments, MACsec and its capability to provide such a network-wide encryption- based security rather than providing it for each application, stands as the most relevant means to achieve such a level of security. HIPAA, PCI, Sarbanes-Oxley, Basel-II and the FDA among others have already adopted MACsec for securing their networks. 4 WHAT ARE TYPICAL USE CASES FOR MACSEC? The need to prevent costly data breaches within the physical network infrastructure of routers, bridges, and switches, as well as across a range of connected devices, such as IP phones, laptops, PC’s, printers, and network servers is becoming increasingly important. In a Local Area Network, any connected devices can listen to broadcast messages sent by any other connected device. That should give an indication of how easily a maliciously connected device can disturb communication over this network: • IP phones used in an office may interact with the network • Security cameras on the wall of a building may be access points to a network When MACsec is in use, only authenticated peers are able to connect to the network and all local attacks that “trick” switches and routers to redirect network traffic to attacker machines do not work if MACsec is enabled. 5 THE OSI MODEL FOR COMMUNICATION The “Link Layer level” refers to the second layer (“Layer 2”) of ISO-compliant OSI model for communication in a network – “OSI” standing for “Open Systems Interconnection”. Each of the 7 steps of the communication process from signalling (physical electronic signal emitting) up to application execution includes the definition of specific interfaces, specific services to be performed and specific protocols to be used to establish communication. During the process from the sender to the receiver, data is encoded/decoded into frames, formatted, segmented and encapsulated. If we consider communication from a bottom up point of view where the physical layer is the starting point : • Layer 1 is the physical layer where electric signals are encoded into bits following patterns described in protocols such as USB or Bluetooth and conveyed through interfaces such as USB ports. • Layer 2 is the data link layer (shortened into “Link layer”): it deals with finding the legitimate physical address (MAC addresses) where to send the data: IP addresses are converted into MAC addresses via a CAM table, according to the Address Resolution Protocol (ARP). Note CAM table vulnerability: when the table is full, by default all ports are open. • Layer 3 is the network layer: it deals with data routing through the many nodes 6 of the network and takes into account priorities. • Layer 4 is the transport layer: it deals with identifying the proper service on the receiver side to process the data, represented by a port number (TCP protocol). • Layer 5 is the session layer: it deals with the timing of a connection while data is being transfered, including coordination. • Layer 6 is the presentation layer: it deals with the format of data that is conveyed, so that it can be understood at both ends of the communication chain. • Layer 7 is the application layer: it deals with the tools (like software) required by the user to work, like graphic display. DATA LINK LAYER FUNCTIONS 7 The following are the key tasks performed at the data link layer: • Logical Link Control (LLC): Logical link control refers to the functions required for the establishment and control of logical links between local devices on a network. This is usually considered a data Link Layer sublayer; it provides services to the network layer above it and hides the rest of the details of the data Link Layer to allow different technologies to work seamlessly with the higher layers. Most local area networking technologies use the IEEE 802.2 LLC protocol. • Media Access Control (MAC): This refers to the procedures used by devices to control access to the network medium. Since many networks use a shared medium (such as a single network cable, or a series of cables that are electrically connected into a single virtual medium) it is necessary to have rules for managing the medium to avoid conflicts. For example, Ethernet uses the CSMA/CD method of media access control, while Token Ring uses token passing. • Data Framing: The data Link Layer is responsible for the final encapsulation of higher-level messages into frames that are sent over the network at the physical layer. MACsec “encapsulates” the data – so it is application agnostic. • Addressing: The data Link Layer is the lowest layer in the OSI model that is concerned with addressing: labeling information with a particular destination 8 location. Each device on a network has a unique number, usually called a hardware address or MAC address, that is used by the data link layer protocol to ensure that data intended for a specific machine gets to it properly. • Error Detection and Handling: The data Link Layer handles errors that occur at the lower levels of the network stack. For example, a cyclic redundancy check (CRC) field is often employed to allow the station receiving data to detect if it was received correctly. LINK LAYER VULNERABILITIES If Layer 2 security has not been adequately addressed, the layer can be a very weak link indeed while conveying packets from the physical layer to the network layer (see Figure 4 - Frame formatting), and upper layer security mechanisms may not be able to detect that communication is compromised. Examples of Layer 2 vulnerabilities : • ARP cache poisoning: false ARP replies cause false entries in ARP table (which converts an IP address into a MAC address) • MAC flooding: Fixed-size CAM tables at switches filled with false MAC addresses in forged ARP packets • Port stealing: forged ARP packets with host’s MAC address source cause race condition in a switch. • Broadcasting attack: Spoofed ARP replies set router MAC address as broadcast address -> all outbound traffic broadcasted. • Denial of Service: ARP caches filled with non-existent MAC addresses. • MAC cloning: Legitimate host rendered inoperable by Denial of Service attack, then its IP and MAC used by the attacker • Hijacking attack: Gaining control of e.g. Telnet session after login • Eaves dropping e.g. directly from the fiber 9 PHYSICAL SECURITY Layer 2 security is too often based on the physical security of the equipment location, on trust in users or on configuration: physical port on switch tied to MAC address, static ARP entries, etc... As soon as you need to use your hardware device in publicly accessible locations, you no longer havve the benefit of your usual environment, and your device is at risk for data breaches, for instance while connecting to a cell tower. A MACsec-equipped device is less likely to let its data be captured as it requires mutual authentication when connecting to a network, as described in next chapter. MACSEC SECURITY PROPERTIES The MACsec protocol provides the following functionalities : Hop-by-hop security architecture MACSec helps secure the network from the inside by securing data exchange on a hop-by-hop basis. A “hop-by-hop” security architecture means that data is secured from one node of a network to another consecutive node (a ‘node’ is a connection point inside a network), then decrypted and encrypted again to the next node of the network, and then to its final destination. MACsec also allows each hop to act as an IT insertion point for security purposes. This enables IT departments, through their security devices, to monitor and inspect internal “in the clear” LAN traffic at each node. 10 Connectionless data integrity Unauthorized changes to data cannot be made without being detected. Each MAC frame carries a separate integrity verification code, hence the term connectionless. Data origin authenticity A received MAC frame is guaranteed to have been sent by the peer LAN station. However, in a sharedmedia LAN a received MAC frame is guaranteed to have been sent by one of the authorized MACsec stations in the LAN, although the individual originating station cannot be verified. Confidentiality The user data of each MAC frame is encrypted to prevent it from being eavesdropped by unauthorized parties. Replay protection MAC frames copied from the LAN by an attacker cannot be resent into the LAN without being detected.