Ipsec VPN - Virtual Private Network - Journal or Thesis Paper

1/6/2015
IPSecVPN:VirtualPrivateNetwork| JOURNALORTHESISPAPER
9thSeptember2009
IPSecVPN:VirtualPrivateNetwork
IPSecVPN:VirtualPrivateNetwork
md[http://www.emonsharkar.blogspot.com/] emon
sharkar
TableofContents
1)Introduction
2)CategoriesofNetworks
a.Intranet
b.Extranet
3)PrivateNetwork
4)HybridNetworks
5)VirtualPrivateNetwork
6)TypesofVPN
a.RemoteAccessVPN
b.IntranetVPN
c.ExtranetVPN
7)WhydoweuseVPN
8)VPNfromServiceProvider
9)OverviewofVPNTechnologies
a.IPSec
b.SSL
c.L2TP
10)VPNOverIPSec
11)MajorProtocolsinIPSec
A.IPSecurityProtocols(IPSec)
a.AuthenticationHeader(AH)
b.EncapsulatingSecurityPayload(ESP)
B.SecurityAssociation
C.MessageEncryption
a.DataEncryptionStandard(DES)
b.TripleDES(3DES)
D.MessageIntegrity(HASH)Functions
a.HashbasedMessageAuthenticationCode(HMAC)
b.MessageDigest5(MD5)
c.SecureHashAlgorithm1(SHA1)
E.PeerAuthentication
a.Rivest,ShamirandAdelman(RSA)DigitalSignatures
b.RSAEncryptedNonces
F.KeyManagement
http://alljournal.blogspot.com/2009/09/ipsecvpnvirtualprivatenetwork.html
1/20
1/6/2015
a.DiffieHellman(DH)
b.CertificateAuthority(CA)
12)VPNsecurityofHardwaredevice
13)Conclusion
Abstract
VirtualPrivateNetworkisacommunicationnetworkbywhichausercantunneled
throughanothernetworkbyusingtheglobalInternetorbyIntranetwithstrongsecurity
features.TodayithasbecomeasimportantissuebecausebyusingVPN,itiseasyto
accessLANfromtheremotelocation.ItshardtomonitoracompanysLANorWAN
fromitsofficepremesisonly.Foranyreasonanetworkadministratorneedstogo
outside.InthissituationVPNcanhelpusalot.EveryonecanuseVPNforhisownLAN
orWAN.Buttelecommunicationcompanies,privatebanks,InternetServiceProviders
(ISPs)useVPNverywidely.Forexample,abankmayhaveMANorWANwhichis
situatedinlargegeographicareaalsoituseslatestnetworkdevices,securitydevices
andotherlatestnetworkingterminology.Inaddition,abankcansetuptheirownVPN
servicesbythemselvesortheycantaketheserviceformtheserviceproviders.ALAP
communicationistheserviceproviderswhogivetheVPNandotherfacilities.Inour
termpaperwewilldiscusshowtheIPSecVPNhasestablishedbetweenIslamiBank
andALAPcommunication.
Introduction
AVirtualPrivateNetwork(VPN)isacommunicationsnetworktunneledthroughanothernetwork,and
dedicatedforaspecificnetwork.Onecommonapplicationissecurecommunicationsthroughthepublic
Internet,butaVPNneednothaveexplicitsecurityfeatures,suchasauthenticationorcontentencryption.
VPNs,forexample,canbeusedtoseparatethetrafficofdifferentusercommunitiesoveranunderlying
networkwithstrongsecurityfeatures.IslamiBankBangladeshLimitedhasover100branchesacross
Bangladesh.InsideDhakaithas33branches.ThemainbranchissituatedinDilkusha,Motijheel.Inthismain
branchthe9thflooristheserversectionwhichtheycalledasDataCenter.TheDataCenterisnot
connectedtotheirbranchofficesbytheirownnetwork.Insteadofthat,theIslamiBankhastakenthehigh
speeddedicatedline(2Mbps)fromtheserviceproviderALAPcommunication.Incontrast,thebranches
outsideDhakaareconnectedwiththeDigitalDataNetwork(DDN)servicefromtheBangladeshTelephone
andTelegraphBoard(BTTB).BTTBalsoprovidesthemhighspeeddedicatedline.TheIslamiBankhasalso
establishedtheirVPNconnectionfromtheALAPcommunication.ALAPhasprovidestwotypesofVPN,the
CPEbasedIPSecVPNandNetworkbasedIPSecVPN.Securityisanimportantissueinthenetworking
sector.InCPEbasedVPNthisissueisverymuchimportantbecausehereasecuredtunnelisbuiltbetween
twonodesbytheglobalInternet.ButinNetworkbasedVPN,thesecurityismuchlessimportantthanCPE
VPN.Thebanksdealwithconfidentialdataofitsclientwhichishighlyrestrictedandextremesecurityis
neededinthetransactionofmoney.Therefore,userauthentication,messageintegrity,dataencryptionis
neededforthiskindofcommunication.Also,aVPNcansimplifyanetwork,reduceoperationalcosts,provide
globalnetworkingopportunities,andtelecommutersupports.CategoriesofNetworksAprivate
2/20
1/6/2015
networkisdesignedforuseinsideanorganization.Itallowsaccesstosharedresourcesandthesametime,
providesprivacy.TherearetwotermswhichiscommonlyusedinnetworkingIntranetandExtranet.
Intranet:
AnIntranetisaprivatenetwork(LAN)thatusestheinternetmodel.However,accesstothenetworkislimited
totheusersinsidetheorganization.Thenetworkusesapplicationprogramsdefinedfortheglobalinternet,
suchasHTTPandmayhaveWebservers,Printservers,Fileserversandsoon.Extranet:
Anextranetisthesameasanintranetwithonemajordifference:someresourcesmaybeaccessedby
specificgroupsofusersoutsidetheorganizationunderthecontrolofthenetworkadministrator.Forexample,
anorganizationmayallowauthorizedcustomersaccesstoproductspecification,availability,andonline
ordering.Toachieveprivacy,anorganizationcanuseoneofthreestrategies:privatenetworks,hybrid
networks,andvirtualprivatenetworks.AchievingPrivacyPrivateNetwork
Anorganizationthatneedsprivacywhenroutinginformationinsidetheorganizationcanuseaprivate
networkasdiscussedpreviously.AsmallorganizationwithonesinglesidecanuseanisolatedLAN.People
insidetheorganizationcansenddatatooneanotherthattotallyremaininsidetheorganization,securefrom
outsiders.Alargeorganizationwithseveralsidescancreateaprivateinternet.TheLANsatdifferentsides
canbeconnectedtoeachotherbyusingroutersorbyleasedlines.Inotherword,aninternetcanbemade
outofprivateLANsandprivateandWANs.
[http://4.bp.blogspot.com/_Hrww1lJ6hGQ/Sqej3ESCpBI/AAAAAAAAAQ/73x6RVs7Otw/s1600h/0.JPG]
Figure1.PrivateNetwork_p162(Source:http://www.htcwizardweb.net/node/2113)Figureshowssucha
situationforanorganizationwhereallthebranchofficesareconnectedtotheirHeadOffice.TheLANsare
connectedtoeachotherbyroutersandleasedlines.So,accesstothenetworkislimitedtotheusersinside
anorganization.Inthissituation,theorganizationhascreatedaprivateinternetthatistotallyisolatedfrom
theglobalinternet.Forendtoendcommunicationbetweenstationsatdifferentsites,theorganizationcan
useinternetmodel.However,thereisnoneedfortheorganizationtoapplyforIPaddress.Withtheinternet
authoritiesitcanuseprivateIPaddresses.TheorganizationcanuseanyIPclassandassignnetworkand
hostaddressesinternally.Becausetheinternetisprivate,duplicationofaddressesbyanotherorganizationin
theglobalinternetisnotaproblem.HybridNetworksToday,mostorganizationneedstohaveprivacy
inorganizationdataexchange,but,atthesametime,theyneedtobeconnectedtotheglobalinternetfordata
exchangewithotherorganization.Onesolutionistheuseofahybridnetwork.
********************************
3/20
1/6/2015
[http://1.bp.blogspot.com/_Hrww1lJ6hGQ/SqejsZsqPcI/AAAAAAAAAI/WfVaYKNDZZQ/s1600h/2.JPG]
Figure.2:HybridNetwork_h37378(Source:http://www.cs.ucsd.edu/~mihir/papers/hmac.html)Ahybrid
networkallowsanorganizationtohaveitsownprivateinternetand,atthesametime,accesstotheglobal
internet.Intraorganizationdataareroutedthroughtheprivateinternetinterorganizationdataroutedthrough
globalInternet.VirtualPrivateNetworks(VPN)
Bothprivateandhybridnetworkhaveamajordrawbackcost.Privatewideareanetworks(WAN)are
expensive.Toconnectseveralsites,anorganizationseveralleasedlines,thismeansahighmonthlyfee.One
solutionistousetheglobalinternetforbothprivateandpubliccommunication.Atechnologycalledvirtual
privatenetworkallowsorganizationstousetheglobalinternetforbothpurposes.VPNcreatesanetworkwhich
isprivatebutvirtual.Itisprivatebecauseitguaranteesprivacyinsideanorganization.Itisvirtualbecauseit
doesntuserealprivateWANsthenetworkisphysicallypublicbutvirtuallyprivate.
************************
[http://3.bp.blogspot.com/_Hrww1lJ6hGQ/SqejfwM6iYI/AAAAAAAAAA/YCughvR5qDg/s1600h/3.JPG]
**************************
Figure.3VirtualPrivateNetworksVPN17(Source:http://howstuffworks.com/w/index.php?
title=Layer_2_Tunnelingid=20)TypesofVPNVPNsfallintothreebasiccategories RemoteAccessVPN
IntranetVPN ExtranetVPNRemoteAccessVPN:
Remoteaccess,alsocalledavirtualprivatedialupnetwork(VPDN),isausertoLANconnectionusedbya
companythathasemployeeswhoneedtoconnecttotheprivatenetworkfromvariousremotelocations.
Typically,acorporationImagecourtesyCiscoSystems,Inc.ExamplesofthethreetypesofVPNThatwishes
tosetupalargeremoteaccessVPNwilloutsourcetoanenterpriseserviceprovider(ESP).
4/20
1/6/2015
[http://1.bp.blogspot.com/_Hrww1lJ6hGQ/SqejUld5QSI/AAAAAAAAA94/EkNHEtNwhjw/s1600h/4.JPG]
Figure.4TypesofVPNvpN10002(source:http://www.cisco.com/vpn/types.html)TheESPsetsupanetwork
accessserver(NAS)andprovidestheremoteuserswithdesktopclientsoftwarefortheircomputers.The
telecommuterscanthendialatollfreenumbertoreachtheNASandusetheirVPNclientsoftwaretoaccess
thecorporatenetwork.AgoodexampleofacompanythatneedsaremoteaccessVPNwouldbealargefirm
withhundredsofsalespeopleinthefield.RemoteaccessVPNspermitsecure,encryptedconnections
betweenacompany'sprivatenetworkandremoteusersthroughathirdpartyserviceprovider.SitetoSite
VPN:
Throughtheuseofdedicatedequipmentandlargescaleencryption,aCompanycanconnectmultiplefixed
sitesoverapublicnetworksuchastheInternet.SitetositeVPNscanbeoneoftwotypes:Intranetbased
Ifacompanyhasoneormoreremotelocationsthattheywishtojoininasingleprivatenetwork,theycan
createanintranetVPNtoconnectLANtoLAN.
ExtranetbasedWhenacompanyhasacloserelationshipwithanothercompany(forexample,apartner,
supplierorcustomer),theycanbuildanextranetVPNthatconnectsLANtoLAN,andthatallowsallofthe
variouscompaniestoworkinasharedenvironment.WhydoweuseVPN?TheInternetisanintegral
partofbusinesscommunicationstoday.CorporationsuseitasaninexpensiveextensionoftheirlocalorWAN
networks.ALANconnectiontoanISPenablesfarreachingcommunicationforecommerce,mobileusers,
salespersonnel,andglobalbusinesspartners.TheInternetischeap,easilyenabled,stable,resilient,and
omnipresent.Butitisnotsecure,atleastnotinitsnativestate.ThatiswhereVPNcomestorescue.This
cleverconceptcanprovidethesecuritythatyouneedwithaverityoffeatures.VPNscanprovidesecurity
throughpointtopointencryptionofdata,dataintegritybyensuringthatthedatapacketshavenotbeen
altered,andauthenticationtoensurethatthepacketsarecomingfromtherightsource.VPNenablean
efficientandcosteffectivemethodforsecurecommunicationacrossinternetspublicinfrastructure.VPN
provides:
ExtendgeographicconnectivityImprovesecurityReduceoperationalcostsversustraditionalWAN
ReducetransittimeandtransportationcostsforremoteusersSimplifynetworktopologyProvideglobal
networkingopportunitiesProvidetelecommutersupportTheBenefitsmostoftencitedfordeployingVPNs
includethefollowing:
CostSavings:
EliminationofexpensivededicatedWANcircuitsorbanksofdedicatedmodemscanprovidesignificantcost
savings.ThirdpartyInternetServiceProviders(ISPs)provideInternetconnectivityfromanywhereatanytime.
CouplingISPconnectivitywiththeuseofbroadbandtechnologies,suchasDSLandcable,notonlycutsthe
costofconnectivitybutcanalsodeliverHighSpeedcircuits. Security:Thecostsavingsfromtheuseof
5/20
1/6/2015
publicinfrastructurescouldnotberecognizedifnotforthesecurityprovidedbyVPNs.Encryptionand
authenticationprotocolskeepcorporateinformationprivateonpublicnetworks. Scalability:WithVPN
technologies,newuserscanbeeasilyaddedtothenetwork.Corporatenetworkavailabilitycanbescaled
quicklywithminimalcost.AsingleVPNimplementationcanprovidesecurecommunicationsforavarietyof
applicationsondiverseoperatingsystem.WecanconnectdifferentLANatthesamelocationandfrom
differentlocationbyusingRouter.ButwhyweareusingVPN?WhenweuseourprivateLANorWANitmeans
weareusingourownnetworktopologywhichmayormaynotbeconnectedtotheInternet.Sotoaccessour
ownLAN,theLANshouldbephysicallyconnectedtoeachother.ButitisnotpossibletoaccesstheLANor
LANfromthesamelocation.Anetworkadministratorcantstayafixedpositionfor24hoursaday.Heneedsto
move.ToresolvethisproblemthenetworkadministratorcanuseVPNbywhichhecanaccesshisLANor
WANthroughremotelocationbyusingInternet.Thiscansavesourtime,moneyetc.themainfacilityisthatwe
canaccessourLANfromanywherethroughInternet.Here,wedontneedadditionalphysicaldevicewhichcan
reduceorcost.AwelldesignedVPNcangreatlybenefitacompany.NetworkTopologyofIslamiBank
ALAPCommunicationisaserviceproviderwhoprovidestelecommunicationinfrastructureforprovidingsecure
data.ALAPCommunicationholdsexclusivelicensesfortheuseofspectruminthe3.5GHzband,andhas
deployedNonLineofSight(NLOS)andObstructedLineofSight(OLOS)broadbandwireandwireless
networkingequipmentforuseinthisband.ALAPnowstandsreadytoprofitfromthisinvestmentbyproviding
Voice,VPNandDataservicestoawidevarietyofcustomers,includingbothendusersandnetworkproviders.
ALAPCommunicationgives2MbpsdedicatedhighspeedbandwidthforthedatatransmissiontotheIslami
BankBangladeshLimited.Here,wehavediscussedthathowIslamiBankusesVPNfromtheservice
providers.Explanations
AlltheservicesaredonebytheDataCenterwhichissituatedinthemainbranchofficeofIslamiBank
BangladeshLimited.TheDataCenteristheserverroomwhichisinthe9thfloorofthemainbranch. The
datacenterisconnectedwithALAPCommunicationbackbonewhichisaround2Mbpshighspeeddedicated
line.TheALAPcommunicationgivestheirservicesinsideDhakacityin33differentbranchesofIslamiBank.
Alltheroutersofdifferentbranchesareconnectedwith128KB/slinewithALAP.Afterthatitgoesthrough
Ciscorouter>CiscoPIXfirewall>Catalystswitch>Workstations.TheDataCenterserverscancontrolthe
wholeprocess.Theycanaccesstheirlocalrouteratanytime.Theythecheckaccountanddoanykindof
transactiontotheirlocaloffice.Similarly,thelocalofficecanalsodothesameifithasthepermissionformthe
mainoffice. IslamiBanksdatastoragesystemisnotcentralized.Theyusedecentralizedsystemtostore
theirdata.Forexample,whenthebranchesofDhakamakeanytransaction,thatdocumentdoesntcometo
themainDataCenterserverthatinformationissavedonthatlocalserverunderthatspecificlocalrouter.
AfterasuitabletimethemainserverofDhakaretrievethatinformationfromthoselocalservers. TheData
Centerusebankinganddatabasesoftwarefortheirtransaction.TheDataservercancommunicateto
theirbranchofficesbyALAPCommunicationsbackbonebecauseALAPprovidesahighspeeddedicated
servicetothem.Whateverthetransactionhappenedinthemainandbranchofficesarefullyautomated.
Thereisnokindofmanualtransaction.Ifthereisanykindofinterruptoranyotherproblemsthenmanual
transactioncanhappened.Apersonisneededtocontroltheserverandtomonitorthestatusofthetraffic.
Butthepracticalscenarioisnotthatmucheasy.Anauthorizedpersonneedstoaccessthenetworkfrom
outsidetheIslamiBanksoffice.VPNcanbeasolutionforthiskindofproblem.ThenetworkadminofIslami
BankusesVPNservicesfromtheALAPcommunication.InVPNsecurityisaveryimportantfactor,becauseall
thedatawhichtheypassarestrictlyrestrictedandhighlyconfidential.So,securityisanimportantissuefor
VPNcommunication.VPNInfrastructureofALAPCommunicationsAlldatatraversingtotheALAP
communicationsnetworkisencryptedbydefaultwith128bitencryptionscheme.Ontopoftheirnetworktraffic
encryptiontheyprovideEndToEndsecuredatacommunicationthroughtheirstateoftheartVPNsolution.
ALAPsVPNsolutionscanenableanyonesemployees,customers,businesspartners,andsuppliersto
collaboratesecurelyandcosteffectively.TheyintegrateVPNhardwareandsoftwarewiththemanagement
andsupportourneedforacomplete,endtoendsolution.ALAPsVPNCriteriaStateoftheartHardware
6/20
1/6/2015
(ASIC)basedFirewallandVPN.10concurrentIPSecVPNtunnelandthechoiceof10,20,50orUnlimited
nodeconfigurations(IPSecVPNensuresdatasecuritytoourcorporateclients).CompleteAntiVirus,
InternetContentFilteringandRapidEmailAttachmentBlockingallinonesolution.Enterpriseclassfirewall
protectionwithICSAcertified,statefulpacketinspectiontechnology.ALAPsVPNSolutionCompanies
establishcentralizedcontroloverbranchofficeswithpointofsale(POS)locations.Providetheremote
robustsecurityandperformanceneededforbusinesscontinuance.Enablesecure,highspeed
communicationsbetweenmultiplelocations.
[http://1.bp.blogspot.com/_Hrww1lJ6hGQ/SqejLWzaFGI/AAAAAAAAA9w/hcsIN9yzOCI/s1600h/4.5.JPG]
ALAPsCPEbasedIPVPNWiththeuseoflatesttechnology,ALAPsCPEbasedIPVPNsolutionallowsusto
createanefficientandintegratedplatformtostreamlinebusinesscommunications.Dataareencrypted
securelyfromourpremisestothedistantendasourbusinessmightdemand.
[http://2.bp.blogspot.com/_Hrww1lJ6hGQ/SqejAE28t2I/AAAAAAAAA9o/TOSlpBd23Ns/s1600h/5.JPG]
Figure.5CPEbasedIPVPN(source:http://www.alapcom.com/security/vpn/cpevpn.jpeg)
ALAPsCPEbasedIPVPNoffersSupportforIntranets,Extranets,andRemoteaccessnetworkapplications.
IntegratedVPNdeviceswithsupportforVPN,firewall,androutingcapabilities.Premisetopremise
encryption.ExplanationsInCPEbasedIPVPN,ALAPcommunicationoffersitssupportsforIntranets,
Extranets,andRemoteaccessnetworkapplications.InIPbasedVPNthenetworkisconnectedbytheInternet
cloud.Thismeans,thenetworkmediaistheInternetcloud.Therearecustomerspremisesnetworkonthe
bothsideoftheInternetProtocol(IP)network.TheCPEcanbeconnectedtotheIPnetworkviaanykindof
DSL,Broadbandordialupmodem.CPEIPVPNissuitableforthetelecommuterorthenetworkadministrator
ofacompanywhoneedstochangehispositionrapidly.Forexample,asituationcanoccurwhereanetwork
administratorcanbecalledforanykindofhelpwhileheisoutsideofhisoffice.Inthissituation,aCPEIPVPN
canbeasolution.BythisthatnetworkadministratorcanaccesshisofficeoranykindofoutsideLANorWAN
throughtheInternet.Internetishelpfulinthissituationbecauseitischeapnoadditionalhardwareisrequired
forthiskindofcommunication.OnlytherearetheconnectionofInternet,apersoncanaccessremoteLANor
WANthroughInternet.ALAPsNetworkbasedIPVPNIPServiceswitchesatnetworkaccesspointsareusedto
encryptdata,takingfullresponsibilityformanagementandmaintenanceofthesystem.
7/20
1/6/2015
[http://1.bp.blogspot.com/_Hrww1lJ6hGQ/Sqei1_gMyFI/AAAAAAAAA9g/2zGsoGfov5g/s1600h/6.JPG]
Figure.6NetworkbasedIPVPNsource:http://www.alapcom.com/security/vpn/networkvpn.jpeg)ALAPs
NetworkbasedIPVPNoffersSupportforIntranets,ExtranetsandRemoteaccessnetworkapplications.
Integratednetworkbasedfirewalls.Networkedgetonetworkedgeencryption.Hybridnetworking
capabilitiestosupportthemigrationorintegrationofALAPsIPbasednetworkswiththirdpartysFrameRelay
andATMservices.Explanation:
ThenetworkbasedIPVPNofALAPcommunicationsupportsIntranets,Extranets,andRemoteaccessnetwork
applications.InadditionthenetworkbasedVPNisintegratedwithnetworkbasedfirewalls.Italsoprovides
networkedgetonetworkedgeencryption.InnetworkbasedVPNtheinternalbackboneofthenetworkisthe
ALAPcommunicationsnetworkitself.Thismeanstherearecustomerspremisesnetworkonthebothsideof
theALAPcommunicationsnetwork.TheCPEcanbeconnectedtotheIPnetworkviaanykindofDSL,
Broadband,dialupmodemorwirelessmodem.ThedifferentLANsegmentisconnectedtoeachotherby
router.Forthesecuritypurposeeachoftheroutersisconnectedwithhardwarefirewalls.Incontrast,there
aredifferencebetweentheCPEIPVPNandtheNetworkBasedIPVPN.InNetworkBasedIPVPNthecore
networkorthetransmissionnetworkistheintranetinsteadoftheglobalInternet.Thismeans,ausercant
accesstheLANorWANondifferentsegmentthroughtheInternet.IftheuserusestheInternetthenit
becomestheCPEIPVPN.ButinNetworkbasedIPVPNthenetworkisconnectedthroughthedefaultLANor
WANbyitself.Theadvantageofthiskindofsystemisthatnoglobalnetworkconnectiondoesntrequire.But
themaindisadvantageisthat,anetworkadministratorcantaccessanysegmentoftheremotenetworkfrom
outsidetheoffice.OverviewofVPNTechnologiesIPSecInternetProtocolSecurity(IPSec)provides
enhancedsecurityfeaturessuchasbetterencryptionalgorithmsandmorecomprehensiveauthentication.
IPSecisalayer3protocol.IPSechastwoencryptionmodes:tunnelandtransport.Whentwodevicesoffer
eachotherforVPNtunnelingthenitstunnelmode.Andwhenonlytheclientsiderequesttheoppositesidefor
VPNtunnelingthenitstransporttunneling.Tunnelencryptstheheaderandthepayloadofeachpacketwhile
transportonlyencryptsthepayload.OnlysystemsthatareIPSeccompliantcantakeadvantageofthis
protocol.Also,alldevicesmustuseacommonkeyandthefirewallsofeachnetworkmusthaveverysimilar
securitypoliciessetup.IPSeccanencryptdatabetweenvariousdevices,suchas:Routertorouter
FirewalltorouterPCtorouterPCtoserver
[http://4.bp.blogspot.com/_Hrww1lJ6hGQ/SqeirvKEvcI/AAAAAAAAA9Y/ZEFf8yHPq04/s1600h/7.JPG]
Figure.7VPNtunneling10038(source:http://www.dlink.com/vpn/technology.jpg)Toguaranteeprivacyand
othersecuritymeasuresforanorganization,VPNcanuseIPSecinthetunnelmode.Inthismode,eachIP
datagramdestinedforprivateuseintheorganizationisencapsulatedinanotherdatagram.SSLTransport
LayerSecurity(TLS)anditspredecessor,SecureSocketsLayer(SSL),arecryptographicprotocolsthat
providesecurecommunicationontheInternetforsuchthingsaswebbrowsing,email,InternetFaxing,Instant
Messagingandotherdatatransfers.ThereareslightdifferencebetweenSSLandTLS,buttheyare
substantiallythesame.
8/20
1/6/2015
[http://4.bp.blogspot.com/_Hrww1lJ6hGQ/SqeieyJ7uDI/AAAAAAAAA9Q/G04uCfz8inI/s1600h/8.JPG]
Figure.8SSLvpn17(source:http://www.cites.uiuc.edu/vpn/technology.htm)
CryptographicProtocol:
Asecurityprotocol(cryptographicprotocolorencryptionprotocol)isanabstractorconcreteprotocolthat
performsasecurityrelatedfunctionandappliescryptographicmethods.Aprotocoldescribeshowthe
algorithmsshouldbeused.Asufficientlydetailedprotocolincludesdetailsaboutdatastructuresand
representations,atwhichpointitcanbeusedtoimplementmultiple,interoperableversionsofaprogram.
Cryptographicprotocolsarewidelyusedforsecureapplicationleveldatatransport.Forexample,Transport
LayerSecurity(TLS)isacryptographicprotocolthatisusedtosecureweb(HTTP)connections.L2TPIn
computernetworking,theLayer2TunnelingProtocol(L2TP)isatunnelingprotocolusedtosupportvirtual
privatenetworks(VPNs).
[http://2.bp.blogspot.com/_Hrww1lJ6hGQ/SqeiLgmeAYI/AAAAAAAAA9I/6138pDpRZxw/s1600h/9.JPG]
Figure.9Layer2TunnelingProtocol9903(source:http://www.citecho.com/vpn/technology.html.)
L2TPactslikeadatalinklayer(layer2oftheOSImodel)protocolfortunnelingnetworktrafficbetweentwo
peersoveranexistingnetwork(usuallytheInternet).L2TPisinfactalayer5protocolsessionlayer,anduses
theregisteredUDPport1701.TheentireL2TPpacket,includingpayloadandL2TPheader,issentwithina
UDPdatagram.ItiscommontocarryPointtoPointProtocol(PPP)sessionswithinanL2TPtunnel.L2TPdoes
notprovideconfidentialityorstrongauthenticationbyitself.IPSecisoftenusedtosecureL2TPpacketsby
providingconfidentiality,authenticationandintegrity.Thecombinationofthesetwoprotocolsisgenerally
knownasL2TP/IPsec(discussedbelow).ThetwoendpointsofanL2TPtunnelarecalledtheLAC(L2TP
AccessConcentrator)andtheLNS(L2TPNetworkServer).TheLACistheinitiatorofthetunnelwhiletheLNS
istheserver,whichwaitsfornewtunnels.Onceatunnelisestablished,thenetworktrafficbetweenthepeers
isbidirectional.Tobeusefulfornetworking,higherlevelprotocolsarethenrunthroughtheL2TPtunnel.To
facilitatethisanL2TPsession(orcall)isestablishedwithinthetunnelforeachhigherlevelprotocolsuchas
PPP.EithertheLACorLNSmayinitiatesessions.ThetrafficforeachsessionisisolatedbyL2TP,soitis
possibletosetupmultiplevirtualnetworksacrossasingletunnel.MTUshouldbeconsideredwhen
implementingL2TP.ThepacketsexchangedwithinanL2TPtunnelarecategorisedaseithercontrolpackets
ordatapackets.L2TPprovidesreliabilityfeaturesforthecontrolpackets,butnoreliabilityfordatapackets.
9/20
1/6/2015
Reliability,ifdesired,mustbeprovidedbythenestedprotocolsrunningwithineachsessionoftheL2TP
tunnel.VPNoverIPSec
PlanninganIPSecVPN IPSecsupportsHighLevelDataLinkControl(HDLC),ATM,PointtoPointprotocol
(PPP),andFrameRelayserialencapsulation. IPSecalsoworkswithGenericRoutingEncapsulation(GRE)
andIPinIP(IPinIP)encapsulationLayer3tunnelingprotocols,IPSecdoesntsupportthedatalinkswitching
(DSL)standard,sourceroutebridging(SRB),orotherlayer3tunnelingprotocols. IPSecdoesntsupport
multipointtunneling. IPSecworksstrictlywithunicastIPdatagramsonly.Itdoesntworkwithmulticastor
broadcastIPdatagrams. IPSecprovidespacketexpansionthatcancausefragmentationandreassemblyof
IPSecpackets. WhenusingNAT,besurethatNAToccursbeforeIPSecencapsulationsothatIPSechas
globaladdressestoworkwith.MajorProtocolsinIPSec IPSecurityProtocols(IPSec)oAuthentication
Header(AH)oEncapsulatingSecurityPayload(ESP) MessageEncryption DataEncryptionStandard
(DES) TripleDES(3DES) MessageIntegrity(HASH)FunctionsoHashbasedMessageAuthentication
Code(HMAC)oMessageDigest5(MD5)oSecureHashAlgorithm1(SHA1) PeerAuthentication
Rivest,ShamirandAdelman(RSA)DigitalSignatures RSAEncryptedNonces KeyManagementoDiffie
Hellman(DH)oCertificateAuthority(CA) SecurityAssociation InternetKayExchange(IKE) Internet
SecurityAssociationsandKeyManagementProtocol(ISAKMP)ExplanationoftheIPSecProtocolsThe
IPSecProtocolTheprotocolsthatIPSecusestoprovidetrafficsecurityareAuthenticationHeader(AH)and
EncapsulatingSecurityPayload(ESP).ThesetwoprotocolsareconsideredpurelyIPSecprotocolsandwere
developedstrictlyforIPSec.EachprotocolisdescribedinitsownRFC,whichwasidentifiedinTable27.We
canuseAHandESPindependentlyonanIPSecconnection,orwecancombinetheiruse.IKEandIPSec
negotiateencryptionandauthenticationservicesbetweenpairs.Thisnegotiationprocessculminatesin
establishingSecurityAssociations(SAs)betweensecuritypairs.IKESAsarebidirectional,butIPSecSAsare
unidirectionalandmustbeestablishedbyeachmemberoftheVPNpairtoestablishbidirectionaltraffic.There
mustbeanidenticalSAoneachpairtoestablishsecurecommunicationsbetweenpairs.Theinformation
associatedwitheachSAisstoredinaSecurityAssociationDatabase,andeachSAisassignedaSecurity
ParametersIndex(SPI)numberthat,whencombinedwiththedestinationIPaddressandthesecurityprotocol
(AHorESP),uniquelyidentifiestheSA.ThekeytoIPSecistheestablishmentoftheseSAs.SAsare
negotiatedonceatthebeginningofanIPSecsessionandperiodicallythroughoutasessionwhencertain
conditionsaremet.Toavoidhavingtonegotiatesecurityforeachpacket,therehadtobeawayto
communicatetheuseofanalreadyagreeduponSAbetweensecuritypairs.ThatiswheretheAHandESP
protocolscomeintouse.Thesetwoprotocolsaresimplyameansofidentifyingwhichprenegotiatedsecurity
featurestouseforapacketgoingfromonepeertoanother.Bothoftheseprotocolsaddanextraheaderto
theIPdatagrambetweentheLayer3(IP)andLayer4(usuallyTCPorUDP)protocolheaders.Akeyelement
containedineachprotocol'sheaderistheSPI,givingthedestinationpeertheinformationitneedsto
authenticateanddecryptthepacket.AuthenticationHeaderTheAuthenticationHeader(AH)protocolis
definedinRFCs1826and2402andprovidesfordataintegrity,dataoriginauthentication,andanoptional
antireplayservice.AHdoesnotprovideencryption,whichmeansthatthepacketsaresentascleartextAHis
slightlyquickerthanESP,sowemightchoosetouseAHwhenweneedtobecertainofthesourceand
integrityofthepacketbutconfidentialityisnotaconcern.DevicesconfiguredtouseAHinsertanextra
headerintotheIPdatagramsof"interestingtraffic,"betweentheIPheaderandtheLayer4header.Because
aprocessingcostisassociatedwithIPSec,VPNscanbeconfiguredtochoosewhichtraffictosecureand
IPSecandnonIPSectrafficcancoexistbetweensecuritypairs.Wemightchoosetosecureemailtrafficbut
notwebtraffic,forexample.TheprocessofinsertingtheAHheaderisshowninFigure25.
10/20
1/6/2015
[http://4.bp.blogspot.com/_Hrww1lJ6hGQ/SqeiBbH52FI/AAAAAAAAA9A/JYAxl6zAZjo/s1600h/10.JPG]
Figure.10(source:CCSPCiscoSecureVPN)EncapsulatingSecurityPayloadTheotherIPSecprotocolis
theEncapsulatingSecurityPayload(ESP)protocol.Thisprotocolprovidesconfidentialitybyenabling
encryptionoftheoriginalpacket.Additionally,ESPprovidesdataoriginauthentication,integrity,antireplay
service,andsomelimitedtrafficflowconfidentiality.Thisistheprotocoltousewhenwerequireconfidentiality
inyourIPSeccommunications.ESPactsdifferentlythandoesAH.Asitsnameimplies,ESPencapsulatesall
orportionsoftheoriginalIPdatagrambysurroundingitwithbothaheaderandatrailer.Figure26showsthis
encapsulationprocess.
[http://2.bp.blogspot.com/_Hrww1lJ6hGQ/Sqeh1YuHdCI/AAAAAAAAA84/opZQe5Yxmdk/s1600h/11.JPG]
Figure.11(source:CCSPCiscoSecureVPN)AHandESPModesofOperationWepreviouslydiscussed
abouttheAHandESPprotocolsusingseveralexamplesthatshowedslidingtheIPheaderofanIPdatagram
totheleft,insertingeitheranAHorESPheader,andthenappendingtheupperlayerportionofthedatagram
tothat.ThisisaclassicdescriptionofoneofthemodesofoperationforIPSec,namelytheTransportmode.
TheothermodeofoperationforIPSecistheTunnelmode.Thesetwomodesprovideafurtherlevelof
authenticationorencryptionsupporttoIPSec.TransportModeTransportmodeisprimarilyusedforend
11/20
1/6/2015
toendconnectionsbetweenhostsordevicesactingashosts.Tunnelmodeisusedforeverythingelse.An
IPSecgatewaymightactasahostwhenbeingaccessedbyanadministratorforconfigurationorother
managementoperations.Figure28showshowtheTransportmodeaffectsAHIPSecconnections.The
Layer3andLayer4headersarepriedapart,andtheAHisaddedbetweenthem.Authenticationprotectsall
butmutablefieldsintheoriginalIPheader.
[http://3.bp.blogspot.com/_Hrww1lJ6hGQ/SqehnSOQKfI/AAAAAAAAA8w/nKNShePZoX0/s1600h/12.JPG]
Figure.12(source:CCSPCiscoSecureVPN)Figure29showsESPTransportmode.Again,theIPheaderis
shiftedtotheleft,andtheESPheaderisinserted.TheESPtrailerandICVarethenappendedtotheendof
thedatagram.Ifencryptionisdesired(riotavailablewithAH),onlytheoriginaldataandthenewESPtrailer
areencrypted.AuthenticationextendsfromtheESPheaderthroughtheESPtrailer.Eventhoughthe
originalheaderhasbeenessentiallyleftintactinbothsituations,theAHTransportmodedoesnotsupport
NATbecausechangingthesourceIPaddressintheIPheadercausesauthenticationtofail.Ifweneedtouse
NATwithAHTransportmode,wemustensurethatNAThappensbeforeIPSec.Noticethatthisproblem
doesnotexistwithESPTransportmode.TheIPheaderremainsoutsideoftheauthenticationandencryption
areasforESPTransportmodedatagrams.
[http://3.bp.blogspot.com/_Hrww1lJ6hGQ/SqehgUgwyII/AAAAAAAAA8o/um1SXJTAIaw/s1600h/13.JPG]
Figure.13(source:CCSPCiscoSecureVPN)TunnelModeIPSectunnelmodeisusedbetweengateways
suchasRouters,Firewalls,andConcentrators.Itisalsotypicallyusedwhenahostconnectstooneofthese
gatewaystogainaccesstonetworkscontrolledbythatgateway,aswouldbethecasewithmostremote
accessusersdialingintoarouterorconcentrator.InTunnelmode,insteadofshiftingtheoriginalIPheader
totheleftandtheninsertingtheIPSecheader,theoriginalIPheaderiscopiedandshiftedtothelefttoform
thenewIPheader.TheIPSecheaderisthenplacedbetweentheoriginalandthecopyoftheIPheader.The
originaldatagramisleftintactandiswhollysecuredbyauthenticationorencryptionalgorithms.Figure210
showstheAHTunnelmode.Onceagain,noticethatthenewIPheaderisundertheauspicesofthe
authenticationalgorithmandthatitdoesnotsupportNAT.
12/20
1/6/2015
[http://3.bp.blogspot.com/_Hrww1lJ6hGQ/SqehUr73mbI/AAAAAAAAA8g/KiXTOpz8SXg/s1600h/14.JPG]
Figure.14(source:CCSPCiscoSecureVPN)InFigure211,wecanseeadepictionoftheESPTunnel
mode.Theentireoriginaldatagramcanbeencryptedand/orauthenticatedwiththismethod.Ifweselectto
usebothESPauthenticationandencryption,encryptionisperformedfirst.Thisallowsauthenticationtobe
donewithassurancethatthesenderdoesnotalterthedatagrambeforetransmission,andthereceivercan
authenticatethedatagrambeforedecryptingthepackage.
[http://1.bp.blogspot.com/_Hrww1lJ6hGQ/SqehCChHOdI/AAAAAAAAA8Y/nEiiUTlaLhg/s1600h/15.JPG]
Figure.15(source:CCSPCiscoSecureVPN)ESPsupportsNATineitherTunnelorTransportmode,and
onlyESPsupportsencryption.Ifweneedencryption,wemustuseESP.Ifwealsowantauthenticationwith
ESP,wemustselectESPHMACservice.HMACusestheMDSandSHAIkeyedhashingalgorithms.Security
AssociationsDependingontheIPSecprotocolwechoosetouse,wecanensuredataintegrityandsource
authenticity,providesencryption,ordoesboth.Oncewedecidetheserviceweneed,thepeersthenbegina
negotiationprocesstoselectamatchingsetofalgorithmsforauthentication,encryption,and/orhashingas
wellasamatchingSAlifetime.Thisnegotiationprocessisdonebycomparingrequestedservicesfromthe
sourcepeerwithatableofacceptableservicesmaintainedonthedestinationpeer.Oncethenegotiation
processhasbeencompleted,itwouldbeconvenientnottohavetodoitagainforawhile.TheIETFnamed
thissecurityservicerelationshipbetweentwoormoreentitiestoestablishsecurecommunicationstheSecurity
Association(SA).WhentrafficneedstoflowbidirectionallyacrossaVPN,IKEestablishesabidirectionalSA
andthenIPSecestablishestwomoreunidirectionalSAs,eachhavingtheirownlifetime.Getintothehabitof
identifyingtheseSAsaseitherIKESAsorIPSecSAsbecausetheyeachhavetheirownconfiguration
attributesandtheyareeachmaintainedseparately.IKESAsareusedwhenIPSectriestoestablisha
connnection.IPSecSAsareusedwitheverysecurepacket.SAsareonlygoodforonedirectionofdata
acrossanIPSecconnection.BecauseSAsaresimplex,establishingconversationsbetweenpeersrequires
twoIPSecSAs,onegoingandonecoming,foreachpeerandtwounderlyingIKESAs.IPSecSAsarealso
protocolspecific.IfwearegoingtobeusingbothAHandESPbetweensecuritypairs,weneedseparateSAs
foreach.EachSAisassignedauniquerandomnumbercalledaSecurityParametersIndex(SPI).This
number,thedestinationIPaddressofapacket,andtheIPSecprotocolusedcreateauniquetripletthat
identifiesasecurityassociation.WhenasystemwantstosendIPSectraffictoapeer,itcheckstoseeifanSA
alreadyexistsforthatpeerusingthedesiredsecurityservices.IfitfindsanexistingSA,itplacestheSPIofthe
SAintotheIPSecheaderandsendsthepacket.ThedestinationpeertakestheSPI,combinesitwiththe
13/20
1/6/2015
IPSecprotocolandthedestinationIPaddress,andlocatestheexistingSAintheSecurityAssociation
Databaseitmaintainsforincomingtrafficonthatinterface.OnceitfindstheSA,thedestinationpeerknows
howtounwrapthedataforuse.ExistingProtocolsUsedintheIPSecProcessIPSecmakesuseof
numerousexistingencryption,authentication,andkeyexchangestandards.ThisapproachmaintainsIPSecas
astandardsbasedapplication,makingitmoreuniversallyacceptableintheIPcommunity.Manyofthese
standardprotocolsaredescribedinthefollowingsections.MessageEncryptionAvailablewhenusingthe
ESPIPSecprotocol,messageencryptionenablesustosendhighlysensitiveinformationacrossthepublic
networkswithoutfearofhavingthosedataeasilycompromised.ThetwoencryptionstandardsareData
EncryptionStandard(DES)anditsmorerobustcousin,theTripleDataEncryptionStandard(3DESorTriple
DES).DataEncryptionStandardThestandardencryptionmethodusedbymanyVPNdeploymentsisthe
DataEncryptionStandard(DES)methodofencryption.DESappliesa56bitkeytoevery64bitsofdata.DES
providesover72,000,000,000,000,000(72quadrillion)possibleencryptionkeys.DevelopedbyIBMin1977
andadoptedbytheU.S.DepartmentofDefense,DESwasonceconsideredsuchastrongencryption
techniquethatitwasbarredfromexportfromthecontinentalUnitedStates.Itwasconsideredunbreakableat
thetimeofitsadoption,butfastercomputershaverenderedDESbreakablewithinarelativelyshortperiodof
time,soDESisnolongerinfavorinhighsecurityapplications.CipherBlockChaining(CBC)isoneof
severalmethodsofimplementingDES.CBCrequiresaninitializationvector(IV)tostartencryption.IPSec
ensuresthatbothVPNpeershavethesameIVorsharedsecretkey.Thesharedsecretkeyisinputintothe
DESencryptionalgorithm,andcleartextisthensuppliedin64bitblocks.Thecleartextisconvertedtocipher
textandispassedtoESPfortransmissiontothewaitingpeer,wheretheprocessisreversedusingthesame
sharedsecretkeytoreproducethecleartextmessage.TripleDESOneversionoftheDataEncryption
StandardisTripleDES(JDES)sonamedbecauseitperformsthreeencryptionoperationsonthedata.It
performsanencryptionprocess,adecryptionprocess,andthenanotherencryptionprocess,eachwitha
different56bitkey.Thistripleprocessproducesanaggregate168bitkey,providingstrongencryption.
MessageIntegrityMessageintegrityisaccomplishedbyusingaHashingalgorithmtocomputea
condensedrepresentationofamessageordatafile.Thesecondensedrepresentationsarecalledmessage
digests(MDs)andareofafixedlengththatdependsontheHashingalgorithmused.Allpartofthismessage
digestistransmittedwiththedatatothedestinationhost,whichexecutesthesamehashingalgorithmto
createitsownmessagedigest.Thesourceanddestinationmessagedigestsarethencompared.Any
deviationmeansthatthemessagehasbeenalteredsincetheoriginalmessagedigestwascreated.Amatch
meansthatwecanbefairlycertainthatthedatahavenotbeenalteredduringtransitWhenusingtheIPSec
AHprotocol,themessagedigestiscreatedusingtheimmutablefieldsfromtheentireIPdatagram,replacing
mutablefieldswith0sorpredictablevaluestomaintainproperalignmentThecomputedMDisthenplacedinto
theAuthenticationData(orICV)fieldoftheAH.ThedestinationdevicethencopiestheMDfromtheAHand
zeroesouttheAuthenticationDatafieldtorecalculateitsownMD.WiththeIPSecESPprotocol,theprocess
issimilar.ThemessagedigestiscreatedusingtheimmutabledataintheportionoftheIPdatagramfromthe
beginningoftheESPheadertotheendoftheESPtrailer.ThecomputedMDisthenplacedintotheICVfield
attheendofthedatagram.WithESP,thedestinationhostdoesnotneedtozeroouttheICVfieldbecauseit
sitsoutsideofthescopeofthehashingroutine.RefertoFigures29and211forthestructureoftheESP
datagram.HashKeyedMessageAuthenticationCodeRFC2104describestheHMACalgorithm,
becauseitwasdevelopedtoworkwithexistinghashingalgorithmslikeMDSandSHAl.Manysecurity
processesinvolvedinsharingdatainvolvetheuseofsecretkeysandamechanismcalledMessage
AuthenticationCodes(MACs).OnepartycreatestheMACusingthesecretkeyandtransmitstheMACtoits
peerpartner.ThepeerpartnercreatesitsownMACusingthesamesecretkeyandcomparesthetwoMACs.
MDSandSHA1shareasimilarconcept,exceptthattheydonotusesecretkeys.ThatiswhereHMAC
comesin.HMACwasdevelopedtoaddasecretkeyintothecalculationofthemessagedigestsproducedby
standardhashingalgorithms.Thesecretkeyaddedtotheformulaisthesamelengthastheresulting
messagedigestforthehashingalgorithmused.MessageDigest5HMACVariantMessageDigest5
14/20
1/6/2015
(MDS)wasdevelopedbyRonaldRivestoftheMassachusettsInstituteofTechnologyandRSADataSecurity
Incorporated.MDStakesanymessageordatafileandcreatesa128bitcondensedrepresentation(message
digest)ofthedata.TheHMACvariantusesa128bitsecretkeytoproducea128bitMD.AHandESP
HMAConlyusetheleftmost96bits,placingthemintotheauthenticationfield.Thedestinationpeerthen
calculatesacomplete128bitmessagedigestbutthenonlyusestheleftmost96bitstocomparewiththe
valuestoredintheauthenticationfield.MD5createsashortermessagedigestthandoesSHAlandis
consideredlesssecurebutoffersbetterperformance.MD5withoutHMAChassomeknownweaknessesthat
makeitapoorchoiceforhighsecurityapplications.HMACMD5hasnotyetbeensuccessfullyattacked.
SecureHashAlgorithm1TheSecureHashAlgorithmwasdevelopedbytheNationalInstituteof
StandardsandTechnology(NIST)andwasfirstdocumentedintheFederalInformationProcessingStandards
(FIPS)Publication180.ThecurrentversionisSHAl,asdescribedinFIPS1801andRFC2404.SHAl
producesa160bitmessagedigest,andtheHMACSHAlvariantusesa160bitsecretkey.Thereceiving
peerrecreatestheentire160bitmessagedigestusingthesame160bitsecretkeybutthenonlycompares
theleading96bitsagainsttheMDfragmentintheauthenticationfield.The160bitSHAlmessagedigestis
moresecurethanthe128bitMDSmessagedigest.Thereisapricetopayinperformancefortheextra
security,butifweneedtousethemostsecureformofmessageintegrity,weshouldselecttheHMACSHAl
algorithm.PeerAuthenticationOneoftheprocessesthatIKEperformsistheauthenticationofpeers.
ThisisdoneduringIKEPhase1usingakeyedhashingalgorithmwithoneofthreepossiblekeytypes:Pre
sharedRSADigitalSignaturesRSAencryptedNoncesPresharedKeysTheprocessofsharingpre
sharedkeysismanual.AdministratorsateachendoftheIPSecVPNagreeonthekeytouseandthen
manuallyenterthekeyintotheenddevice,eitherhostorgateway.Thismethodisfairlysecure,butitdoes
notscalewelltolargeapplications.RSADigitalSignaturesRonaldRivest,AdiShamir,andLeonard
AdelmandevelopedtheRSApublickeycryptosystemin1977.RonaldRivestalsodevelopedtheMDS
hashingalgorithm.ACertificateAuthority(CA)providesRSAdigitalcertificatesuponregistrationwiththatCA.
Thesedigitalcertificatesallowstrongersecuritythandopresharedkeys.Oncetheinitialconfigurationhas
beencompleted,peersusingRSAdigitalcertificatescanauthenticatewithoneanotherwithoutoperator
intervention.WhenanRSAdigitalcertificateisrequested,apublicandaprivatekeyaregenerated.The
hostusestheprivatekeytocreateadigitalsignature.Thehostsendsthisdigitalsignaturealongwithits
digitalcertificatetoitsIPSecpeerpartner.Thepeerusesthepublickeyfromthedigitalcertificatetovalidate
thedigitalsignaturereceivedfromthepeer.RSAEncryptedNoncesAtwistinthewaydigitalsignaturesare
usedistheprocessofusingRSAencryptednoncesforpeerauthentication.Anonceisapseudorandom
number.ThisprocessrequiresregistrationwithaCAtoobtainRSAdigitalcertificates.Peersdonotshare
publickeysinthisformofauthentication.Theydonotexchangedigitalcertificates.Theprocessofsharing
keysismanualandmustbedoneduringtheinitialsetup.RSAencryptednoncespermitrepudiationofthe
communication,whereeitherpeercanplausiblydenythatittookpartinthecommunication.Key
ManagementKeymanagementcanbeahugeproblemwhenworkingwithIPSecVPNs.Itseemslikethere
arekeyslurkingeverywhere.Inreality,onlyfivepermanentkeysareusedforeveryIPSecpeerrelationship.
Thesekeysaredescribedasfollows:Twoareprivatekeysthatareownedbyeachpeerandarenever
shared.Thesekeysareusedtosignmessages.Twoarepublickeysthatareownedbyeachpeerandare
madeavailabletoanyone.Thesekeysareusedtoverifysignatures.Thefifthkeyisthesharedsecretkey.
Bothpeermembersusethiskeyforencryptionandhashingfunctions.ThisisthekeycreatedbytheDiffie
Hellmanprotocol.Thatdoesnotseemlikemanykeys.Infact,theprivateandpublickeysareusedfor
multipleIPSecconnectionsonagivenpeer.Inasmallorganization,thesekeyscouldallprobablybemanaged
manually.TheproblemariseswhentryingtoscaletheprocessestosupporthundredsorthousandsofVPN
sessions.DiffieHellmanProtocolIn1976,WhitfieldDiffieandMartinHellmandevelopedthefirstpublic
keycryptographictechnique.TheDiffieHellman(DH)keyagreementprotocolallowstwopeerstoexchangea
secretkeywithouthavinganypriorsecrets.Thisprotocolisanexampleofanasymmetricalkeyexchange
processinwhichpeersexchangedifferentpublickeystogenerateidenticalprivatekeys.Thisprotocolisover
15/20
1/6/2015
20yearsoldandhaswithstoodthetestoftime.TheDiffieHellmanprotocolisusedinIPSecVPNs,butwe
havetolookhardtofindit.Itisusedintheprocessofestablishingthesecurechannelbetweenpeersthat
IPSecrideson.Thetrailisasfollows:IPSecusestheInternetSecurityAssociationandKeyManagement
Protocol(ISAKMP)toprovideaframeworkforauthenticationandkeyexchange.ISAKMPusestheIKE
Protocoltosecurelynegotiateandprovideauthenticatedkeyingmaterialforsecurityassociations.IKEuses
aprotocolcalledOAKLEY,whichdescribesaseriesofkeyexchangesanddetailstheserviceprovidedby
each.OAKLEYusesDiffieHellmantoestablishasharedsecretkeybetweenpeers.Symmetrickey
encryptionprocessesthenusethesharedsecretkeyforencryptionorauthenticationoftheconnection.
Peersthatusesymmetrickeyencryptionprotocolsmustsharethesamesecretkey.DiffieHellmanprovides
anelegantsolutionforprovidingeachpeerwithasharedsecretkeywithouthavingtokeeptrackofthekeys
used.DiffieHellmanissuchacleanprocessthatyoumightwonderwhyweneedsymmetrickeyencryption
processes.Theansweristhatasymmetrickeyencryptionprocessesaremuchtooslowforthebulkencryption
requiredinhighspeedVPNcircuits.ThatiswhytheDiffieHellmanprotocolhasbeenrelegatedtocreatingthe
sharedsecretkeyusedbysymmetrickeyencryptionprotocols.IPSecpeersusetheDiffieHellmanProtocolto
generatethesharedsecretkeythatisusedbyAHorESPtocreateauthenticationdataortoencryptanIP
datagram.ThereceivingpeerusestheDHsharedsecretkeytoauthenticatethedatagramanddecryptthe
payload.NodiscussionofDiffieHellmanwouldbecompletewithoutshowingthemechanismsinvolvedin
creatingthesharedsecretkey.Table28showstheDiffieHellmanprocessofcreatingthekeybetweentwo
IPSecpeerscalledAbleandBaker.Noticethatthesharedsecretkeynevertravelsoverthenetworkbetween
thepeers.
[http://2.bp.blogspot.com/_Hrww1lJ6hGQ/Sqeg2YfrQZI/AAAAAAAAA8Q/s3E57BHn0A/s1600h/16.JPG]
Figure.16CCSPCiscoSecureVPNCertificateAuthoritiesAnothermethodofhandlingkeysthatdoesnot
takealotofadministrativesupportistouseCertificateAuthorities(CAs)asatrustedentityforissuingand
revokingdigitalcertificatesandforprovidingameanstoverifytheauthenticityofthosecertificates.CAsare
usuallythirdpartyagentssuchasVeriSignorEntrust,butforcostsavings,wecouldalsosetupourownCA
usingWidows2000CertificateServices.ThefollowinglistdescribeshowCAswork:Aclientthatwantsto
usedigitalcertificatescreatesapairofkeys,onepublicandoneprivate.Next,theclientpreparesan
unsignedcertificate(X.509)thatcontains,amongotherthings,theclient'sIDandthepublickeythatwasjust
created.ThisunsignedcertificateisthensenttoaCAusingsomesecuremethod.TheCAcomputesahash
16/20
1/6/2015
codeoftheunsignedcertificate.TheCAthentakesthathashandencryptsitusingtheCA'sprivatekey.This
encryptedhashisthedigitalsignature,andtheCAattachesittothecertificateandreturnsthesigned
certificatetotheclient.ThiscertificateiscalledanIdentityCertificateandisstoredontheclientdeviceuntilit
expiresorisdeleted.TheCAalsosendstheclientitsowndigitalcertificate,whichbecomestherootcertificate
fortheclient.Theclientnowhasasigneddigitalcertificatethatitcansendtoanyotherpeerpartner.Ifthe
peerpartnerwantstoauthenticatethecertificate,itdecryptsthesignatureusingtheCA'spublickey.Itis
importanttonotethataCAonlysendsaclient'scertificatetothatclientitself.Iftheclientwantstoestablish
IPSecVPNswithanotherclient,ittradesdigitalcertificateswiththatclient,therebysharingpublickeys.
Whenaclientwantstoencryptdatatosendtoapeer,itusesthepeer'spublickeyfromthedigitalcertificate.
Thepeerthendecryptsthepackagewithitsprivatekey.Whenaclientwantstodigitallysignapackage,it
usesitsownprivatekeytocreatea"signed"hashofthepackage.Thereceivingpeerthenusestheclient's
publickeytocreateacomparisonhashofthepackage.Whenthetwohashvaluesmatch,thesignaturehas
beenverified.AnotherfunctionofaCAistoperiodicallygeneratealistofcertificatesthathaveexpiredor
havebeenexplicitlyvoided.TheCAmakestheseCertificateRevocationLists(CRLs)availabletoits
customers.Whenaclientreceivesadigitalcertificate,itcheckstheCRLtofindoutifthecertificateisstill
valid.AuthenticatingIPSecPeersandFormingSecurityAssociationsTheprotocolthatbringsallthe
previouslymentionedprotocolstogetheristheInternetKeyExchange(IKE)Protocol.IKEoperatesintwo
separatephaseswhenestablishingIPSecVPNs.InIKEPhase1,itisIKE'sresponsibilitytoauthenticatethe
IPSecpeers,negotiateanIKEsecurityassociationbetweenpeers,andinitiateasecuretunnelforIPSecusing
theInternetSecurityAssociationandKeyManagementProtocol(ISAKMP).InIKEPhase2,thepeersuse
theauthenticated,securetunnelfromPhase1tonegotiatethesetofsecurityparametersfortheIPSec
tunnel.Oncethepeershaveagreedonasetofsecurityparameters,theIPSectunneliscreatedandstaysin
existenceuntiltheSecurityAssociations(SAs)(eitherIKEorIPSec)areterminatedoruntiltheSAlifetimes
expire.CombiningProtocolsintoTransformSetsWeneedtoidentifythefiveparametersthatIKEusesin
Phase1toauthenticatepeersandestablishthesecuretunnel.Thosefiveparametersandtheirdefault
settingsfortheVPN3000ConcentratorSeriesareasfollows:Encryptionalgorithm56bitDES(default)or
thestronger168bit3DES.HashalgorithmMDS(default)orthestrongerSHAI.Authenticationmethod
Presharedkeys,RSAencryptednonces,orthemostsecure,RSAdigitalsignatures(alsothedefault).Key
exchangemethod768bitDiffieHellmanGroup1(default)orthestronger1024bitDiffieHellmanGroup2.
IKESAlifetimeThedefaultis86,400secondsor1day.Shorterdurationsaremoresecurebutcomeata
processingexpense.WhateverparameterswechooseforIKEPhase1mustbeidenticalontheprospective
peer,ortheconnectionisnotestablished.Oncewehavetheseconfigured,theonlyothervaluesweneedto
supplytoestablishtheIPSectunnelinIKEPhase2areasfollows:IPSecprotocolAHorESPHash
algorithmMDSorSHAI(ThesearealwaysHMACassistedforIKEPhase2.)Encryptionalgorithmifusing
ESPDESor3DESVPNSecurityHardwareDevicesOneoftheVPNhardwaredevicesforVPN
communicationisCisco3000Concentratorsanditssupportingsoftware.Sincethattime,Ciscohasenhanced
theproductlinebyaddingatoppedconcentratorandahardwareclient,andhasmadeimprovementstothe
softwareclient.MajorAdvantagesofCiscoVPN3000SeriesConcentratorsTheCiscoVPN3000Series
Concentratorsareextremelyversatile,deliveringhighperformance,security,andfaulttolerance.The
centralizedmanagementtoolisstandardsbasedandenablesrealtimestatisticsgatheringandreporting.
Thesedevicesallowcorporationstoreducecommunicationsexpensesbypermittingclientstoconnectto
corporateassetsthroughlocalISPconnectionstotheInternetratherthanthroughlongdistanceor800
numberconnectionstoaccessservers.VPNsprovidetheproductivityenhancingabilitytoaccesscorporate
networkassetswhilereducingexpenses.Dialupconnectionsusingmodemsareprevalentthroughoutmany
corporatecommunities,especiallyonlaptopsystems.Forsometypesofusers,however,broadbandVPN
servicesprovidespeedandalwaysonconnectivitythatpermitcorporationstoextendtheirofficeLANsinto
smalloffice/homeoffice(SOHO)environments.ThepopularityofcablemodemsandDSLmodemshasmade
broadbandservicescommonplaceforthehomeofficeuser.Connectingthesehighspeednetworkstothe
17/20
1/6/2015
corporatenetworkviaIPSectunnelsgivesSOHOuserssecure,fullaccesstonetworkassetsatspeedsupto
2StimesfasterthanS6kbpsmodems.Figure32showstypicalmodemandbroadbandconnectivitytoaVPN
concentrator.
[http://4.bp.blogspot.com/_Hrww1lJ6hGQ/Sqegj31ndI/AAAAAAAAA8I/8aQeiMPC3E8/s1600h/17.JPG] Figure.17
(source:CCSPCiscoSecureVPN)NotshowninFigure32,wirelessVPNclientsprovideanadditionallayer
ofencryptionsecuritytowirelesscommunications.IPSecencryptionendtoendbetweenclientand
concentratorcanbecombinedwiththeencryptionprovidedbythewirelessWiredEquivalPrivacy(WEP)
standardtoenableahighlevelofsecurityforwirelesscommunications.TheCiscoVPN3000Series
Concentratorsareversatile,fullfeaturedsystems.Someofthecharacteristicsthatmakethemsopopularare
asfollows:EasewithwhichyoucandeploythemPerformanceandscalabilitySecurityFaulttolerance
ManagementinterfaceEasewithwhichyoucanupgradethem
Conclusion
VPNcanbeasolutiontoreducethenetworkcomplexity,reducethenetworksoperationalcostandaccess
theremotenetworkviaglobalInternetorIntranet.CPEbasedIPVPNisbestsuitableforthetelecommuters.
ALAPcommunicationhasconfirmeditsservicewithproperauthentication,encryptionandaccesscontrolto
IslamiBankBangladeshLimited.Bankingsectorneedshighsecuritywithproperauthenticationsupports,
thatswhytheyuseCiscodevicesinallpartoftheirtopology.TheCiscoRouters,Switches,PIX(hardware
firewalls)andVPN3000SeriesConcentratorsareextremelyversatile,deliveringhighperformance,security,
andfaulttolerance.
References
Forouzan,B.A.(Ed2008).DataCommunicationsandNetworking.CategoriesofNetworks.pp.10041006
Ronald,F.J.(Ed2003).CCSPCiscoSecureVPN.TypesofVPN.pp.2426Ronald,F.J.(Ed2003).CCSP
CiscoSecureVPN.VPNOverIPSec.pp.3639Ronald,F.J.(Ed2003).CCSPCiscoSecureVPN.Explanation
oftheIPSecprotocols.pp.3945Ronald,F.J.(Ed2003).CCSPCiscoSecureVPN.IPSecsecurity
association.pp4652Ronald,F.J.(Ed2003).CCSPCiscoSecureVPN.VPNsecurityhardwaredevice.pp.
8587Virtualprivatenetwork.(2008,April8).InWikipedia,TheFreeEncyclopedia.Retrieved09:06,April09,
2008,Fromhttp://en.wikipedia.org/w/index.php?title=Virtual_private_network&oldid=20372TransportLayer
Security.(2008,April8).InWikipedia,TheFreeEncyclopedia.Retrieved11:09,April8,2008,from
http://en.wikipedia.org/w/index.php?title=Transport_Layer_Security&oldid=2773Cryptography.(2008,April
8).InWikipedia,TheFreeEncyclopedia.Retrieved11:13,April8,2008,from
http://en.wikipedia.org/w/index.php?title=Cryptography&oldid=205015343Digitalsignature.(2008,April8).In
Wikipedia,TheFreeEncyclopedia.Retrieved11:20,April8,2008,fromhttp://en.wikipedia.org/w/index.php?
title=Digital_signature&oldid=204242654Layer2TunnelingProtocol.(2008,March29).InHowStuffWorks.
18/20
1/6/2015
Retrieved10:14,April9,2008,fromhttp://howstuffworks.com/w/index.php?title=Layer_2_Tunnelingid=20
IPsec.(2008,April12).InCiscoNetworkingAcademy.Retrieved10:15,April9,2008,From
http://www.cisco.com/w/IPsec_05054949Hashfunction.(2008,April2).InWikipedia,TheFreeEncyclopedia.
Retrieved10:17,April9,2008,fromhttp://en.wikipedia.org/w/index.php?
title=Hash_function&oldid=202754090DiffieHellmankeyexchange.(2008,March27).InWikipedia,TheFree
Encyclopedia.Retrieved10:18,April9,2008,fromhttp://en.wikipedia.org/w/index.php?title=Diffie
Hellman_key_exchange/RSA.(2008,April7).InWikipedia,TheFreeEncyclopedia.Retrieved10:18,April
9,2008,fromhttp://en.wikipedia.org/w/index.php?title=RSA&oldid=204075139VPNSecurity(2008,April7).
InUnirvesityofIllinois.Retrieved10:18,April10,2008,fromhttp://www.cites.uiuc.edu/vpn/security.html.
VPNTunneling.(2008,April7).InHTCNetworkingSolution.Retrieved10:18,April10,2008,from
http://www.htcwizardweb.net/node/2113HMAC.(2008,April7).InIPSECWorkingGroup.Retrieved09:18,April
10,2008,fromhttp://www.cs.ucsd.edu/~mihir/papers/hmac.htmlTripleDES(3DES).(2008,April10).In
Wikipedia,TheFreeEncyclopedia.Retrieved09:53,April10,2008,from
http://en.wikipedia.org/w/index.php?title=Triple_DES&oldid=204805257MD5.(2008,April11).InWikipedia,
TheFreeEncyclopedia.Retrieved09:56,April10,2008,fromhttp://en.wikipedia.org/w/index.php?
title=MD5&oldid=204928132
[http://feeds.feedburner.com/JournalOrThesisPaper] Subscribeinareader
[http://feeds.feedburner.com/JournalOrThesisPaper]
[http://fusion.google.com/add?feedurl=http://feeds.feedburner.com/JournalOrThesisPaper]
[http://www.histats.com/]
19/20
1/6/2015
Posted9thSeptember2009byMDAshrafurRahim
Labels:AH,ESP,Extranet,HashbasedMessageAuthenticationCode(HMAC),Intranet,L2TP,TripleDES,
VPNIPSectunnel,vpnSSL
2 Viewcomments
gohost September22,2011at12:06AM
VPNisvirtualprivatenetworkconnecttoanyplaces.Mostofthethebusinesspeopleandlargeorganization
toimplementthisVPSconnections.It'scostisverylow.andhighsecurity.websitehosting
webhosting
Reply
BellBrown August2,2013at11:45PM
Simply put, a virtual private network or VPN is a network which is constructed by using public wires to
connectnodes.ItisawayofusingtheInternettoprovideremoteuserswithsecureaccesstotheirnetwork.
DataisscrambledasitssentthroughtheInternetensuringprivacy.
DedicatedVPN
Reply
Enteryourcomment...
Commentas:
GoogleAccount
Publish
Preview
20/20

Ipsec VPN - Virtual Private Network - Journal or Thesis Paper

Diunggah oleh

Informasi Dokumen

Judul Asli

Hak Cipta

Format Tersedia

Bagikan dokumen Ini

Bagikan atau Tanam Dokumen

Opsi Berbagi

Apakah menurut Anda dokumen ini bermanfaat?

Apakah konten ini tidak pantas?

Hak Cipta:

Format Tersedia

Ipsec VPN - Virtual Private Network - Journal or Thesis Paper

Diunggah oleh

Hak Cipta:

Format Tersedia

1/6/2015

Anda mungkin juga menyukai