Documente Academic
Documente Profesional
Documente Cultură
BCMSN v3.02-1
BCMSN v3.02-2
BCMSN v3.02-3
BCMSN v3.02-4
BCMSN v3.02-5
BCMSN v3.02-6
BCMSN v3.02-7
BCMSN v3.02-8
BCMSN v3.02-9
BCMSN v3.02-10
BCMSN v3.02-11
BCMSN v3.02-12
Data integrity: Since you have no control over where the data has
traveled and who has seen or handled the data you send or receive while the
data journeys across the Internet, there is always the possibility that the
data has been modified. Data integrity guarantees that no tampering or
alterations occur to data while it travels between the source and destination.
VPNs typically use one of three technologies to ensure data integrity: oneway hash functions, message authentication codes (MAC), or digital
signatures.
BCMSN v3.02-13
BCMSN v3.02-14
BCMSN v3.02-15
BCMSN v3.02-16
Tunnel mode encrypts the header and the payload of each packet while
transport mode only encrypts the payload.
BCMSN v3.02-17
BCMSN v3.02-18
BCMSN v3.02-19
BCMSN v3.02-20
BCMSN v3.02-21
Stream ciphers encrypt the bits of the message one at a time, and block
ciphers take a number of bits and encrypt them as a single unit.
A block cipher operates on fixed-length groups of bits, termed blocks,
with an unvarying transformation. When encrypting, a block cipher might
take, for example, a 128-bit block of plaintext as input, and output a
corresponding 128-bit block of ciphertext.
Decryption is similar: the decryption algorithm takes, in this example, a
128-bit block of ciphertext together with the secret key, and yields the
original 128-bit block of plaintext.
BCMSN v3.02-22
BCMSN v3.02-23
BCMSN v3.02-24
BCMSN v3.02-25
BCMSN v3.02-26
BCMSN v3.02-27
BCMSN v3.02-28
BCMSN v3.02-29
BCMSN v3.02-30
BCMSN v3.02-31
BCMSN v3.02-32
Step 1
First, Alice and Bob need to agree on a prime number p, which they can do
by simply sending it to each other. In this case, the agreed prime number p =
23.
Step 2
Given a prime number p, it is possible to come up with a number g (the socalled generator) with a very interesting property. Every number between 1
and p-1 can be written as a power of g when calculating modulo p. For now,
please accept that g = 2.
BCMSN v3.02-33
BCMSN v3.02-34
Step 3
Alice and Bob both choose random numbers, a and b respectively.
Both these numbers remain secret because only Alice knows her number and
only Bob knows his number. In the example, Alice chose a = 6 and Bob chose
b = 16.
Step 4
Alice then computes (g^a mod p) and Bob computes (g^b mod p). They
exchange their results.
BCMSN v3.02-35
Step 5
The key that Alice and Bob now agree on is simply g^(a*b). This is quite
easy to compute:
Alice knows a and g^b,
Bob knows b and g^a
and
BCMSN v3.02-36
Step 6
Alice and Bob can use the key g^(a*b) to encrypt messages with any secret
key algorithm.
The security of the Diffie-Hellman system depends on the assumption that it
is easy to raise a number to a certain power, but difficult to compute which
power was used given the number and the outcome.
For example, it's easy to compute 2^10 = 1024, but more difficult to
determine that 1024 is the tenth power of 2.
BCMSN v3.02-37
BCMSN v3.02-38
BCMSN v3.02-39
BCMSN v3.02-40
BCMSN v3.02-41
BCMSN v3.02-42
BCMSN v3.02-43
BCMSN v3.02-44
BCMSN v3.02-45
AH and ESP provide services to transport layer protocols such as TCP and
User Datagram Protocol (UDP).
AH and ESP are Internet protocols and are assigned numbers 51 (AH) and
50 (ESP) by the Internet Assigned Numbers Authority (IANA).
IPsec has a choice of different encryptions (Data Encryption Standard
[DES], Triple Data Encryption Standard [3DES], and Advanced Encryption
Standard [AES]) so that users can choose the strength of their data
protection.
IPsec also has several hash methods to choose from (Hash-based Message
Authentication Code [HMAC], Message Digest 5 [MD5], and Secure Hash
Algorithm 1 [SHA-1]), each giving different levels of protection.
BCMSN v3.02-46
BCMSN v3.02-47
BCMSN v3.02-48
BCMSN v3.02-49
BCMSN v3.02-50
BCMSN v3.02-51
BCMSN v3.02-52
BCMSN v3.02-53
NAT-T detection
During IKE Phase 1 negotiation, two types of NAT detection occur
before IKE quick mode begins: NAT support and NAT existence along
the network path. To detect NAT support, the vendor ID string is
exchanged with the remote peer.
NAT-T enables an IPsec device to find any NAT device between two
IPsec peers. To detect whether a NAT device exists along the network
path, the peers send a payload with hashes of the IP address and port
of both the source and destination address from each end. If the
payload hash and recalculated hashes do not match (that is, someone
translated the address or port), then each peer needs to perform NATT to transport the IPsec packet through the network.
BCMSN v3.02-54
BCMSN v3.02-55
BCMSN v3.02-56
BCMSN v3.02-57
BCMSN v3.02-58
BCMSN v3.02-59
BCMSN v3.02-60
BCMSN v3.02-61
Version
Serial Number
Algorithm ID
Issuer
Validity:
Not before
Not after
Subject Public Key Info
Public Key Algorithm
Subject Public Key
Certificate Signature Algorithm
Certificate Signature
BCMSN v3.02-62
BCMSN v3.02-63
Step 3
The end host generates a certificate request and forwards the request to the
CA
Step 4
After the request is approved, the CA signs the request with the CAs private
key.
Step 5
The CA returns the completed certificate to the end host. The end host writes
the certificate to a storage area such as NVRAM.
Step 6
The end host uses the certificate for communication with other
communication partners.
BCMSN v3.02-64
BCMSN v3.02-65
BCMSN v3.02-66
BCMSN v3.02-67
BCMSN v3.02-68
The main mode has three two-way exchanges between the initiator and receiver:
First exchange: The two peers negotiate and agree on which algorithms and hashes to use to
secure the IKE communications.
Second exchange: A Diffie-Hellmann exchange generates shared secret keys and pass nonces (a
nonce is a value used only once by a computer security system). A random number sent by one
party to another party, signed, and returned to the first party proves the second partys identity.
Once created, the shared secret key is used to generate all the other encryption and authentication
keys.
Third exchange: In this exchange, each peer verifies the identity of the other side by authenticating
the remote peer.
BCMSN v3.02-69
BCMSN v3.02-70
BCMSN v3.02-71
After the group negotiations are completed, the shared secret key is
calculated.
The shared secret key, SKEYID, is used in the derivation of three other keys:
SKEYID_a, SKEYID_e, and SKEYID_d.
Each key has a separate purpose:
SKEYID_a is the keying material that is used during the authentication
process
SKEYID_e key is the keying material that is used in the encryption process
SKEY_d key is the keying material that is used to derive keys for nonInternet Security Association and Key Management Protocol (non-ISAKMP)
SAs
BCMSN v3.02-72
The last exchange of IKE Phase 1 authenticates the remote peer. There
are three methods for identifying data origin:
Pre-shared keys: A secret key value is entered into each peer manually
and used to authenticate the peers.
RSA signatures: Digital certificates are exchanged to authenticate the
peers.
RSA encrypted nonces: Nonces are encrypted and then exchanged
between peers. The two nonces are used during a peer authentication
process.
BCMSN v3.02-73
BCMSN v3.02-74
BCMSN v3.02-75
BCMSN v3.02-76
BCMSN v3.02-77
BCMSN v3.02-78
BCMSN v3.02-79
Security Associations
When two peers agree on which security services they will use, each VPN peer
device enters the information in a Security Policy Database (SPD). The
information in the SPD includes the encryption and authentication algorithm,
destination IP address, transport mode, key lifetime, and any other security
information. This information is referred to as the SA. An SA is a one-way logical
connection that provides security to all traffic that is traversing the connection.
Because most traffic is bidirectional, two SAs are required: one for inbound
traffic and one for outbound traffic.
The VPN device indexes the SA with a number called a Security Parameter Index
(SPI). Rather than send the individual parameters of the SA across the tunnel,
the source gateway, or host, inserts the SPI into the ESP header.
BCMSN v3.02-80
BCMSN v3.02-81
BCMSN v3.02-82
BCMSN v3.02-83
BCMSN v3.02-84
BCMSN v3.02-85
BCMSN v3.02-86
BCMSN v3.02-87
BCMSN v3.02-88
BCMSN v3.02-89
BCMSN v3.02-90
BCMSN v3.02-91
BCMSN v3.02-92
BCMSN v3.02-93
BCMSN v3.02-94
BCMSN v3.02-95
BCMSN v3.02-96
Protocol Type: The Protocol Type field contains the protocol type of the
payload packet. In general, the value will be the Ethernet protocol type
field for the packet. For IP, the hexadecimal value of 0x800 is used. This
field enables the GRE to tunnel any OSI Layer 3 protocol.
BCMSN v3.02-97
BCMSN v3.02-98
BCMSN v3.02-99
BCMSN v3.02-100
BCMSN v3.02-101
BCMSN v3.02-102
BCMSN v3.02-103
BCMSN v3.02-104
BCMSN v3.02-105
BCMSN v3.02-106
BCMSN v3.02-107
BCMSN v3.02-108
BCMSN v3.02-109
BCMSN v3.02-110
BCMSN v3.02-111
BCMSN v3.02-112
SSO allows the active and standby routers to share IKE and IPsec state
information so that each router has enough information to become the
active router at any time. To configure stateful failover for IPsec, you
should enable HSRP, assign a virtual IP address, and enable the SSO
protocol.
BCMSN v3.02-113
BCMSN v3.02-114
BCMSN v3.02-115
BCMSN v3.02-116
BCMSN v3.02-117
In order to operate an IGP across an IPsec tunnel, you should use GRE over
IPsec, which provides a virtual point-to-point link. Alternatively, you can use a
newer method in which virtual interfaces are used with native IPsec (no
additional GRE headers are used).
An alternative is to use native IPsec and configure floating static routes (that is,
routes that have high administrative distance and, optionally, that are locally
redistributed having a very high cost) for the VPN destination that points to the
Internet.
BCMSN v3.02-118
BCMSN v3.02-119
BCMSN v3.02-120
BCMSN v3.02-121
BCMSN v3.02-122
BCMSN v3.02-123
BCMSN v3.02-124
Step 5
The mode configuration process is initiated.
Step 6
The Reverse Route Injection (RRI) process is
initiated.
Step 7
IPsec quick mode completes the connection.
BCMSN v3.02-125
BCMSN v3.02-126
BCMSN v3.02-127
BCMSN v3.02-128
BCMSN v3.02-129
BCMSN v3.02-130
BCMSN v3.02-131
BCMSN v3.02-132
BCMSN v3.02-133
BCMSN v3.02-134
BCMSN v3.02-135
BCMSN v3.02-136