Get documents about "IPSEC-IT
Document Sample
IT 포럼 코리아 2001
IPSEC 표준화 동향
이계상
정보통신공학과
동의대학교
http://www.dongeui.ac.kr/~ksl
1
목차
• 50차 IETF Minneapolis 회의 주요 내용
– IPSEC WG
– IPSP WG
– IPSRA WG
• Mobile IPv6 Security issue
2
IP Security 관련 IETF WGs
• IPSEC WG
– 1993년 발족
– IP security protocols and algorithms 표준화
• IPSP WG
– 2000.3월, 1st WG meeting
– Policy issue
• IPSRA WG
– 2000.3월, 1st WG meeting
– Remote access issue
• 50차 IETF 회의 (미국 미니애폴리스)
– 2001.3.18 - 23
3
IPSEC WG
4
IPsec MIB 문서
• 다음 세 문서를 곧 WG last call 함
– Draft-ietf-ipsec-isakmp-di-mon-mib-03.txt
– Draft-ietf-ipsec-ike-monitor-mib-02.txt
– Draft-ietf-ipsec-monitor-mib-04.txt
5
Announcement
• Next IPsec Bakeoff (Workshop)
– Espoo, Finland (near Helsinki)
– 2001.8.13 – 19 (런던 IETF 회의 바로 다음주)
6
IPV6 and IPsec - ICMPv6 이슈
• ICMPv6 messages
– Destination Unreachable
– Packet Too Big
– Time Exceeded
– Parameter Problem
– Echo Request/ Reply
– Redirect
– Router Solicit/ Advert
– Neighbor Solicit/ Advert
– Router Renumbering
7
ICMPv6 Problem 예
• 호스트 A가 호스트 B와 보안 통신 희망
– 모든 트래픽 보안
• IKE message UDP ICMPv6 msg (neighbor
solicit for ARP) IKE ???
• IKE를 통한 자동 SA 사용 못함
A B
8
ICMPv6와 IKE
• ICMPv6 message와 IKE 사용 관계
– Destination Unreachable may (Use of IKE?)
– Packet Too Big may
– Time Exceeded may
– Parameter Problem may
– Echo Request/ Reply may
– Redirect should not
– Router Solicit/ Advert must not
– Neighbor Solicit/ Advert must not
– Router Renumbering may
9
Solution
• ICMPv6 메시지 보호용으로, 수동 IPsec
SA를 사용하는 제안 논의
• 수동 설정에 따른 오버헤드 감소 방법도
같이 제안
• 문서
– draft-arkko-icmpv6-ike-effects-00.txt
– draft-arkko-manual-icmpv6-sas-00.txt
• More discussion on the list
10
Secure MPLS
• MPLS: Sub-IP Area, mpls WG
• 두 문서
– Draft-tsenevir-smpls-doi-00.txt
– Draft-tsenevir-smpls-01.txt
• SMPLS-AH
• SMPLS-ESP
• Ok to run IKE over RSVP ?
• Requirements ?
11
IPsec and NAT
• 두 문서
– IPsec NAT-Traversal
draft-stenberg-ipsec-nat-traversal-02.txt
– IPsec ESP Encapsulation in UDP for NAT
Traversal
draft-huttunen-ipsec-esp-in-udp-01.txt
• 위 두 문서를 결합하여 논의함
– 곧 새로운 문서 post 예정
12
Son of IKE
• To fix bugs, not to add any features
• Need to be implementation preserving
• A proposal is to combine the three
documents into a new draft
– Unnessarily long, duplicate, …
• More discussion
13
IPSP WG
14
Past Meetings
• BOF
– 1999.3
• 1st WG meeting
– 47th IETF, Adelaide, Australia, 2000.3
• 2nd WG meeting
– 48th IETF, Pittsburgh, USA, 2000.8
• 3rd WG meeting
– 49th IETF, San Diego, USA, 2000.12
• 4th WG meeting
– 50th IETF, Minneapolis, USA, 2001.3
15
Drafts
• No RFC
• 5 WG drafts
– A Roadmap for IPsec Policy Management
– IPSP Requirements
– IPsec Configuration Policy Model
– IPsec Policy Configuration MIB
– IPSec Policy Information Base
16
주요 논의 문서
• Policy Management Roadmap
• Requirement draft
– Draft-ietf-ipsp-requirement-00.txt
– No change, no comments since last meeting
• Configuration policy model
– Draft-ietf-config-policy-model-02.txt
– Policy Framework WG의 PCIM extension draft와
부합 여부 보고
• 이들 세 문서를 곧 last call 예정
17
주요 논의 문서 (계속)
• IPsec configuration MIB
– Draft-ipsp-ipsec-config-mib-00.txt
• IPsec policy information Base (PIB)
– Draft-ipsp-ipsecpib-02.txt
• Next Step
– PF_Policy draft, SG discovery protocol 설계,
Security policy specification language
18
IPSRA WG
19
Past Meetings
• 1st BOF
• 2nd BOF
– Washington, 1999.11
• 1st WG meeting
– 47th IETF, Adelaide, Australia, 2000.3
• 2nd WG meeting
– 48th IETF, Pittsburgh, USA, 2000.8
• 3rd WG meeting
– San Diego, 2000.12
• 4th WG meeting
– 50th IETF, Minneapolis, USA, 2001.3
20
Drafts
• No RFC
• 4 WG drafts
– Requirements draft
– DHCP Configuration draft
– Two Authentication drafts
21
주요 문서 현황
• Requirement draft
– Currently 03 version
– No comment since last meeting
• L2TP ext WG에 comment 요청
– To informational RFC
• DHCP 09 draft
– IETF last call (for proposed standard RFC)
22
Remote User Authentication
• Two proposals
– Pre-IKE Credential Provisioning Protocol
• PIC draft : draft-ietf-ipsra-pic-01.txt
– Client Certificate and Key Retrieval for IKE
• getcert draft : draft-ietf-ipsra-getcert-00.txt
• Recent Straw Poll
– 6:7
– 참여 수가 너무 적어 결정 못 내림
– 메일링 리스트에서 계속 논의 (new straw poll)
23
PIC draft
• One of approaches of integrating legacy
authentication mechanisms into IKE
• Switched from XAuth to EAP for legacy
authentication
– EAP (Extensible Authentication Protocol, RFC
2284)
• EAP tunneled within ISAKMP
• No modification to IKE
24
PIC Architecture
Legacy
Authentication
Authentication
Server (AS)
Server (LAS)
Client/User
Optional
Link
Security
Gateway
(SGW)
25
PIC Protocol
• Three main stages in PIC protocol (Btw Client and AS)
– establish one-way trust relationship. A secure channel
from the client to the AS is created (Server
authenticated)
– Legacy authentication is performed over this channel.
Use EAP tunneled within ISKMP (User authenticated)
– The AS sends the client a (typically short-term)
credential which can be used in subsequent IKE
exchanges
• The credential can be thought as
– a certificate,
– a private key generated or stored by the AS and
accompanied by a corresponding certificate, or
– symmetric secret key 26
PIC Protocol Exchanges
HDR, SA, KE, Ni
서버인증
HDR, SA, KE, Nr, IDir, [ CERT,]
SIG_R, HASH, <EAP> [, <EAP>…]
HDR*, HASH, EAP, [EAP …]
[CREDENTIAL-REQUEST]
사용자인증
HDR*, HASH, EAP, [EAP …]
[CREDENTIAL]
SIG-R is derived from HASH-R
HASH-R = prf(SKEYID_a, g^xr | g^xi |CKY-R | CKY-I | Sar_b | IDir_b)
27
Getcert draft
• The architecture is similar to PIC’s
– integrate legacy authentication into IKE
– use the separated AS
• The differences is in the details:
– use TLS and HTTP
• However, recently changed to EAP
28
Mobile IPv6 Security Issue
29
Mobile IPv6 Operation
Mobile
Node
R
R Internet
Home
Agent R
Correspondent
Node
30
Binding messages
Mobile
Node
R
R Internet
Home
Agent R
Correspondent
Node
31
Triangle Routing
Mobile
Node
R
R Internet
Home
Agent R
Correspondent
Node
32
Route Optimization
Mobile
Node
R
R Internet
Home
Agent R
Correspondent
Node
33
Route Optimization (cont.)
Mobile
Node
R
R Internet
Home
Agent R
Correspondent
Node
34
Authentication of Binding msg
• IPsec을 이용하려 했으나
– AH, ESP
• Mobile 환경에서는 IPsec 프로토콜을 적용하기
어려운 것으로 밝혀짐
– IPsec policy는 트래픽 스트림의 모든 패킷에 적용
– IKE의 public key 기반 및 heavy processing
• 새로운 Authentication 프로토콜 대안 적시 개발
필요
– 이동 통신 사업자의 All-IP 망 구축
35
Purpose-Built Key (PBK)
• Operation
Correspondent node
Mobile node
i) Create a public/ private key pair (PBK)
ii) Endpoint ID = hash (public part of PBK)
iii) Send EID
Initial Packet (EID)
iv) Node moves
~~~
v) Send pubic key
Pubic key
vi) Send binding message signed by private key
Binding message along with EID
36
Purpose-Built Key (cont.)
• Pros and Cons
– Lighter-weight method of authorizing binding messages
• Jeff Schiller (Security Area Co-chair), Scott Brader, Allison
Mankin (Transport Area Co-chair)
– However, less security than IPsec
• Man-in-the-middle attack 가능
– Not user authentication, but machine authentication
• IPv6 proponents fear that mobile WG adopt PBK
approach
37
