Graz University of Technology

IAIK
IAIK
Institute for Applied Information Processing and Communications
Inffeldgasse 16a IAIK
A–8010 GRAZ TU Graz

IIS Homework

Internet Protocol Security

Version 1

Mirza Plevljak 0330917,

Pritam Lodh 9814476,
Babak Arabani 0130953, and
Thomas Holzmann 0512435

Article
IIS - Gruppe 17

http://www.iaik.tu-graz.ac.at/teaching/
 Internet Protocol Security
Mirza Plevljak, Pritam Lodh, Babak Arabani, and Thomas Holzmann
January 16, 2008

Abstract
With the growing size of the Internet and networks in general, security became
a huge problem. Many engineers and developers tried to find a solution and they
came up with many different concepts. At first trying to provide server-sided protec-
tion, which made at least the backbone networks safe, but the end-users, generally
workstations still suffered from a lack of security. That was the point when personal
firewalls were introduced, but it was still no “perfect” protection. Over the years
many other security systems have been introduced but IPSec became the most reli-
able and favorable solution. IPSec is an extension to the IP protocol which provides
security. When IPv4 was developed nobody thought that the networks would develop
so fast and many computers would participate. The first participants received huge
quantities(millions) of IP-addresses.

2
Contents
1 Why do we need IP security 4

2 IPv4 Networks Versus IPv6 Networks 4

2.1 IP addresses . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
2.2 Additional Changes from IPv4 to IPv6 . . . . . . . . . . . . . . . . . . . . 6
2.2.1 Header Information . . . . . . . . . . . . . . . . . . . . . . . . . . . 6
2.2.2 Quality of Service (QoS) . . . . . . . . . . . . . . . . . . . . . . . . 6
2.2.3 Multicast . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6
2.2.4 Stateless address autoconfiguration (SLAAC) . . . . . . . . . . . . 6
2.2.5 Mobile IP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
2.2.6 IPSec . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
2.3 Spreading of IPv6 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
2.4 Criticism of IPv6 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7

3 IP Security Protocol 7
3.1 How it works and how to use . . . . . . . . . . . . . . . . . . . . . . . . . 7
3.1.1 Diffie-Hellman key exchange in detail . . . . . . . . . . . . . . . . . 8
3.1.2 The symmetric cryptosystem . . . . . . . . . . . . . . . . . . . . . 9
3.1.3 The security association . . . . . . . . . . . . . . . . . . . . . . . . 9
3.1.4 SAD and SPD . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
3.1.5 Operations of IPSec . . . . . . . . . . . . . . . . . . . . . . . . . . 10
3.1.6 IP authentication header . . . . . . . . . . . . . . . . . . . . . . . . 11
3.2 IPSec protocols . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
3.2.1 Authentication Header . . . . . . . . . . . . . . . . . . . . . . . . . 11
3.3 Encapsulating Security Payload (ESP) . . . . . . . . . . . . . . . . . . . . 13
3.4 Network Address Translators (NAT) . . . . . . . . . . . . . . . . . . . . . 16

4 IPSec Virtual Private Networks 17

4.1 IPSec in VPN Protocols . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18
4.2 IPSec Security Issues . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19
4.3 Building and Implementation of IPSec into VPN . . . . . . . . . . . . . . . 20

5 Disadvantages of IP Security 22

3
1 Why do we need IP security
The Internet Protocol organizes the connections between computers in a network and im-
portant data should be transferred over this. Therefore we need security mechanisms for
the communication.
The discussion about Internet Security began in 1994 as the Internet Architecture Board
(IAB) issued a Report titled “Security in the Internet Architecture” which said that the
Internet needs more security and identified key areas for security. These were e.g. the need
to secure the network infrastructure for unauthorized monitoring and the need to secure
end-user-to-end-user traffic using authentication and encryption mechanisms.
In the year 1998 these concerns were fully justified by the Computer Emergency Response
Team (CERT) which listed many security incidents affecting many sites.
Therefore the Internet Architecture Board included authentication and encryption as im-
portant features for the next generation Internet Protocol IPv6 (IPv6 will be discussed
later in detail). Fortunately these capabilities can also be used with IPv4 and many ven-
dors have IP Security (IPSec) capabilities in their products now. [Sta]

In the future there will be even more demand on Internet security because the working
area of the Internet will be more broad. Much more people than today will make bank
transactions, make administrative activities where they have to send their personal data
over the internet and much more companies will transfer business data over the internet.
So we need good security protocols for the Internet.

2 IPv4 Networks Versus IPv6 Networks

The Internet Protocol Version 6 (IPv6), which is the successor of the Internet Protocol
Version 4 (IPv4), was primary developed because of the limitation of IP addresses of the
IPv4, which is limited to a little bit more than 4 billion addresses. Although you could
think this number of IP addresses are enough at the moment, that’s not true because of
the unbalanced distribution of these. So most of the address space is assigned to North
America and Europe, and therefore e.g. Asian countries have problems because of too less
address space assigned to them.
Figure 1 will show how many persons have to share one IP address in each country [Bro06].

But not only the address space was enlarged, also other features has been added. This
list will give you an overview of all these new features [Wik08f]:

• Enlargement of the address space to 2128 (=340.282.366.920.938.463.463.374.607.431.768.211.456)

addresses unlike 232 (=4.294.967.296) addresses of IPv4.

• Stateless address autoconfiguration (SLAAC)

• Mobile IP and simplified renumbering

4
 Figure 1: Persons per IP address

• Services like IPSec, QoS and Multicast are standard in IPv6

• Simplification of the header information

• And others

2.1 IP addresses
As said before, the primary change from IPv4 to IPv6 is the enlargement of IP address
space and therefore also the IP address is growing from 32 bits to 128 bits. So also another
notation is required.
With IPv4 an IP address looks e.g. like this 200.123.233.133. There are four blocks, each
with three decimal numbers, and every block is representing eight bits. Each address is
divided into a network ID and a host ID. Normally the first 24 bits are the network ID
and the last 8 bits are the host ID. You have to define this division in the subnetmask.
So if the subnetmask is 255.255.255.0 it describes the division mentioned above: You have
a network ID e.g. 192.168.0.x and a host ID 192.168.0.1. This means that you can have
256 − 2 hosts in this network (-2 because host ID 0 means the whole network and 255 is
reserved for the broadcast, which means that all hosts will be called). Similarly to the
subnetmask you can say 192.168.0.1/24, which also means that the first 24 bits are the
network ID.
With IPv6 addresses are defined as eight blocks, each consisting of 4 hexadecimal num-
bers and divided with colons. One or more blocks with the values 000 can be replaced
with two colons, but one address may contain this only once. So e.g. the address

5
342e:9d3a:0000:0000:2b88:93c5:ee3a:054a can also be written as 342e:9d3a::2b88:93c5:ee3a:054a.
There also don’t exist netmasks any more. Instead of that you have to add a / and the
length of the network ID (in decimal) to define a subnet.

2.2 Additional Changes from IPv4 to IPv6

2.2.1 Header Information
Unlike IPv4 IPv6 has a fixed header size of 40 bytes instead of 20 to 24 bytes for IPv4.
This header contains the IP version number, Quality of Service (QoS) attributes (you can
set the priority of the package with that),the length of the package, the type of the next
header, the hop limit (these is the maximum number of routers a packet is allowed to pass),
the source addres and the destination address.

2.2.2 Quality of Service (QoS)

With QoS you can achieve that some services will get more resources than others. Espe-
cially for real-time multimedia services, such as VoIP and IPTV, this is very important
because of the delay sensitivity and the fixed bitrate of these.

2.2.3 Multicast
Multicast means that you can send a message from one point to a whole group, without
multiplying the bandwidth of the sender for every receiver. So the sender only needs the
same bandwidth as each receiver. To send such a message, you need a special multicast IP
address (IPv6: every address starting with FF00::/8; IPv4: every address from 224.0.0.0
to 239.255.255.255).

2.2.4 Stateless address autoconfiguration (SLAAC)

Stateless address autoconfiguration (SLAAC) is a process with which a host can assign
itself an address. So there is no need for a stateful address configuration (e.g. DHCP),
which also keeps account of the assigned addresses.
For this the interface generates itself an address out of its MAC address and starts searching
for a router. Then, as response of this request, the router sends information about the
address space where the interface can choose an address to it. After choosing an address
every interface has to do duplicate address detection (DAD) so that you can be sure that
this address only exists once.
Unlike this, stateful address configuration (e.g. DHCP) works different. There the the
server assigns an address to the client and also takes account of this.
Usually the last 64 bits of an IPv6 address is the MAC address of the interface. Because
of data protection concerns about this (the last 64 bits of the IPv6 address of an interface
are always the same), a privacy extension to IPv6 was made where the last 64 bits change
randomly.

6
2.2.5 Mobile IP
With mobile IP a computer can be reachable over the same IP address although it is not
connected over the same internet connection every time.
There is a home agent, which is assigned to one IP address. If now a computer isn’t
connected directly over this to the internet it sends a “Binding Update” to the home
agent. As request it gets a “Binding Acknowledgement”. Now the home agent routes
every packet to the the foreign link where the Binding Update came from. If the computer
changes its location, it has to execute Binding Update again. [JPA04]

2.2.6 IPSec
IPSec is a collection of IP security protocols and is integrated in IPv6 by default and it is
also possible to use IPSec with IPv4. But IPSec will be discussed more specific later so I
will not go in detail here.

2.3 Spreading of IPv6

Because of the nonexistent shortage of IPv4 addresses in Europe and North America and
because of the fact, that many advantages IPv6 has over IPv4 by default were also been
implemented for IPv4, there is no big demand of IPv6 in these countries.
But China, for example, has started a project called “Chinas next generation Internet”,
which purpose is an early adoption of IPv6 because now China has more high-speed internet
users than IP addresses [Wik08a].

2.4 Criticism of IPv6

Especially in earlier years of IPv6 the standards of it were changed often. For example the
format of the adoption of the MAC address into the IP address was first changed once and
then, because of data protection issues (as said above), changed again.
Also the address space of 128 bits may be overkill. With this address space there can be
2.3 ∗ 1020 assigned to every square centimeter on earth. If there would be 64 bits every
square centimeter would have about 12.5 IP addresses. This would also be enough and
with this, routers would need less processing power. The QoS could also be a good aim
for hackers, who could change the priority of packets before you could send it out to the
internet [Aie].

3 IP Security Protocol
3.1 How it works and how to use
The main difference to other security systems is that IPsec takes is operating on the
network layer, instead of the transport layer (like SSH, SSL,...). Some protocols are very

7
 Figure 2: Trust Relationship

complex, especially the internet key exchange protocol, which base is the Diffie-Hellman
key exchange.

3.1.1 Diffie-Hellman key exchange in detail

Two persons want to communicate via messages. The communication channel is not safe.
To decrypt the message a key is needed. Generating the secret pass phrase or key out of
the messages is not possible, because of the Diffie-Hellman problem, a problem where no
solutions exist.
The weakness of this protocol is a so called man in the middle attack, where another
person receives and transmits data between the two partners. This weakness can be solved
by implementing digital signatures or Message Authentication Codes(MAC), which have
nothing to do with the MAC-addresses of network devices. The base of the Diffie-Hellman
exchange is a symmetric cryptosystem.

8
3.1.2 The symmetric cryptosystem
The main difference between asymmetric and symmetric systems is that the same key is
used to de- and encrypting the message in the symmetric mode. At first both partners try
to find a shared prime number and a primitive root. Two random numbers are generated
which must remain secret. Then two variables A and B are generated and are sent over
the insecure link. With A and B K can be computed, where K is the key.

3.1.3 The security association

A security association is a link between two partners in a computer network describing
which security related services are used. Only one security service can be used at one
connection, if several services are needed, several connections must be established.

3.1.4 SAD and SPD

Figure 3: IP layers

Security Association Database and the Security Policy Database decide what happens
to an IP-packet. The SPD describes which traffic is being dropped or allowed and it

9
controls the outgoing packets, referring to the SAD entries.

• The SAD includes Destination IP address

• Ipsec proto (SAor ESP)

• SPI(cookie)

• Sequence counter

• Seq O/F flag

• anti-replay window info

• AHtype and info

• ESPtype and info

• Lifetime info

• tunnel/transport mode flags

• PATH MTUinfo

3.1.5 Operations of IPSec

Figure 4:

There are 2 different operating modes for IPSec:

Transport mode In the transport mode the IP-payload is encrypted, but the original
header files are left intact. It is used for end-to-end communication or for end-to-gateway
communication, but it is generally not used for gateway to gateway communication, here
the tunnel mode is used.

Tunnel mode Unlike the transport mode the whole IP-packet is encrypted in the tunnel
mode. There are two different tunnel modes: The AH (authentication header mode) and
the ESP (encapsulating security payload).

10
3.1.6 IP authentication header
The IP Authentication Header provides connectionless integrity, data origin authentica-
tion, and an optional anti-replay service.
The Encapsulating Security Payload may provide confidentiality (encryption), and limited
traffic flow confidentiality. It also may provide connectionless integrity, data origin authen-
tication, and an anti-replay service. (One or the other set of these security services must
be applied whenever ESP is invoked.)

3.2 IPSec protocols

3.2.1 Authentication Header
“The IP Authentication Header (AH) is used to provide connectionless integrity and data
origin authentication for IP datagrams” [KA98a]

AH is also used to provide protection against replay attacks . Technique used in this
case is called : technique of sliding windows .
Sliding window protocol is data transmission protocol in data link layer , which is used to
keep records of sequence numbers and acknowledgments sent from both sides .
Example for sliding window would be case in which sender fails to receive packet acknowl-
edgment for the first packet send , then sender slides the window or resets the window and
sends second package . Process is being repeated until sender interupts transmission.
AH provides authentication for many IP headers possible , and protects all header fields. In
this case there could be some exceptions too . For example some IP header can be changed
during the transit , and such can not be protected by AH . Its use can be combined with
Encapsulating Security Payload (ESP) , or it can be used through Tunnel Mode . The
difference betwen AH and ESP lies in the domain of coverage . For example ESP can not
cover IP header values .

Figure 5: Authentication Header Format

11
Next Header is a set of 8 bit fields which defines next payload . Values are defined
through Assigned Numbers predefined from Internet Assign Numbers Authority (IANA)

Payload Length 8 bit field , which defines the length of AH . It is measured in 32 bit
words.

Reserved This field is reserved for future use, and therefore must be set to zero

Security parameters index (SPI ) Its length is 32 bit word , and the values are set
from 1-255 , defined and preset from IANA . In case that SPI value is zero (0) , it must be
used only for local network purposes , therefore should not be sent online . SPI together
with AH defines Security of a certain datagram .

Sequence Number Field Is also 32 bit field , and it hold the number of sequence sender
transmits . At the beginning it is always set to zero (0) . So the first package sent would
have the sequence number one (1) . Packet processing is defined in that way that sender
must always send this field with SN , but receiver is not obligated to accept it .

Authentication Data It is also 32 bit length and contains Integrity Check Value (ICV).
ICV is need for authentication of the packages .

AH may be implemented in both Tunnel and Transport mode:

Transport Mode In Transport Mode AH is inserted before and after Upper Layer Pro-
tocol or Header . In those cases we can talk about two different versions of implementations.

Figure 6: IPv4 - AH in Transport Mode

12
 Figure 7: IPv6 - AH in Transport Mode

Figure 8: AH in Tunnel Mode

Tunnel Mode In Tunnel Mode, AH can be implemented in hosts and gateways. Here
we also apply Ipv4 and Ipv6 and illustrate different positioning.
It is also very important to mention Authentication Algorithms which are specified
by SA. Couple of algorithmscan be used, like e.g. those that are based on symmetric
encryption (DES) or the hash functions (MD5 or SH-1). Others besides those, can also be
used.

3.3 Encapsulating Security Payload (ESP)

“The ESP protocol provides origin authenticity, integrity, and confidentiality protection
of a packet. ESP also supports encryption-only and authentication-only configurations,
but using encryption without authentication is strongly discouraged because it is inse-
cure.” [Wik08b]

As mentioned before , ESP can be implemented alone or in combination with AH , or

through use of Tunnel or Transport Modes . In Transport Mode ESP is inserted before
Upper Layer Protocol , and in Tunnel Mode before IP header .

Security Parameters Index ( SPI Is a 32 bit in length, and together with ESP
defines security of a certain datagram.It uses the values 1-255 ,and in case that SPI value

13
 Figure 9: Encapsulating Security Payload Packet Format

is zero (0) , it must be used only for local network purposes , therefore should not be sent
“online”. Basically works the same as SPI used for AH.

Sequence Number Just like in case of SPI , SN in ESP works exactly the same as in
the AH (allready mentioned above).

Payload Data is somewhat different in ESP , as it has not fixed value in length , and
it contains data for the Next Header field.

Padding Use of padding is best describe through several factors [KA98b]:

• “If an encryption algorithm is employed that requires the plaintext to be a multiple of
some number of bytes, e.g., the block size of a block cipher, the Padding field is used
to fill the plaintext (consisting of the Payload Data, Pad Length and Next Header
fields, as well as the Padding) to the size required by the algorithm.”
• “Padding also may be required, irrespective of encryption algorithm requirements, to
ensure that the resulting ciphertext terminates on a 4-byte boundary. Specifically, the
Pad Length and Next Header fields must be right aligned within a 4-byte word, as
illustrated in the ESP packet format figure above, to ensure that the Authentication
Data field (if present) is aligned on a 4-byte boundary.”
• “Padding beyond that required for the algorithm or alignment reasons cited above, may
be used to conceal the actual length of the payload, in support of (partial) traffic flow
confidentiality. However, inclusion of such additional padding has adverse bandwidth
implications and thus its use should be undertaken with care.”

Pad Length Indicates number of pad bytes , and has values in range from 0-255 , where
0 means that no Padding bytes are present.

14
Next Header Is 8 bit field , that is used to indicated what type of data is currently in
Payload Data field .

Authentication Data Has the same attributes , like the AD field in AH .

Just the same way the AH is implemented in two modes (Tunnel , Transport ) , ESP
has the same capabilities .

Transport Mode In Transport Mode , ESP is being implemented after and before IP
header or Upper Layer Protocol . In this mode , we can also discuss two versions of
implementation :

Figure 10: IPv4 - ESP in Transport Mode

Figure 11: IPv6 - ESP in Transport Mode

Tunnel Mode ESP , just the same as AH can be employed in hosts or gateways .
ESP is designed to work both with Encryption and Authentication Algorithm’s . The
both are specified by SA , and the ones that are defined as mandatory to use are :
• DES in CBC mode

15
 Figure 12: ESP in Tunnel Mode

• HMAC with MD5

• HMAC with SHA-1

• NULL Authentication algorithm

• NULL Encryption algorithm

3.4 Network Address Translators (NAT)

“Perhaps the most common use of IPSec is in providing virtual private networking (VPN)
capabilities. One very popular use of VPNs is to provide telecommuter access to the cor-
porate Intranet. Today, Network Address Translations (NATs) , are widely deployed in
home gateways, as well as in other locations likely to be used by telecommuters, such as
hotels.” [AD04]

Huge compatibility requirements, or should we say incompatibilities, on relation IPSec-

Nat have created so called barrien in IPSec futher development . So on the subject “Using
NAT with IPSec” we can discuss mainly about incompatibilities and disadvantages of such
use .
Those incompatibilities can be divided in to three basic groups :

1. Intrinsic issues of NAT

There is a lot incompatibilities that fall into this category, such as :

• incompatibilities between AH and NAT

• incompatibilities between IKE address identifiers and NAT
• between overlapping SPD entries and NAT
• between IPSec SPI and NAT, and etc

2. NAT implementation weaknesses

implementation weaknesses and problems are also many , like e.g.:

16
 • not being able to handle UDP/TCP traffic
• mapping timeouts
• not able to handle incoming/outgoing fragments

3. Helper issues
Helper functionalities in case of IPSec-NAT include :

• Internet Security Association and Key Management Protocol (ISAKMP)

• treatment of port 500
• ISAKMP Payload inspection

Trying to overcome those incompatibilities, the solution to IPSec-NAT would be “to

expand the range of usable IPSec functionality beyond that available in the NAT-compatible
IPSec tunnel mode solution” [AD04]

There are couple of allready existing solutions to this problem , solutions like RSIP ,
so called 6to 4 , in Tunnel Mode solutions like : IPSec ESP , No Address Validation , No
Fragmentation , Active Sessions, Single Client Operation , Any to Any SPD entries .

There are also many security considerations in that IPSec-Nat compatibility require-
ment . Many problems are created from basic principles of IPSec , which should be able to
process IP headers that are not encrypted or protected by any cryptography algorithm’s.
This means that IPSec-Nat usage is not able to process AH , AH cannot pass through
IPSec-NAT, so in this case ESP should be use , but ESP with no encryption.The flaud in
this system is , that ESP with zero encryption does not provide the same security as AH
does.

4 IPSec Virtual Private Networks

Virtual Private Network (VPN) is a technology that communicates between public and
private network. VPN allows private communications by business and individuals, such as
remote access to a corporate network or using Internet. A VPN can also be a specially
configured network over the public network infrastructure that is used by one organization.
VPN connections can encrypt all transmitted data to prevent malicious programs, and
people, from accessing your personal information, or communications. We can create it
using software, hardware, or combination of both that creates a secure link between peers
over a public network. This is done through packet tunneling, firewalls, authentication and
encryption.
VPN packages use packet tunneling to create a private network like the AltaVista Tun-
nel, the Point-to-Point Tunneling Protocol (PPTP), the Layer 2 Forwarding Protocol, and

17
 Figure 13: VPN Gateway

IPSec’s tunnel mode. Other standards that many VPN devices apply are X.509 certifi-
cates, the Lightweight Directory Access Protocol (LDAP), and RADIUS for authentication.

A firewall protects your network from unwanted visitors and allows only VPN users.
Most VPN Packages do not implement firewalls directly, but they are an Integral part of
a VPN. Packet filtration firewall is the most common firewall, which blocks specified IP
Services from crossing the gateway router.

Authentication techniques ensure that the correct user or host is accessing the network,
which is essential to VPNs. Authentication is analogous to ”logging in” to a system with a
username and password. The shared key system, the Challenge Handshake Authentication
Protocol (CHAP) and RSA are the most common authentication systems used for VPN.

Encryption technology is supported in all VPNs, which is considered as essential as

authentication. There are two popular encryption techniques used in VPNs: secret (or
private) key encryption and public key encryption. In secret key encryption, there is a
shared secret password known to all parties for accessing the encrypted information. The
data encryption standard (DES) is an example of this method. Public key encryption
technique works with the combination of a public key and a private key. Every user has
own private key and the public key is known to all users. Pretty Good Privacy (PGP)
program and RSA system are used for public key encryption.

4.1 IPSec in VPN Protocols

A VPN can be created by IPSec-enabled routers protecting traffic between protected sub-
nets. Configurations such as the roaming road warrior are an example of the combination
of host-based and router-based IPSec solutions together. The design goal of IPSec is a top-
level component-oriented structure, rather than specific detailing encryption algorithms or
key-exchange methodologies. Like every other security protocols IPSec is still undergoing

18
change, much of the basic framework has been good enough for companies to finalize, test
and distribute their VPN products.

There are two encryption modes that are supported by IPSec: transport mode and
tunnel mode. The transport mode is used for the protection of the payload portion of each
packet, while the tunnel mode is applied for the encryption of both the header and payload.
Obviously the tunnel mode provides more security, as it protects the identity of both of
the sender and receiver, not only that it hides also certain other IP fields that may give
a middleman useful information. Thus transport mode is perfectly suited for providing
end-to-end security, whereas tunnel mode is perfectly suited for providing protection to
transient traffic.

For working with IPSec properly, it is recommended that all devices must share a com-
mon key. Even though the protocols used to cipher the important data of the system are
used, the engineers have done also great work for the authentication and exchange of keys
by the sender and the receiver. For this purpose public digital certificates have been used
to create and swap keys which are achieved through the IKE protocol and the X.509 digital
certificate system.

IPSec-protected datagrams are themselves IP datagrams. For this reason IPSec can
be used serially and recursively, allowing for hub-and-spoke deployments, or end-to-end
IPSec-secured packets being tunneled through an IPSec-protected VPN.

4.2 IPSec Security Issues

There are some issues which should be taken into account in order to secure VPN. In order
to build a tunnel between two networks using IPSec, each having a firewall, both gateways
should have similar security policies. Two networks having different architectures can make
one network being less secure than the other. As a result the whole system could be in
danger and could lead to a sophisticated masquerading.

If IPSec is used with a Bastion host or screening host, the performance of the network
could be badly affected. Bastion has some failure for protecting the traffic which leads
this host to a substandard method for network security. It has also many limitations for
using the algorithms like random number generation, key exchange and strong payload
encryption. Further, Bastion host uses general-purpose microprocessor to handle these
algorithms in software, while specialized hardware is used for the same task as suitable
solutions placed in an organizations gateway.
There are many other network security systems that provide security in higher-level com-
munications. Point-to-point tunneling protocol (PPTP) is one of them. These solutions are
still much focused and complex, and requires depth knowledge to configure and maintain
them. IPSec is more flexible and powerful which makes it the standards-based replacements
for PPTP.

19
4.3 Building and Implementation of IPSec into VPN
IPSec can be applied in IP processing by adding an extra step. A packet may or may
not require IPSec. If IPSec is not required the packet is forwarded to the next step in IP
processing. If IPSec is required the packet is encapsulated and then sent back through IP
processing where it is decided if another IPSec encapsulation may be required or not. This
simple method is used for describing various deployment scenarios.

A simple policy language is used for describing the policy that applied for the implemen-
tation of each configuration scenario. IPSec is implemented probably by using a different
grammar to specify configuration, like solely graphical or solely command-line based or a
mix of two. No matter how a particular device is configured, the information that needs
to be configured should remain same.

A policy must be defined by identifying which traffic is to protect, with whom it should
be protected, how it should be protected, and lastly how an authenticated connection with
our remote peer is build up. To make our policy pseudo language simple but powerful, we
will use:

• three types of ciphers: AES, 3DES, and CAST

• two hash algorithms: HMAC-SHA and HMAC-MD5

• two Diffie-Hellman groups: the 1024bit and 1536bit MODP groups

• two methods of authentication with IKE: pre-shared keys and RSA signatures

• no PFS used in Phase 2 IKE

• IKE’s Main Mode for Phase 1

For example, IPSec protect policy is represented as:

• protect selector via peer using IPSec-suite establish ike-suite

which indicates what traffic to protect, to whom, how to protect it, and how to speak IKE.

IPSec permits or denys policy is represented as:

• permit selector

• deny selector

which specifies the traffic to permit or deny.

Now we shall define the configuration options themselves. What to protect consists of
a selector which identifies a flow:

20
selector: address ¡– –¿ address [ ULP [port]]

The peer is identified by an IP address or fully qualified user name:

peer: address user-fqdn

How the traffic is protected is defined as a ”suite” for IPSec:

IPSec-suite: protocol authenticator [cipher] mode

How IKE is spoken is defined as a ”suite” for IKE:

Ike-suite: cipher hash group auth-method

Each component of these constructs can then be defined as:

• Address: A.B.C.D or a CIDR-style network specification

• User-fqdn: email-style name (name@company.com)

• Protocol: AH, ESP

• ULP (Upper Layer Protocol): TCP UDP

• Port: a port number for an upper-layer protocol

• Authenticator: HMAC-SHA, HMAC-MD5

• Cipher: 3DES, AES, CAST

• Mode: tunnel, transport

• Hash: SHA, MD5

• Group: modp-1024, modp-1536

• Auth-method: pre-shared, rsa-sig

Now let’s view a couple of examples of how to use this language:

protect 192.168.0.0/16 ←→ 10.10.1.0/24
via 172.16.20.1
using ESP HMAC-SHA CAST tunnel
establish AES SHA modp-1536 pre-shared

This describes a policy to protect all traffic between the 192.168.0.0/16 network and
the 10.10.1.0/24 network using ESP with HMAC-SHA and CAST in tunnel mode with a
peer gateway at gateway 172.16.20.1, and to speak IKE with AES, SHA, pre-shared keys
and the Diffie-Hellman group with the 1536 bit prime modulus.

21
 Policy to allow traffic from 128.220.230.1 to 10.20.0.35 and deny everything else would
be:
permit 128.220.230.1 ←→10.20.0.35
deny 0.0.0.0 ←→ 0.0.0.0

5 Disadvantages of IP Security
The reliance on public keys security is major minus for IPSec security , especially in the
case when users do not pay attention to the management of them. IPSec can also over-
whelm the traffic , for exp in case of using VPN concentrators .

When it comes to VPN’s there are several disadvantages of IPSec usage :

• Trying to encrypt small packages can overwhelm network traffic , and create bottle-
neck

• Complexity has its role even in VPN usage

• Key exchange can also present itself as a problem . Exp DES Algorithm is subjective
to brute force attacks

• Security of IPSec gateways is also a major issue

• Problem of limeted communication , in this case the only communication which is

machine-machine based . That means no user-application communication

I above mentioned complexity can lead to a major flauds in system . Exp usage of
IPSec-NAT , can be also described as one disadvantage of IPSec . Because of its large
compatibility requirements and incompatibilities, can be considered as minus in IP security
. The greatest minus in IPSec-NAT usage lies in usage of other encryption methods .
There is also a problem when using Firewall with IPSec , which is in most of cases pointless
( one defeats the other ) , except in the case when the Firewall is used along side the IPSec
like decryption .

22
References
[AD04] B. Aboba and W. Dixon. IPsec-Network Address Translation (NAT) Compatibil-
ity Requirements. Available online at ftp://ftp.rfc-editor.org/in-notes/
rfc3715.txt, March 2004.
[Aie] Dan Aiello. A criticism of IPv6. Available online at http://tech.hellyeah.
com/display_doc.phtml?id=28.
[Atk95a] R. Atkinson. IP Authentication Header. Available online at http://rfc.net/
rfc1826.html, August 1995.
[Atk95b] R. Atkinson. IP Encapsulating Security Payload (ESP). Available online at
http://rfc.net/rfc1827.html, August 1995.
[Bro06] Stuard Brown. Ip Assignment, Per Capita. Available online at http://
www.modernlifeisrubbish.co.uk/article/ips-assigned-per-capita, July
2006.
[DH98] S. Deering and R. Hinden. Internet Protocol, Version 6 Specification. Available
online at http://tools.ietf.org/html/rfc2460, December 1998.
[DH03] Naganand Doraswamy and Dan Harkins. IPSec: The New Security Standard for
the Internet, Intranets, and Virtual Private Networks, Second Edition . Prentice
Hall PTR, 2003.
[Inc05] Javvin Technologies Inc. Network Protocols Handbook, 2005.
[IPs] IPsec for dummies. Available online at http://people.freebsd.org/~julian/
IPSEC_4_Dummies.html.
[JPA04] D. Johnson, C. Perkins, and J. Arkko. Mobility Support in IPv6. Available
online at http://tools.ietf.org/html/rfc3775, June 2004.
[KA98a] S. Kent and R. Atkinson. IP Authentication Header. Available online at http:
//rfc.net/rfc2402.html, November 1998.
[KA98b] S. Kent and R. Atkinson. IP Encapsulating Security Payload (ESP). Available
online at http://rfc.net/rfc2406.html, November 1998.
[Koz05] Charles M. Kozierok. IPsec modes: transport and tunnel. Available online at
http://www.tcpipguide.com/free/t_IPSecModesTransportandTunnel.htm,
September 2005.
[Mic05a] Microsoft. IPsec Transport Mode. Available online at
http://technet2.microsoft.com/windowsserver/en/library/
c3a956bf-704b-4980-9655-762985e380f61033.mspx?mfr=true, January
2005.

23
[Mic05b] Microsoft. IPsec Tunnel Mode. Available online at
http://technet2.microsoft.com/windowsserver/en/library/
12eb6a6f-25cb-4af4-a659-59d9ff8de3361033.mspx?mfr=true, January
2005.

[Sri99] P. Srisuresh. Security Model with Tunnel-mode IPsec for NAT Domains. Avail-
able online at http://rfc.net/rfc2709.html, Oktober 1999.

[Sta] Williams Stallings. IP Security. Available online at http://www.cisco.

com/web/about/ac123/ac147/ac174/ac197/about_cisco_ipj_archive_
article09186a00800c830b.html.

[SWE99] Charlie Scott, Paul Wolfe, and Mike Erwin. Virtual Private Networks, Second
Edition. O’Reilly, 1999.

[Wik08a] Wikipedia. China Next Generation Internet. Available online at http://en.

wikipedia.org/wiki/China_Next_Generation_Internet, January, 8th 2008.

[Wik08b] Wikipedia. IPsec. Available online at http://de.wikipedia.org/wiki/IPsec,

January, 7th 2008.

[Wik08c] Wikipedia. IPSec. Available online at http://en.wikipedia.org/wiki/IPsec,

January, 4th 2008.

[Wik08d] Wikipedia. IPv4. Available online at http://de.wikipedia.org/wiki/IPv4,

January, 10th 2008.

[Wik08e] Wikipedia. IPv4. Available online at http://en.wikipedia.org/wiki/IPv4,

January, 2nd 2008.

[Wik08f] Wikipedia. IPv6. Available online at http://de.wikipedia.org/wiki/IPv6,

January, 15th 2008.

[Wik08g] Wikipedia. IPv6. Available online at http://en.wikipedia.org/wiki/IPv6,

January, 11th 2008.

24