You are on page 1of 18

Improving IPsec

Deployment for IPv6


Merike Kaeo
merike@doubleshotsecurity.com
SME - NAv6TF
Agenda

• Current IPsec Implementation and


Deployment Problems
• IPv6 Architectures using IPsec
• IPsec Concerns in IPv6 Environments
• Wish list for IPv6 IPsec implementations

ICSA - February 5, 2007


Non-Vendor Specific
Deployment Issues
• Historical perception
– Configuration nightmare
– Not interoperable
• Performance perception
– Need empirical data
• Drafts in IETF for IPsec benchmarking
– Where is the performance hit real?
• Standards need cohesion

ICSA - February 5, 2007


Vendor Specific
Deployment Issues
• Lack of interoperable defaults
– A default does NOT mandate a specific
security policy
– Defaults can be modified by end users
• Configuration complexity
– Too many knobs
– Vendor-specific terminology

ICSA - February 5, 2007


Example of Defaults

Vendor A Vendor B Vendor C


IKE Phase 1 IKE Phase 1 IKE Phase 1
-SHA1 -MD5 -SHA1
-RSA-SIG -Pre-Share Key -Pre-Share Key
-Group 1 -Group 5 -Group 2
-Lifetime 86400 Sec -Lifetime 86400 Sec -Lifetime 86400 Sec
-Main Mode -Main Mode -Aggressive Mode

IKE Phase 2 IKE Phase 2 IKE Phase 2


-PFS -PFS -PFS
-Group 1 -Group 5 -Group 2

ICSA - February 5, 2007


Terminology Issues

IKE Phase 1 DH Key Length IKE Phase 2


IKE Phase 1 SA
DH Group IKE Phase 2 SA
IKE SA
Modp # IPsec SA
ISAKMP SA
Group # Quick Mode
Main Mode

Configuration complexity increased with


vendor-specific configuration terms

ICSA - February 5, 2007


Imagine ‘SIMPLE’ IPsec
Commands
Sample future configurations (maybe?):

Syslog server <ipv6-address>


authenticate esp-null sha1 pre-share !secret4syslog"

TFTP server <ipv6-address>


authenticate esp-null aes128 pre-share !secret4tftp"

BGP peer 2001:db8:3:66::2 authenticate esp-null aes128


pre-share !secret4AS#XXX"

(default lifetimes, DH groups, PFS, etc


which can be modified if needed)

ICSA - February 5, 2007


Perception (Reality?) Example
IETF draft on backbone infrastructure attacks and
countermeasures:

IPsec and IKE are obviously an option for heavy-weight protection,


but impractical (yet) due to configuration complexity and processing
overhead. Simplifications in configuration, implementation, and
cryptographic hardware offloading might help the situation for the
cases where the use of heavier protection (e.g., possibly Internet
Exchange points) could be warranted.

ICSA - February 5, 2007


Sample IPv6 Architecture
Tunnel Broker

IPv6
IPv4 Dual Stack IPv4/IPv6
Backbone

Tunnel Endpoint
for IPv4 NOC
IPv6

NetFlow,
SNMP
Syslog, TFTP,
AAA, DNS,
SMTP NOC

ICSA - February 5, 2007


IPsec in IPv6 Architectures
• Addressing
– Stateless autoconfiguration should be used with
security services
• IPsec is an option
– If apriori trust relationship in place with preconfigured
credentials
– Limited environments
• Transition mechanisms
– IPsec protection for tunneling mechanisms
• Mobility
– Protecting binding updates to home agents

ICSA - February 5, 2007


IPv6 Architectures using IPsec

• Protect all traffic using IPsec for data


origin authentication and integrity
• Add confidentiality as dictated by
security policy

Need to dispel myth that using IPsec mandates the


demise of network layer defense mechanisms

ICSA - February 5, 2007


IPsec does NOT Mandate Demise
of Network Layer Defense
Router Router
w/ Firewall w/ Firewall
Corporate
Network

Branch
INTERNET Office
Stateful Firewall
IDS

DATA ORIGIN AUTHENTICATION & INTEGRITY

ICSA - February 5, 2007


End-To-End IPsec With
Confidentiality is Policy Decision
Router Router
w/ Firewall w/ Firewall
Corporate
Network

Branch
INTERNET Office
Stateful Firewall
IDS

AUTHENTICATION & INTEGRITY & CONFIDENTIALITY

* The stateful firewall may still perform deep packet inspection of


traffic that may not be subject to confidentiality services

ICSA - February 5, 2007


Distributed IDS & Firewalls
Personal
Network Firewall & IDS
Firewall
Corporate
INTERNET Network Network IDS

IDS

IDS
Inspect Decrypt IPsec
(Forward IPsec) (Inspect Upper Layers)
Source Address *** Source Address ***
Destination Address Host A Host A
Destination Address
Extension Hdr ***
ESP(IPsec) Source Port

Destination Port 5060 (SIP)


Encrypted
Data
ESP Trailer Encrypted
Data

ICSA - February 5, 2007


Customized IPv6 Deployments IDS
RADIUS

2001:DB8:6665:0100::DE 2001:DB8:6665:AF75::3C
2001:DB8:6665:01C8::BAD
IDS
IDS
DNS

Routers 2001:DB8:6665:AF75::3B

NTP
Server IDS
Syslog

2001:DB8:6665:AF75::3D

Security Policy Database


From To Protocol Dst Port Policy
2001:DB8:6665:0100::DE 2001:DB8:6665:01C8::BAD TCP 23 (Telnet) ESP: SHA1, AES-256

2001:DB8:6665:0100::DE 2001:DB8:6665:AF75::3C UDP 1812/1813 (RADIUS) ESP: SHA1, AES-256

2001:DB8:6665:0100::DE 2001:DB8:6665:AF75::3B TCP / UDP 53 (DNS) ESP: SHA1, AES-128

2001:DB8:6665:0100::DE 2001:DB8:6665:AF75::3D UDP 514 (Syslog) ESP: SHA1, 3DES

2001:DB8:6665:0100::DE 2001:DB8:6665:AF75::/48 TCP / UDP ANY ESP: SHA1

ICSA - February 5, 2007


IPv6 IPsec Concerns
• Are enough people aware that IKEv2 is not
backwards compatible with IKEv1 ?
– IKEv1 is used in most IPv6 IPsec implementations
– Will IKEv2 implementations first try IKEv2 and then
revert to IKEv1?
• Is IPsec implemented for IPv6?
– Some implementations ship IPv6 capable devices
without IPsec capability….this needs to change
• OSPFv3
– All vendors ‘IF’ they implemented IPsec used AH
– Latest standard to describe how to use IPsec says
MUST use ESP w/null encryption and MAY use AH

ICSA - February 5, 2007


IPv6 IPsec Concerns (cont)
• What is transport mode interoperability status?
– Will end user authentication be interoperable?
• PKI Issues
– Which certificates do you trust?
– How does IKEv1 and/or IKEv2 handle proposals with
certificates?
– Should common trusted roots be shipped by default?
– Who is following and implementing “draft-ietf-pki4ipsec-
ikecert-profile-11” ?
• Have mobility scenarios been tested?
– Mobility standards rely heavily on IKEv2

ICSA - February 5, 2007


IPv6 IPsec WishList
• Common Terminology
• Interoperable Defaults
– IKEv1: VPN-B (rfc 4308)
– IKEv2: VPN-B (rfc 4308)
• Interoperability Tests
– Transport and Tunnel Mode
– Mobility Scenarios
• API Standard
• Repeatable performance data

ICSA - February 5, 2007