JOHN CORDIER ACADEMY

IP security reference card

SYMMETRIC CRYPTO
key k plaintext m encryptk(m)
key k= identic on both sides enc/dec algorithms= inverse

HASHING Arbitrary message m

plaintext m
one to one

PUBLIC KEY CRYPTO Message digest (fixed length) H(m) Secrecy

main use: sending over session keys = digital envelope: RSA eB public encryption key dB private decryption key plaintext m
Output (bit) 16 128 128 160 256 / 384 / 512 160

key k cipher text

Hash function
not feasable

decryptk(m)
Algorithm Checksum MD4 MD5 SHA-1 SHA-xxx RIPEMD-160

cipher text eB(m) encryption algorithm Alice eA, dA decryption algorithm Bob eB, dB

plaintext m=dB [eB(m)]

Historic: Caesar Substitution Vigenre Vernam ...

Symmetric Ciphers Stream cipher Block cipher Applied on Applied on equal data each digit blocks RC4.SEAL
(3)DES: ECB, CFB, OFB,.. IDEA, RC2, AES RC5, Blowfish, CAST-128

Sender Authentication
digital signature: RSA/DSA/ECDSA plaintext m b m + dA (h(m))
generation of digital signature

KEY EXCHANGE MECHANISMS

1. Diffie-Hellman

eA public encryption key sender verification Bob eB, dB

plaintext eA(dA [h(m)]= h(m)

a Alice

Parties agree on g-P pair a h1=g mod P public value

Name DES 3DES IDEA Blowfish CAST-128 RC2 RC5 AES

Key Length (bit) 56 112/168 128 32-448 40-128 8-1024 02040 128-256

Block Size (bit) 64 64 64 64 64 64 128 128

b h2=g mod P secret key= Ka-b = (gb mod P)a = (gb)a mod P a,b = private value (random)

Bob

Alice eA, dA

secret key= Kb-a = (ga mod P)b = (ga)b mod P DH group 1 2 3/4= E.C.C. 5 g 2 2 2 P (bit) 768 1024 1536

Message integrity
Message Authentication Code: MAC; MAC using keyed hashing: HMAC K common secret K common secret plaintext m m + h (m +K) generation of MAC Alice Verification of message Bob on received m: H (m+K)

2. RSA/DSA

Alice
Alice eA, dA Generates a session key Ks

e (Ks) b

Bob
Bob eB, dB

IPsec (TUNNEL MODE) Authentication Header (AH)

Protocol 51 Protocol 50

IKE NEGOTIATION Encrypted

PHASE 1 Creating
secure channel between VPN boxes 3 messages (no IP spoofing prevention) = no cookie exchange (clogging attack danger)

Encapsulation Security Payload (ESP)

IP header

AH header

original IP + payload

IP header ESP header original IP + payload ESP trailer ESP auth

Main mode
6 messages (to prevent IP spoofing)

Aggressive mode

MAC (excluding mutable IP hdr fields) Next header Payload length Identifies S.A. Anti-replay SPI Sequence number Authentication data

Identifies S.A. SPI Sequence number Sender: Receiver:

MAC Padd. length Anti-replay Next header

PHASE 2

Creating S.A. 3 messages (using DH)

3 messages

first encrypt, then authenticate first authenticate, then decrypt

Quick mode with PFS

Quick mode no PFS

PPP SECURITY Encryption

L2F - PPTP - L2TP

IPs = tunnel source IPd = tunnel destination
Layer 2 Delivery header

L2TP IN IPSEC (TRANSPORT MODE)

1. ECP:IETF Session key= aggreed upon prior to encryption

Encryption not applied to LCP / ECP packets Type Length
3= DESv 2 2= 3DES

L2F control + datapacket Original payload packet

Protocol: 0X8053

IV for DES-CBC

IP header

UDP Ps = 1701 Pd = 1701

L2F header

PPP header

IP header

TCP header

Data

IP UDP L2TP PPP IP TCP header header header header header header
Encrypt + authenticate

PPP header ECP header Code 1 2 3 4 5 6 7 Identifier

Data PPTP control packet Lenght

Layer 2 Delivery header

Configure - Request. Configure - Ack. Configure - Nak Configure - Reject. Configure - Request. Configure - Ack. Code - Reject.

TCP IP PPTP header Pd = 1723 header

PPTP control messages

PPTP control packet

IP IPsec UDP L2TP PPP IP TCP header header header header header header header

Layer 2 Delivery header

IP header

GRE v2

PPP header

IP header

TCP header

Data

Goal: - user authentication - user receives new network parameters

L2TP control + datapacket

Layer 2 Delivery header

2. MPPE: Microsoft PtoP encryption:

RC4 key length negotiable: 40-56-128 bits

IP header

UDP Ps = 1701 Pd = 1701

L2TP header

PPP header

IP header

TCP header

Data

Authentication: EAP (RFC 2284) OVERVIEW OF TLS HANDSHAKE MESSAGES

Client Hello Message Server Hello Message Server Certificate (*) Name https ssmtp snntp sldap spop3 ftps ftp-data telnets Ports 443 465 563 636 995 990 889 992 Server Key Exchange
(*)

OPENSSL (COMMAND OVERVIEW)

Generating keys openssl genrsa [-out filename] [-passout arg] [-des] [-des3] [-idea] [-f4] [-3] [-rand file(s)] [numbits] Requesting a certificate openssl req [-in filename] [-out filename] [-new] [-key filename] [-keyout filename] [-[md5|sha1|md2|mdc2]] [-config filename] [-subj arg] [-x509] [-days n] [-set_serial n] [-extensions section] [-reqexts section] Generating a certificate openssl x509 [-in filename] [-out filename] [-serial] [-hash] [-email] [-startdate] [-enddate] [-purpose] [-req] [-md2|-md5|-sha1|-mdc2] [-clrext] [-extfile filename] [-extensions section] CA management openssl ca [-gencrl] [-revoke file] [-crl_reason reason] [-crl_hold instruction] [-crldays days] [-days arg] [-md arg] [-cert file] [-selfsign] [-in file] [-out file] [-notext] [-outdir dir] [-infiles] [-extensions section] [-extfile section] Encoding openssl enc -ciphername [-in filename] [-out filename] [-pass arg] [-e] [-d] [-a] [-A] [-k password] [-kfile filename] [-K key] [-iv IV] [-p] [-P] [-bufsize number] [-nopad] [-debug]

SECURITY RELATED URLs

ICRI PacketStorm SANS CVE database CERT SecurityFocus Linux Security NIST mailinglist overview BUGTRAQ Mailinglist SECUNIA Mailinglist Sec. Resource Center COAST IPtables Internet Storm Center SNORT signatures updates Microsoft Security Downl. BCVG Newsgroups http://www.law.kuleuven.ac.be/icri/ http://www.packetstormsecurity.com/ http://www.sans.org http://cve.mittre.org http://www.cert.org http://www.securityfocus.com http://www.linuxsecurity.com http://csrc.ncsl.nist.gov http://archives.neohapsis.com http://www.securityfocus.com http://www.secunia.co.uk http://csrc.nist.gov/ http://www.cerias.purdue.edu/coast http://www.netfilter.org http://incidents.org http://www.whitehats.com/ids/ http://www.microsoft.com/downloads http://www.ebcug.com/info.php comp.security.announce comp.os.linux.security comp.os.ms-windows.nt.admin.security V1.0

Certificate request (*) Server Hello Done Client Certificate (*) Client Key Exchange Certificate Verify (*) Change Cipher Spec Finished

Applies the new secrets negotiated in handshake

Change Cipher Spec Finished

(*) = Optional

NETWORK ADDRESS TRANSLATION (NAT) ONLY

INTERNAL 10.1.10.1 10.1.10.5 Source IP 10.1.10.5 Source IP 1.30.5.9 Dest. IP 1.30.5.9 Dest. IP 10.1.10.5 Source Port 5500 Source Port 80 Dest. Port 80 Dest. Port 5500 Source IP 2.2.2.5 Source IP 1.30.5.9 2.2.2.5 1.30.5.9 Dest. IP 1.30.5.9 Dest. IP 2.2.2.5 EXTERNAL Private IP 10.1.10.5

NAT Device Internal Mappings Dest. IP Dest. Port 1.30.5.9 80

JOHN CORDIER ACADEMY

Source Port 5500 Source Port 80 Dest. Port 80 Dest. Port 5500

www.jcacademy.com

STATIC SOURCE/DESTINATION MAPPING

- Static Source Mode NAT (1-1): Checkpoint - Static Destination Mode NAT (1-1): Checkpoint - Mapped IP: Netscreen 10.1.10.5 (Web) Source IP 1.30.5.9 Source IP 2.2.2.15 Dest. IP 2.2.2.15 Dest. IP 1.30.5.9 Source Port 5500 Source Port 80 Dest. Port 80 Dest. Port 5500 Dest. IP 1.30.5.9 Source IP 10.1.10.5 INTERNAL 10.1.10.1 2.2.2.15: static dest. address EXTERNAL 2.2.2.5 1.30.5.9 Dest. IP 10.1.10.5 Dest. IP 1.30.5.9 Private IP 10.1.10.5

NAT Device Internal Mappings Mapped IP Dest. Port 2.2.2.15 80

Source Port 5500

IP Security
reference card
v.2.0

Source Port 5500 Source Port 80

Dest. Port 80 Dest. Port 5500

MULTIPLE ADDRESSES TRANSLATED TO A POOL OF ADDRESSES

- Cisco: - Netscreen: - Linux: Static NAT DIP SNAT 10.1.10.5 Source IP 10.1.10.5 Source IP 1.30.5.9 Dest. IP 1.30.5.9 Dest. IP 10.1.10.5 Source Port 5500 Source Port 80 Dest. Port 80 Dest. Port 5500 Source IP 2.2.2.1 Source IP 1.30.5.9 INTERNAL 10.1.10.1 POOL: 2.2.2.1 - 2.2.1.4 EXTERNAL 2.2.2.5 1.30.5.9 (Web) Dest. IP 1.30.5.9 Dest. IP 2.2.2.1

NAT Device Internal Mappings Private IP Translated IP Original Port Translated Port Dest. Port 10.1.10.5 80 2.2.2.1 5500 2013 10.1.10.6 2.2.2.2 6600 6600 80

Source Port 2013 Source Port 80

Dest. Port 80 Dest. Port 2013

NETWORK ADDRESS & PORT TRANSLATION

Linux: masquerading Checkpoint: dynamic NAT/Hide Mode NAT Netscreen: NAPT Cisco: overloading 10.1.10.5 Source IP 10.1.10.5 Source IP 10.1.10.6 Dest. IP 1.30.5.9 Dest. IP 1.30.5.9 INTERNAL 10.1.10.1 10.1.10.6 Dest. Port 80 Dest. Port 80 Source IP 2.2.2.5 Source IP 2.2.2.5 2.2.2.5 1.30.5.9 Dest. IP 1.30.5.9 Dest. IP 1.30.5.9 EXTERNAL Private IP 10.1.10.5 10.1.10.6

NAT Device Internal Mappings Original Port Translated Port 5500 2013 5500 4013

Dest. Port 80 80

Source Port 5500 Source Port 5500

Source Port 2013 Source Port 4013

Dest. Port 80 Dest. Port 80

PORT FORWARDING
INTERNAL (ssh) 10.1.10.16 (web) 10.1.10.17 Source IP 1.30.5.9 Source IP 1.30.5.9 Dest. IP 10.1.10.16 Dest. IP 10.1.10.17 Source Port 9483 Source Port 5098 Dest. Port 22 Dest. Port 80 Source IP 1.30.5.9 Source IP 1.30.5.9 10.1.10.1 2.2.2.6: port forwarding address EXTERNAL 2.2.2.5 1.30.5.9 Dest. IP 2.2.2.6 Dest. IP 2.2.2.6 Mapped to IP 10.1.10.16 10.1.10.17

NAT Device Internal Mappings Virtual IP Virtual Port 2.2.2.6 22 2.2.2.6 8080

Mapped to 22 SSH 80 HTTP

Source Port 9483 Source Port 5098

Dest. Port 22 Dest. Port 80

X509 v3 CERTIFICATE
Version = 3 Serial Number Algorithm Identifier (1) Issuer (2) Period of Validity Subject (3) Subjects Public Key (4) Issuer Unique ID Subject Unique ID Extensions (5) Signature
(1) O.ID for Digital signatures: DSS SHA 2.16.840.1.101.22.1.1 RSA MD5 1.2.840.113549.1.1 (2) X.500 name (dn) (3) X.500 name (dn) & email address for rootCA-cert: issuer = subject (4) Public Key Algorithm: rsaEncryption RSA - Public Key: (1024 bit) - Modulus (1024 bit): ....... - Exponent: 65537 (0x10001) or 3 (5) Critical / non-critical - Extensions to support CPs - Basic constraints extension - Policy Mapping extension - Policy Constraints extension - Private extensions - Extension to support indirect CRL - Extension to support cert-chain building

X509 CRL FORMAT

Version Signature (1) Issuer (2) This update Next update List of revoked certs (3) ... ... ... Extensions (4) Signature
(1) Algorithm ID (eg HMAC-MD5) (2) Distinguished name of issuer (3) Contains entries: For every entry: - Cert serial number - Revocation date/time - Optional: Per entry extensions (4) Per CRL extensions Per Entry: Reason code Per CRL: - Authority Key Identifier - Issuer Alternative Name - CRL serial nr - Issuing Distribution Point (indirect CRL) - Delta CRL Indicator

Signed By issuer

Signed By issuer