Eric Conrad, ... Joshua Feldman, in
Eleventh Hour CISSP® (Third Edition), 2017 AH and ESP may be used separately or in combination. An IPsec Security Association (SA) is a simplex (one-way)
connection that may be used to negotiate ESP or AH parameters. If two systems communicate via ESP, they use two SAs, one for each direction. If the systems leverage AH in addition to ESP, they use two more SAs for a total of four. A unique 32-bit number called the security parameter index (SPI) identifies each simplex SA connection. The internet security association and key management protocol (ISAKMP) manages the SA creation process. Read full chapter URL: https://www.sciencedirect.com/science/article/pii/B9780128112489000036 Virtual Private Networks and Remote AccessEric Knipp, ... Edgar DanielyanTechnical Editor, in Managing Cisco Network Security (Second Edition), 2002 Authentication HeaderThe AH is an important IPSec security protocol that provides packet authentication and anti-replay services. AH is defined in RFC 2402 and uses IP Protocol 51. AH can be deployed in either transport or tunnel mode. Transport mode is generally used when the client host initiates the IPSec communication. It provides protection for upper-layer protocols, in addition to selected IP header fields. In transport mode, the AH is inserted after the IP header and before an upper-layer protocol (such as TCP, UDP, and ICMP), or before any other previously inserted IPSec headers. In Figure 8.10 and Figure 8.11, the mutable fields referred to are fields like time-to-live, which cannot be included in authentication calculations because they change as the packet travels. Figure 8.10. AH in Transport Mode Figure 8.11. AH in Tunnel Mode Read full chapter URL: https://www.sciencedirect.com/science/article/pii/B978193183656250012X Defining a VPNIn Firewall Policies and VPN Configurations, 2006 Authentication HeaderThe AH, which is defined as IP protocol 51, ensures: ■Data integrity Calculates a hash of the entire IP packet, including the original IP header (but not variable fields such as the TTL), data payload, and the authentication header (excluding the field that will contain the calculated hash value).This hash, an integrity check value (ICV), can be either Message Authentication Code (MAC) or a digital signature. MAC hashes are more common than digital signatures. Hashing algorithms include MD5 and SHA-1. Both are known as keyed hashes, meaning that they use an extra value to calculate the hash, which is known only to the participating parties. When the packet is received, its content, excluding some fields, is hashed by the receiver and the result is compared with the ICV. If they are the same, the packet is declared authentic. Data origin authentication AH provides source IP authentication. Since the source IP is included in the data used to calculate the hash, its integrity is guaranteed. ■Replay protection AH also includes an IPSec sequence number, which provides protection against replay attacks because this number is also included in authenticated data and can be checked by the receiving party. AH provides no confidentiality because no encryption is used. NotePure AH is always broken by NAT. For example, when an authenticated packet goes through an address-translation device, the IP address in its header changes and the Message Authentication Code (MAC) hash calculated by the receiver on a new packet will be incorrect, so the packet will be rejected. It is not possible for a translating gateway to recalculate the new MAC hash and insert it into the packet, because only the endpoints of a transmission know the hashing keys. This was a common problem with IPSec—trying to use AH when NAT is occurring somewhere in the path. It will simply not work. Read full chapter URL: https://www.sciencedirect.com/science/article/pii/B9781597490887500074 Security component fundamentals for assessmentLeighton Johnson, in Security Controls Evaluation, Testing, and Assessment Handbook (Second Edition), 2020 IPsec FundamentalsAuthentication header (AH)AH, one of the IPSec security protocols, provides integrity protection for packet headers and data, as well as user authentication. It can optionally provide replay protection and access protection. AH cannot encrypt any portion of packets. AH modesAH has two modes: transport and tunnel. In tunnel mode, AH creates a new IP header for each packet; in transport mode, AH does not create a new IP header. In IPSec architectures that use a gateway, the true source or destination IP address for packets must be altered to be the gateway's IP address. Because transport mode cannot alter the original IP header or create a new IP header, transport mode is generally used in host-to-host architectures. Encapsulating security payload (ESP)ESP is the second core IPSec security protocol. In the initial version of IPSec, ESP provided only encryption for packet payload data. Integrity protection was provided by the AH protocol if needed. In the second version of IPSec, ESP became more flexible. It can perform authentication to provide integrity protection, although not for the outermost IP header. Also, ESP's encryption can be disabled through the Null ESP Encryption Algorithm. Therefore, in all but the oldest IPSec implementations, ESP can be used to provide only encryption; encryption and integrity protection; or only integrity protection. ESP has two modes: transport and tunnel. In tunnel mode, ESP creates a new IP header for each packet. The new IP header lists the endpoints of the ESP tunnel (such as two IPSec gateways) as the source and destination of the packet. Because of this, tunnel mode can be used with all three VPN architecture models. Internet Key Exchange (IKE)The purpose of the Internet Key Exchange (IKE) protocol is to negotiate, create, and manage security associations. Security association (SA) is a generic term for a set of values that define the IPSec features and protections applied to a connection. SAs can also be manually created, using values agreed upon in advance by both parties, but these SAs cannot be updated; this method does not scale for real-life large-scale VPNs. IKE uses five different types of exchanges to create security associations, transfer status and error information, and define new Diffie–Hellman groups. In IPSec, IKE is used to provide a secure mechanism for establishing IPsec-protected connections. IP Payload Compression Protocol (IPComp)In communications, it is often desirable to perform lossless compression on data—to repackage information in a smaller format without losing any of its meaning. The IP Payload Compression Protocol (IPComp) is often used with IPSec. By applying IPComp to a payload first, then encrypting the packet through ESP, effective compression can be achieved. IPComp can be configured to provide compression for IPSec traffic going in one direction only (e.g., compress packets from endpoint A to endpoint B, but not from endpoint B to endpoint A) or in both directions. Also, IPComp allows administrators to choose from multiple compression algorithms, including DEFLATE and LZS.49 IPComp provides a simple yet flexible solution for compressing IPSec payloads. IPComp can provide lossless compression for IPSec payloads. Because applying compression algorithms to certain types of payloads may actually make them larger, IPComp only compresses the payload if it will actually make the packet smaller. IPSec uses IKE to create security associations, which are sets of values that define the security of IPsec-protected connections. IKE phase 1 creates an IKE SA; IKE phase 2 creates an IPSec SA through a channel protected by the IKE SA. IKE phase 1 has two modes: main mode and aggressive mode. Main mode negotiates the establishment of the bidirectional IKE SA through three pairs of messages, while aggressive mode uses only three messages. Although aggressive mode is faster, it is also less flexible and secure. IKE phase 2 has one mode: quick mode. Quick mode uses three messages to establish a pair of unidirectional IPSec SAs. Quick mode communications are encrypted by the method specified in the IKE SA created by phase 1. Read full chapter URL: https://www.sciencedirect.com/science/article/pii/B9780128184271000112 MCSE 70-293: Planning, Implementing, and Maintaining Internet Protocol SecurityMartin Grasdal, ... Dr.Thomas W. ShinderTechnical Editor, in MCSE (Exam 70-293) Study Guide, 2003 Primary IPSec ProtocolsESP and AH can be used with both tunnel and transport mode. Which you choose depends on whether you wish to have data confidentiality. In the following subsections, we discuss each of these protocols in more depth. EXERCISE 10.01 USING NETWORK MONITOR TO DETERMINE IPSEC PROTOCOLIn this exercise, you will learn how to determine which IPSec protocol is in use by using the Network Monitor. This exercise assumes that the Network Monitor has been installed via Control Panel | Add/Remove Programs. 1.Select Start | Programs | Administrative Tools | Network Monitor. 2.When the Network Monitor opens, begin the capture by either clicking the Capture button and selecting Start or by pressing the F10 key. 3.Allow the capture to run for a few minutes. To stop it, either click the Capture button and then the Stop and View button, or press the F11 key. 4.To view the IPSec protocol traffic on the captured packets, choose the Display and then select the Captured Data option. 5.Choose Display | Filter Data. Then choose Edit Expression option and select the Protocol tab. 6.All protocols are enabled by default. You can chose to Disable All and then reenable the AH and ESP traffic. Enabled traffic will appear in the left pane, and disabled traffic will appear in the right pane. 7.Click OK after the IPSec protocols have been enabled. 8.Select the OK option again, and the frames should be displayed in the Network Monitor window. Notice that when you open a packet that is IPSec-secured, you are unable to read the data inside. ESPESP provides confidentiality (in addition to authentication, integrity, and anti-replay protection) for the IP payload. ESP in transport mode does not sign the entire packet. Only the IP payload (not the IP header) is protected. ESP can be used alone or in combination with AH (in order to provide for signing of the entire packet).
|