Showing papers on "IPsec published in 2002"

An Internet Attribute Certificate Profile for Authorization

Abstract: This specification defines a profile for the use of X509 Attribute Certificates in Internet Protocols Attribute certificates may be used in a wide range of applications and environments covering a broad spectrum of interoperability goals and a broader spectrum of operational and assurance requirements The goal of this document is to establish a common baseline for generic applications requiring broad interoperability as well as limited special purpose requirements The profile places emphasis on attribute certificate support for Internet electronic mail, IPSec, and WWW security applications

Security flaws induced by CBC padding -applications to SSL, IPSEC, WTLS …

Abstract: In many standards, e.g. SSL/TLS, IPSEC, WTLS, messages are first pre-formatted, then encrypted in CBC mode with a block cipher. Decryption needs to check if the format is valid. Validity of the format is easily leaked from communication protocols in a chosen ciphertext attack since the receiver usually sends an acknowledgment or an error message. This is a side channel. In this paper we show various ways to perform an efficient side channel attack. We discuss potential applications, extensions to other padding schemes and various ways to fix the problem.

Practical Data Hiding in TCP/IP

Abstract: This work relates the areas of steganography, network protocols and security for practical data hiding in communication networks employing TCP/IP. Two approaches are proposed based on packet header manipulation and packet ordering within the IPSec framework. For the former the Internet protocol IPv4 header is analyzed to identify covert channels by exploiting redundancy and multiple interpretations of protocol strategies; by passing supplementary information through IPv4 headers we demonstrate how security mechanisms can be enhanced in routers, firewalls, and for services such as authentication, audit and logging without considerable additions to software or hardware. For the latter approach, we show the use of packet sorting for steganographic embedding with IPSec can allow for enhanced network security.

System and method for secure network roaming

Abstract: A wireless data network process and system are provided based on a network with prior network-based authentication of a connected mobile node (MN) and with a network connection to a packet gateway node (PGN). The method and system establish and use an authentication mechanism between the MN and the PGN using the network connection. An encrypted channel is then set up between the MN and the PGN based on authentication established with the authentication mechanism. Configuration data is sent from the PGN to the MN using the encrypted channel. The configuration data may then be used by the MN for communication to and from the MN via the PGN. Any network connected to the PGN may then be used. The authentication mechanism advantageously includes exchanging public keys and then using the public keys to mutually authenticate the MN and PGN. The configuration data sent from the PGN to the MN using the encrypted channel advantageously includes providing Mobile Internet Protocol (MIP) configuration data and the IP Security protocol (IPsec) configuration data. The MN may then connect to a non-GPRS wireless local network and establish a MIP session across the non-GPRS network as a tunneled session using a IPsec encapsulating security payload (ESP).

Security Flaws Induced by CBC Padding - Applications to SSL, IPSEC, WTLS ...

Abstract: In many standards, e.g. SSL/TLS, IPSEC, WTLS, messages are first pre-formatted, then encrypted in CBC mode with a block cipher. Decryption needs to check if the format is valid. Validity of the format is easily leaked from communication protocols in a chosen ciphertext attack since the receiver usually sends an acknowledgment or an error message. This is a side channel.In this paper we show various ways to perform an efficient side channel attack. We discuss potential applications, extensions to other padding schemes and various ways to fix the problem.

Performance analysis of IPSec protocol: encryption and authentication

Abstract: IPSec provides two types of security algorithms, symmetric encryption algorithms (e.g. data encryption standard DES) for encryption, and one-way hash functions (e.g., message digest MD5 and secured hash algorithm SHA1) for authentication. This paper presents performance analysis and comparisons between these algorithms in terms of time complexity and space complexity. Parameters considered are processing power and input size. The analysis results revealed that HMAC-MD5 can be sufficient for the authentication purposes rather than using the more complicated HMAC-SHA1 algorithm. In encryption applications, authentication should be combined with DES.

Voice over IPsec: analysis and solutions

Abstract: In this paper we present the results of the experimental analysis of the transmission of voice over secure communication links implementing IPsec. Critical parameters characterizing the real-time transmission of voice over an IPsec-ured Internet connection, as well as techniques that could be adopted to overcome some of the limitations of VoIPsec (Voice over IPsec), are presented Our results show that the effective bandwidth can be reduced up to 50% with respect to VoIP in case of VoIPsec. Furthermore, we show that the cryptographic engine may hurt the performance of voice traffic because of the impossibility to schedule the access to it in order to prioritize traffic. We present an efficient solution for packet header compression, which we call cIPsec, for VoIPsec traffic. Simulation results show that the proposed compression scheme significantly reduces the overhead of packet headers, thus increasing the effective bandwidth used by the transmission. In particular, when cIPsec is adopted, the average packet size is only 2% bigger than in the plain case (VoIP), which makes VoIPsec and VoIP equivalent from the bandwidth usage point of view.

Virtual private network mechanism incorporating security association processor

Abstract: A novel and useful virtual private network (VPN) mechanism and related security association processor for maintaining the necessary security related parameters to perform security functions such as encryption, decryption and authentication. A security association database (SAD) and related circuitry is adapted to provide the necessary parameters to implement the IPSec group of security specifications for encryption/decryption and authentication. Each security association (SA) entry in the database comprises all the parameters that are necessary to receive and transmit VPN packets according to the IPSec specification.

Efficient, DoS-resistant, secure key exchange for internet protocols

Abstract: We describe JFK, a new key exchange protocol, primarily designed for use in the IP Security Architecture. It is simple, efficient, and secure; we sketch a proof of the latter property. JFK also has a number of novel engineering parameters that permit a variety of trade-offs, most notably the ability to balance the need for perfect forward secrecy against susceptibility to denial-of-service attacks.

A practical architecture for implementing end-to-end QoS in an IP network

Abstract: All critical elements now exist for implementing a QoS-enabled IP network It can be built on commercially available platforms and then evolve by adopting emerging standards and technologies This article describes a practical architecture for end-to-end QoS in an IP environment including incorporation of established, as well as developing, IP and QoS technologies The article combines the IETF QoS mechanisms with the LAN aspects of QoS and QoS for VoIP-areas usually considered separately Proposed solutions span across different technologies, eg, preservation of IP-based classification in MPLS headers, identification of flows encrypted within IPSec during WAN handling, traffic shaping in the access to enable grooming diverse applications and VPNs in the WAN, and so on VoIP receives special emphasis because of its unique features, such as call setup signaling and call admission control, rarely addressed in traditional IP QoS discussions An attractive scenario for the IP QoS implementation is to provide a multiservice environment between large enterprise premises over a service provider's core network A successful end-to-end realization of this service presumes well-defined interworking between the SP's and customers' networks It will take place on several levels including IP signaling, VoIP setup and CAC, policy interworking, and exchange of billing information The article recommends to establish SP's presence at the enterprise premises and to implement interworking entities such as the proposed QoS customer server and QoS network server

System and method for managing security packet processing

Abstract: An IPSec packet processing system includes an IPSec manager to interface with an IPSec engine, to manage memory and to handle exceptions associated with IPSec packet processing. The IPSec manager may be a software module operating as part of a software stack on a host processor while the IPSec engine may perform IPSec packet processing. The IPSec manager may also initiate the negotiation of new keys, send ICMP messages for PMTU violations and log entries for exceptions.

Securing wireless data: system architecture challenges

Abstract: Security is critical to a wide range of current and future wireless data applications and services. This paper highlights the challenges posed by the need for security during system architecture design for wireless handsets, and provides an overview of emerging techniques to address them. We focus on the computational requirements for securing wireless data transactions, revealing a gap between these requirements and the trends in processing capabilities of embedded processors used in wireless handsets. We also demonstrate that the use of security protocols causes significant degradation in battery life, a problem that will worsen due to the slow growth in battery capacities. These trends point to a wireless security processing gap that, unless addressed, will impede the deployment of secure high-speed wireless data and multi-media applications. We discuss approaches that are currently being pursued to bridge this gap, including low-complexity cryptographic algorithms, security enhancements to embedded processors, and advanced system architectures for wireless handsets that are enabled by new system level design methodologies.

System having filtering/monitoring of secure connections

Abstract: Traffic over a secure link or tunnel is filtered to block packets that do not conform to specified requirements for the tunnel. In one embodiment, a private network, such as an ISP network, includes a filter for blocking packets not associated with an IPSec VPN tunnel. The ISP network and/or one or both of the tunnel endpoints can include monitoring modules for detecting the presence of packets that should have been blocked by the filter.

Method and system for identifying a replay attack by an access device to a computer system

Abstract: A method is provided of authenticating a user device (205) requesting access to a computer system (255). The method includes encrypting current session data at a connection application of the user device (105) via which a user requests access to a computer system (245), the current session data changing with each user request. The encrypted current session data is then included in user authentication data in an access request which is communicated in plain text which is then decrypted. Reference session data is then compared with the decrypted current session data and the user request is categorized dependent upon the outcome of the comparison.

IPv6 Essentials

Abstract: If your organization is gearing up for IPv6, this in-depth book provides the practical information and guidance you need to plan for, design, and implement this vastly improved protocol. Author Silvia Hagen takes system and network administrators, engineers, and network designers through the technical details of IPv6 features and functions, and provides options for those who need to integrate IPv6 with their current IPv4 infrastructure.The flood of Internet-enabled devices has made migrating to IPv6 a paramount concern worldwide. In this updated edition, Hagen distills more than ten years of studying, working with, and consulting with enterprises on IPv6. Its the only book of its kind.IPv6 Essentials covers:Address architecture, header structure, and the ICMPv6 message formatIPv6 mechanisms such as Neighbor Discovery, Stateless Address autoconfiguration, and Duplicate Address detectionNetwork-related aspects and services: Layer 2 support, Upper Layer Protocols, and ChecksumsIPv6 security: general practices, IPSec basics, IPv6 security elements, and enterprise security modelsTransitioning to IPv6: dual-stack operation, tunneling, and translation techniquesMobile IPv6: technology for a new generation of mobile servicesPlanning options, integration scenarios, address plan, best practices, and dos and donts

System design methodologies for a wireless security processing platform

Abstract: Security protocols are critical to enabling the growth of a wide range of wireless data services and applications. However, they impose a high computational burden that is mismatched with the modest processing capabilities and battery resources available on wireless clients. Bridging the security processing gap, while retaining sufficient programmability in order to support a wide range of current and future security protocol standards, requires the use of novel system architectures and design methodologies.We present the system-level design methodology used to design a programmable security processor platform for next-generation wireless handsets. The platform architecture is based on (i) a configurable and extensible processor that is customized for efficient domain-specific processing, and (ii) layered software libraries implementing cryptographic algorithms that are optimized to the hardware platform. Our system-level design methodology enables the efficient co design of optimal cryptographic algorithms and an optimized system architecture. It includes novel techniques for algorithmic exploration and tuning, performance characterization and macro-modeling of software libraries, and architecture refinement based on selection of instruction extensions to accelerate performance-critical, computation-intensive operations. We have designed a programmable security processor platform to support both public-key and private key operations using the proposed methodology, and have evaluated its performance through extensive system simulations as well as hardware prototyping. Our experiments demonstrate large performance improvements (e.g., 31.0X for DES, 33.9X for 3DES, 17.4X for AES, and upto 66.4X for RSA) compared to well-optimized software implementations on a state-of-the-art embedded processor.

IP security and mobile networking

Abstract: The invention discloses a method transferring packets between a mobile host device (100) and a source node via a number of independent data networks while maintaining a secure connection. The independent networks may include, for example, the Internet (120), localized Access Zones (110,140), a Corporate Intranets, a Home Network (130) etc. Problems may occur, for example, when the mobile node is using a co-located care-of address, in which case both IP-in-IP and IPsec tunneling transformations are performed, and the current IPsec and IP-in-IP implementations cannot perform the required tunneling operations on the mobile host. This is because the IP-in-IP and IPsec tunneling when the IP-in-IP tunnel is not the outermost transformation. In an embodiment of the invention, the security policy operated by the mobile host includes a primary security policy and a dynamic secondary security policy that selectively apply specified transformations to certain packets in the data transfer.

Home network security

Abstract: Telcordia has submitted proposals to standards bodies for the specification of two easily implemented security services, SSL/TLS and IPSec, that can provide a substantial defense for the home. We show how these services would be implemented in both user devices on the home network and in the residential gateway, and describe the cooperation that would be necessary to effect home network security.

Inside SSL: the secure sockets layer protocol

Abstract: As enterprises conduct more and more of their business activities online, the need for security becomes more crucial. Organizations must implement protocols to address a variety of security-related tasks. An e-business would want to allow an easy access to its site but still provide data security and authentication for e-commerce transactions. For this level of need, one security protocol SSL, the secure sockets layer, has been widely implemented and is now the de facto standard for providing secure e-commerce.

Secure key distribution protocol in AAA for mobile IP

Abstract: A security key distribution and authentication protocol in AAA for Mobile IP has been described. In order to guarantee the secure protocol, messages between the MN, FA, AAAF, AAAH, and HA are encrypted and signed using public/private keys. IPSEC or PKI infrastructure is not required to support the AAA secure key distribution. This protocol enhances the security, flexible, scalability of AAA, and aids in protecting the Diffie-Hellman algorithm from man-in-the-middle attacks. Through this protocol, it is easy to set up a secure registration path in AAA for Mobile IP. This secure registration path provides a secretive and secure key distribution function for AAA.

A Study of the Relative Costs of Network Security Protocols

Abstract: While the benefits of using IPsec to solve a significant number of network security problems are well known and its adoption is gaining ground, very little is known about the communication overhead that it introduces. Quantifying this overhead will make users aware of the price of the added security, and will assist them in making well-informed IPsec deployment decisions. In this paper, we investigate the performance of IPsec using microand macro-benchmarks. Our tests explore how the various modes of operation and encryption algorithms affect its performance and the benefits of using cryptographic hardware to accelerate IPsec processing. Finally, we compare against other secure data transfer mechanisms, such as SSL, scp(1), and sftp(1).

Fast SHA1 implementation

Abstract: Provided is an architecture (hardware implementation) for an authentication engine to increase the speed at which SHA1 multi-loop and/or multi-round authentication algorithms may be performed on data packets transmitted over a computer network As described in this application, the invention has particular application to the variant of the SHA1 authentication algorithms specified by the IPSec cryptography standard In accordance with the IPSec standard, the invention may be used in conjunction with data encryption/encryption architecture and protocols However it is also suitable for use in conjunction with other non-IPSec cryptography algorithms, and for applications in which encryption/decryption is not conducted (in IPSec or not) and where it is purely authentication that is accelerated Among other advantages, an authentication engine in accordance with the present invention provides improved performance with regard to the processing of short data packets

Trust Management for IPsec

Abstract: IPsec is the standard suite of protocols for networklayer confidentiality and authentication of Internet traffic. The IPsec protocols, however, do not address the policies for how protected traffic should be handled at security endpoints. This paper introduces an efficient policy management scheme for IPsec, based on the principles of trust management. A compliance check is added to the IPsec architecture that tests packet filters proposed when new security associations are created for conformance with the local security policy, based on credentials presented by the peer host. Security policies and credentials can be quite sophisticated (and specified in the trustmanagement language), while still allowing very efficient packet-filtering for the actual IPsec traffic. We present a practical, portable implementation of this design, based on the KeyNote trust-management language, that works with a variety of Unix-based IPsec implementations.

Network security using NAT and NAPT

Abstract: This paper examines the use of NAT and NAPT as a transparent security mechanism. It discusses the addressing, security and administrative needs in modern secure network design. By way of examples it demonstrates the use of basic static and dynamic NAT, extending these ideas to include NAPT. More recent developments in the use of NAT are discussed which includes Bidirectional NAT, Twice NAT and Multihomed NAT. Although this technology is starting to provide many security benefits there are also a number of problems that remain to be solved. These include packet translation checksum and fragmentation issues, address and port embedding, and complications with using IPSec tunnels with NAT. Finally a variety of recent extensions and developments are discussed which include load-sharing, interworking between NAT IPv4 and IPv6 as well as discussion on recent work aimed at solving the IPSec tunneling issue.

Intelligent security association management server for mobile IP networks

Abstract: A solution to asynchronous security association between nodes by implementing a security association policy server for IPsec in third generation and beyond wireless mobile access, Internet protocol-based digital networks supporting Mobile IP is disclosed. The security association policy server stores data related to a communication and a security association between nodes in the network, and determines an security association management protocol for the security association. Employing the security association management protocol for the particular security association, the security association management server determines an appropriate combination of security association management factors to ensure synchronization between nodes. The security association management server, may instruct a node to eliminate a security association stored in its cache when it is determined that the security association no longer needs to be stored, or may inform the nodes to re-key a security association when it is determined that the security association is not synchronized.

Method and apparatus for security protocol and address translation integration

Abstract: Method and apparatus for Internet Protocol Security (IPSec) and Network Address Translation (NAT) integration is described. A client obtains a public address from a gateway for IPSec communication. A mapping table is used to form associations between a local address for the client and a destination address for a peer, an Internet Security Association and Key Management Protocol (ISAKMP) Initiator Cookie and a Security Parameters Index associated with communication between the client and the peer. Incoming and outgoing routing may be done at the gateway using the mapping table.

Processing internet protocol security traffic

Abstract: Processing Internet Protocol security (IPsec) traffic includes determining at a first location if a classification parameter is available for the IPsec traffic that indicates a route for the IPsec traffic and forwarding the IPsec traffic based on the classification parameter If a classification parameter is not available, processing IPsec traffic includes decrypting the IPsec traffic at a second location if the IPsec traffic is encrypted and determining the classification parameter for the IPsec traffic at the second location

A single-chip IPSEC cryptographic processor

Abstract: The need for securing the Internet has become a fundamental issue over the last decade and the Internet Protocol Security (IPSec) standard, which incorporates cryptographic algorithms, has been developed as one solution to this problem. Typically, hardware implementations of cryptographic algorithms provide physical security and high speeds. In this paper a novel single-chip hardware IPSec cryptographic design is described, which comprises the Rijndael encryption algorithm and HMAC-SHA-1 authentication algorithm. In particular, the design supports the cryptographic requirements of the IP Authentication Header (AH) and Encapsulation Security Payload (ESP) and any combination of these two protocols. Indeed, it is capable of supporting any application requiring authentication and/or encryption, such as wireless local area networks (WLANs) the Secure Socket Layer (SSL) protocol, virtual private networks (VPNs) and firewalls. The IPSec cryptographic design can provide both the necessary security and performance for phone line modems, T1 wireless and 10 Mbit/s Ethernet networks.

Network address translator and secure transfer device for interfacing networks

Abstract: An interface for a private IP network interfaces flows of packets between gateway controllers and external media gateways. It has a network address translator and an IPsec device for maintaining secure paths to the external devices. A path identifier records which of the packet flows corresponds to which path. It is incorporated in the packet header, and means that the same interface can be used to couple many different external gateways, and interface them with many of the gateway controllers. Widespread deployment of such interfaces in anonymisers to achieve hiding of device addresses and network topology, as well as the reduction in use of expensive registered addresses is facilitated. By sending the path identifier in the packet, the IPsec device and the address translator can be loosely coupled devices, so standard readily available devices can be used.

Public Key Infrastructure Implementation and Design

Abstract: From the Publisher: Public Key Infrastructure Implementation and DesignYour PKI Road Map With its power to ensure data security, confidentiality, and integrity, Public Key Infrastructure is an essential component of today’s business systems. Whether you’re a network administrator, a systems engineer, or a security professional, this hands-on reference guide delivers all the information you need to harness this fast-growing technology. The book covers all aspects of PKI, including architecture, cryptography, standards, certificates, design, and execution. Detailed technical information, scenario-based explanations, and a real-world case study provide the skills and insight you need to deploy PKI in e-commerce, e-mail, messaging, and any other system where data security is essential. Put PKI to Work Get an expert tour of the world of digital cryptography Find out about the various PKI architectures available today – and when to use each one Master functions for issuing, revoking, and managing certificates Learn how to install and configure Windows 2000 Certificate Server for SSL, IPSec, and S/MIME Build PKI solutions based on the latest PKI management protocols and standards Evaluate PKI-enabled services on the market and decide which one’s right for your project Plan your PKI deployment with full insight into both operational and legal considerations Author Biography: NIIT is a global IT solutions company that develops customized multimedia training products and trains more than 150,000 people in 37 countries every year. Suranjan Choudhury, MCSE, CACP, CADC, Sun, is a network security specialist for NIIT, a global training and software organization. He has developed security policies and overseen implementations of secure Web sites and messaging systems (using PKI, firewall, portal, and VPN technologies) for GE, Amro Bank, NALCO, the Indian Ministry of Defense, and other organizations. Kartik Bhatnagar has an MBA in systems and is currently employed as a development executive with NIIT. Wasim Haque has over 7 years of experience in information technology with expertise in analysis, design, and implementation of enterprise-wide networks using various security solutions for the enterprise.