andreas steffen, 29.06.2015, siemens-1.pptx 1 strongswan workshop for siemens block 1 overview /...
TRANSCRIPT
![Page 1: Andreas Steffen, 29.06.2015, Siemens-1.pptx 1 strongSwan Workshop for Siemens Block 1 Overview / IPsec Basics Prof. Dr. Andreas Steffen andreas.steffen@strongswan.org](https://reader033.vdocuments.us/reader033/viewer/2022061420/56649dad5503460f94a9c8dd/html5/thumbnails/1.jpg)
Andreas Steffen, 29.06.2015, Siemens-1.pptx 1
strongSwan Workshop for Siemens
Block 1Overview / IPsec Basics
Prof. Dr. Andreas Steffen
![Page 2: Andreas Steffen, 29.06.2015, Siemens-1.pptx 1 strongSwan Workshop for Siemens Block 1 Overview / IPsec Basics Prof. Dr. Andreas Steffen andreas.steffen@strongswan.org](https://reader033.vdocuments.us/reader033/viewer/2022061420/56649dad5503460f94a9c8dd/html5/thumbnails/2.jpg)
Andreas Steffen, 29.06.2015, Siemens-1.pptx 2
Where the heck is Rapperswil?
![Page 3: Andreas Steffen, 29.06.2015, Siemens-1.pptx 1 strongSwan Workshop for Siemens Block 1 Overview / IPsec Basics Prof. Dr. Andreas Steffen andreas.steffen@strongswan.org](https://reader033.vdocuments.us/reader033/viewer/2022061420/56649dad5503460f94a9c8dd/html5/thumbnails/3.jpg)
Andreas Steffen, 29.06.2015, Siemens-1.pptx 3
HSR - Hochschule für Technik Rapperswil
• University of Applied Sciences with about 1500 students
• Faculty of Information Technology (300-400 students)• Bachelor Course (3 years), Master Course (+1.5 years)
![Page 4: Andreas Steffen, 29.06.2015, Siemens-1.pptx 1 strongSwan Workshop for Siemens Block 1 Overview / IPsec Basics Prof. Dr. Andreas Steffen andreas.steffen@strongswan.org](https://reader033.vdocuments.us/reader033/viewer/2022061420/56649dad5503460f94a9c8dd/html5/thumbnails/4.jpg)
Andreas Steffen, 29.06.2015, Siemens-1.pptx 4
strongSwan Workshop for Siemens
What is strongSwan?
![Page 5: Andreas Steffen, 29.06.2015, Siemens-1.pptx 1 strongSwan Workshop for Siemens Block 1 Overview / IPsec Basics Prof. Dr. Andreas Steffen andreas.steffen@strongswan.org](https://reader033.vdocuments.us/reader033/viewer/2022061420/56649dad5503460f94a9c8dd/html5/thumbnails/5.jpg)
Andreas Steffen, 29.06.2015, Siemens-1.pptx 5
The strongSwan Open Source VPN Project
Super FreeS/WANSuper FreeS/WAN
2003 X.509 2.x PatchX.509 2.x Patch
FreeS/WAN 2.xFreeS/WAN 2.x
1999 FreeS/WAN 1.xFreeS/WAN 1.x
X.509 1.x PatchX.509 1.x Patch2000
Openswan 1.xOpenswan 1.x
2004
2004
strongSwan 2.xstrongSwan 2.xOpenswan 2.xOpenswan 2.x
2005
ITA IKEv2 ProjectITA IKEv2 Project
…
strongSwan 5.xstrongSwan 5.x
strongSwan 4.xstrongSwan 4.x
2012
Monolithic IKE Daemon
IKEv1 & partial IKEv2
IKEv2 RFC 4306
New architecture,same config.
IKEv1 & IKEv2
S/WAN = Secure WAN
![Page 6: Andreas Steffen, 29.06.2015, Siemens-1.pptx 1 strongSwan Workshop for Siemens Block 1 Overview / IPsec Basics Prof. Dr. Andreas Steffen andreas.steffen@strongswan.org](https://reader033.vdocuments.us/reader033/viewer/2022061420/56649dad5503460f94a9c8dd/html5/thumbnails/6.jpg)
Andreas Steffen, 29.06.2015, Siemens-1.pptx 6
strongSwan – the OpenSource VPN Solution
CorporateNetwork
LinuxFreeRadius Server
Windows Active
Directory Server
Internet
High-AvailabilitystrongSwan
VPN Gateway
Windows 7/8Agile VPN
Client
strongSwan
Linux Client
![Page 7: Andreas Steffen, 29.06.2015, Siemens-1.pptx 1 strongSwan Workshop for Siemens Block 1 Overview / IPsec Basics Prof. Dr. Andreas Steffen andreas.steffen@strongswan.org](https://reader033.vdocuments.us/reader033/viewer/2022061420/56649dad5503460f94a9c8dd/html5/thumbnails/7.jpg)
Andreas Steffen, 29.06.2015, Siemens-1.pptx 7
Supported Operating Systems and Platforms
• Supported Operating Systems• Linux 2.6.x, 3.x, 4.x (optional integration into
NetworkManager)• Android 4.x/5.x App (using libipsec userland ESP encryption)• OS X App (using libipsec userland ESP encryption)• OS X (IPsec via PFKEYv2 kernel interface)• FreeBSD (IPsec via PFKEYv2 kernel interface)• Windows 7/8 (native Windows IPsec stack, MinGW-W64
build)
• Supported Hardware Platforms (GNU autotools)• Intel i686/x86_64, AMD64• ARM, MIPS• PowerPC
• Supported Network Stacks• IPv4, IPv6• IPv6-in-IPv4 ESP tunnels• IPv4-in-IPv6 ESP tunnels
![Page 8: Andreas Steffen, 29.06.2015, Siemens-1.pptx 1 strongSwan Workshop for Siemens Block 1 Overview / IPsec Basics Prof. Dr. Andreas Steffen andreas.steffen@strongswan.org](https://reader033.vdocuments.us/reader033/viewer/2022061420/56649dad5503460f94a9c8dd/html5/thumbnails/8.jpg)
Andreas Steffen, 29.06.2015, Siemens-1.pptx 8
Free Download from Google Play Store
March 24, 2015:12’619 installations
![Page 9: Andreas Steffen, 29.06.2015, Siemens-1.pptx 1 strongSwan Workshop for Siemens Block 1 Overview / IPsec Basics Prof. Dr. Andreas Steffen andreas.steffen@strongswan.org](https://reader033.vdocuments.us/reader033/viewer/2022061420/56649dad5503460f94a9c8dd/html5/thumbnails/9.jpg)
Andreas Steffen, 29.06.2015, Siemens-1.pptx 9
OS X App
http://download.strongswan.org/osx/
![Page 10: Andreas Steffen, 29.06.2015, Siemens-1.pptx 1 strongSwan Workshop for Siemens Block 1 Overview / IPsec Basics Prof. Dr. Andreas Steffen andreas.steffen@strongswan.org](https://reader033.vdocuments.us/reader033/viewer/2022061420/56649dad5503460f94a9c8dd/html5/thumbnails/10.jpg)
Andreas Steffen, 29.06.2015, Siemens-1.pptx 10
IKEv2 Interoperability Workshops
• strongSwan successfully interoperated with IKEv2 products fromAlcatel-Lucent, Certicom, CheckPoint, Cisco, Furukawa, IBM, Ixia,Juniper, Microsoft, Nokia, SafeNet, Secure Computing, SonicWall,and the IPv6 TAHI Project.
Spring 2007 in Orlando, FloridaSpring 2008 in San Antonio, Texas
![Page 11: Andreas Steffen, 29.06.2015, Siemens-1.pptx 1 strongSwan Workshop for Siemens Block 1 Overview / IPsec Basics Prof. Dr. Andreas Steffen andreas.steffen@strongswan.org](https://reader033.vdocuments.us/reader033/viewer/2022061420/56649dad5503460f94a9c8dd/html5/thumbnails/11.jpg)
Andreas Steffen, 29.06.2015, Siemens-1.pptx 11
strongSwan 4.x pluto & charon Daemons
rawsocket
rawsocket
IKEv1 IKEv2
ipsecstarter
ipsecstarter
ipsecwhack
ipsecwhack
ipsecstroke
ipsecstroke
charoncharonplutopluto
LSFLSF
UDP/500socket
UDP/500socket
nativeIPsec
nativeIPsec
NetlinkXFRMsocket
Linux 2.6kernel
ipsec.confipsec.conf
stroke socket
whack socket
2005
![Page 12: Andreas Steffen, 29.06.2015, Siemens-1.pptx 1 strongSwan Workshop for Siemens Block 1 Overview / IPsec Basics Prof. Dr. Andreas Steffen andreas.steffen@strongswan.org](https://reader033.vdocuments.us/reader033/viewer/2022061420/56649dad5503460f94a9c8dd/html5/thumbnails/12.jpg)
Andreas Steffen, 29.06.2015, Siemens-1.pptx 12
strongSwan 5.x charon Daemon
UDP 500/4500socket
UDP 500/4500socket
IKEv1/v2
ipsecstarter
ipsecstarter
ipsecstroke
ipsecstroke
charoncharon
nativeIPsec
nativeIPsec
Netlink XFRMsocket
Linux 2.6 / 3.x
kernel
ipsec.confipsec.conf
stroke socket
libipseclibipsec
UDP 4500socket
UDP 4500socket
Any OS
TUN device
ESPinUDP
2012
![Page 13: Andreas Steffen, 29.06.2015, Siemens-1.pptx 1 strongSwan Workshop for Siemens Block 1 Overview / IPsec Basics Prof. Dr. Andreas Steffen andreas.steffen@strongswan.org](https://reader033.vdocuments.us/reader033/viewer/2022061420/56649dad5503460f94a9c8dd/html5/thumbnails/13.jpg)
Andreas Steffen, 29.06.2015, Siemens-1.pptx 13
strongSwan 5.2 charon Daemon
UDP 500/4500socket
UDP 500/4500socket
swanctlswanctl
charoncharon
nativeIPsec
nativeIPsec
Netlink XFRMsocket
Linux 2.6 / 3.x
kernel
swanctl.confswanctl.conf
libipseclibipsec
UDP 4500socket
UDP 4500socket
Any OS
TUN device
ESPinUDP
2014
vici socket
rubygem
rubygem
vici socket
IKEv1/v2
![Page 14: Andreas Steffen, 29.06.2015, Siemens-1.pptx 1 strongSwan Workshop for Siemens Block 1 Overview / IPsec Basics Prof. Dr. Andreas Steffen andreas.steffen@strongswan.org](https://reader033.vdocuments.us/reader033/viewer/2022061420/56649dad5503460f94a9c8dd/html5/thumbnails/14.jpg)
Andreas Steffen, 29.06.2015, Siemens-1.pptx 14
strongSwan 5.2 charon-systemd Daemon
UDP 500/4500socket
UDP 500/4500socket
swanctlswanctl
charon-systemdcharon-systemd
nativeIPsec
nativeIPsec
Netlink XFRMsocket
Linux 2.6 / 3.x
kernel
swanctl.confswanctl.conf
libipseclibipsec
UDP 4500socket
UDP 4500socket
Any OS
TUN device
ESPinUDP
2014systemdutilities
systemdutilities
vici socket
IKEv1/v2
![Page 15: Andreas Steffen, 29.06.2015, Siemens-1.pptx 1 strongSwan Workshop for Siemens Block 1 Overview / IPsec Basics Prof. Dr. Andreas Steffen andreas.steffen@strongswan.org](https://reader033.vdocuments.us/reader033/viewer/2022061420/56649dad5503460f94a9c8dd/html5/thumbnails/15.jpg)
Andreas Steffen, 29.06.2015, Siemens-1.pptx 15
strongSwan 5.3 charon Daemon
UDP 500/4500socket
UDP 500/4500socket
swanctlswanctl
charoncharon
nativeIPsec
nativeIPsec
Netlink XFRMsocket
Linux 2.6 / 3.x
kernel
swanctl.confswanctl.conf
libipseclibipsec
UDP 4500socket
UDP 4500socket
Any OS
TUN device
ESPinUDP
2015python 2.7/3.xegg
python 2.7/3.xegg
vici socket
vici socket
IKEv1/v2
![Page 16: Andreas Steffen, 29.06.2015, Siemens-1.pptx 1 strongSwan Workshop for Siemens Block 1 Overview / IPsec Basics Prof. Dr. Andreas Steffen andreas.steffen@strongswan.org](https://reader033.vdocuments.us/reader033/viewer/2022061420/56649dad5503460f94a9c8dd/html5/thumbnails/16.jpg)
Andreas Steffen, 29.06.2015, Siemens-1.pptx 16
IKE Daemon – Software Architecture
socketsocket
charon
busbus
backendsbackendscredentialscredentials
receiverreceiver
sendersender
kernel interfacekernel interface
schedulerscheduler
processorprocessor
file loggerfile logger sys loggersys logger
IKE SAManager
IKE SAManager
IKE SA
IKE SA
IKE SA
IKE SA
CHILD SACHILD SA
CHILD SACHILD SA
CHILD SACHILD SA
IPsec stackIPsec stack
16 concurrent worker threads
![Page 17: Andreas Steffen, 29.06.2015, Siemens-1.pptx 1 strongSwan Workshop for Siemens Block 1 Overview / IPsec Basics Prof. Dr. Andreas Steffen andreas.steffen@strongswan.org](https://reader033.vdocuments.us/reader033/viewer/2022061420/56649dad5503460f94a9c8dd/html5/thumbnails/17.jpg)
Andreas Steffen, 29.06.2015, Siemens-1.pptx 17
Plugins for charon
credentialscredentials
charon
Plugin
Loader
busbus
backendsbackends
eapeap
…
strokestroke
vicivici
sqlsql
eap_md5eap_md5
eap_tlseap_tls
eap_radiuseap_radius
controllercontroller
…
• eap_xAny EAP protocol.
• stroke/vicisocket-based control & configuration interface
• sqlGeneric SQL interfacefor configurations,credentials & logging.
nmnm• nm
DBUS-based pluginfor NetworkManager
![Page 18: Andreas Steffen, 29.06.2015, Siemens-1.pptx 1 strongSwan Workshop for Siemens Block 1 Overview / IPsec Basics Prof. Dr. Andreas Steffen andreas.steffen@strongswan.org](https://reader033.vdocuments.us/reader033/viewer/2022061420/56649dad5503460f94a9c8dd/html5/thumbnails/18.jpg)
Andreas Steffen, 29.06.2015, Siemens-1.pptx 18
Modular Architecture: libcharon plugins I
addrblock eap-gtc eap-ttls medcli
android_dns eap-identity error-notify medsrv
android_log eap-md5 ext-auth osx-attr
attr eap-mschapv2 farp radattr
attr-sql eap-peap forecast resolve
certexpire eap-radius ha smp
connmark eap-sim ipseckey socket-default
coupling eap-sim-file kernel-iph socket-dynamic
dhcp eap-sim-pcsc kernel-libipsec
socket-win
dnscert eap-simaka-pseudonym
kernel-wfp sql
duplicheck eap-simaka-reauth led stroke
eap-aka eap-simaka-sql load-tester systime-fix
eap-aka-3gpp2
eap-tls lookip tnc-ifmap
eap-dynamic eap-tnc maemo tnc-pdp
![Page 19: Andreas Steffen, 29.06.2015, Siemens-1.pptx 1 strongSwan Workshop for Siemens Block 1 Overview / IPsec Basics Prof. Dr. Andreas Steffen andreas.steffen@strongswan.org](https://reader033.vdocuments.us/reader033/viewer/2022061420/56649dad5503460f94a9c8dd/html5/thumbnails/19.jpg)
Andreas Steffen, 29.06.2015, Siemens-1.pptx 19
Modular Architecture: libcharon plugins II
uci
unity
updown
vici
whitelist
xauth-eap
xauth-generic
xauth-noauth
xauth-pam
![Page 20: Andreas Steffen, 29.06.2015, Siemens-1.pptx 1 strongSwan Workshop for Siemens Block 1 Overview / IPsec Basics Prof. Dr. Andreas Steffen andreas.steffen@strongswan.org](https://reader033.vdocuments.us/reader033/viewer/2022061420/56649dad5503460f94a9c8dd/html5/thumbnails/20.jpg)
Andreas Steffen, 29.06.2015, Siemens-1.pptx 20
Modular Architecture: libhydra plugins
kernel-netlink
kernel-pfkey
kernel-pfroute
![Page 21: Andreas Steffen, 29.06.2015, Siemens-1.pptx 1 strongSwan Workshop for Siemens Block 1 Overview / IPsec Basics Prof. Dr. Andreas Steffen andreas.steffen@strongswan.org](https://reader033.vdocuments.us/reader033/viewer/2022061420/56649dad5503460f94a9c8dd/html5/thumbnails/21.jpg)
Andreas Steffen, 29.06.2015, Siemens-1.pptx 21
Plugins for libstrongswan
credentialscredentials
libstrongswan
Plugin
Loader
cryptocrypto
databasedatabase
fetcherfetcher
…
…
…
sha2sha2
randomrandom
x509x509
sqlitesqlite
mysqlmysql
curlcurl
ldapldap
Factories
aesaes
• Certificate retrieval (HASH-and-URL)
• CRL fetching, OCSP
• Non-US crypto code
• No OpenSSL library
• ECCN: No LicenseRequired (NLR)
![Page 22: Andreas Steffen, 29.06.2015, Siemens-1.pptx 1 strongSwan Workshop for Siemens Block 1 Overview / IPsec Basics Prof. Dr. Andreas Steffen andreas.steffen@strongswan.org](https://reader033.vdocuments.us/reader033/viewer/2022061420/56649dad5503460f94a9c8dd/html5/thumbnails/22.jpg)
Andreas Steffen, 29.06.2015, Siemens-1.pptx 22
Modular Architecture: libstrongswan plugins
acert fips-prf pem soup
aes gcm pgp sqlite
aesni gcrypt pkcs1 sshkey
af-alg gmp pkcs7 test-vectors
agent hmac pkcs8 unbound
bliss keychain pkcs11 winhttp
blowfish ldap pkcs12 x509
ccm md4 pubkey xcbc
cmac md5 random
constraints mysql rc2
ctr nonce rdrand
curl ntru revocation
des openssl sha1
dnskey padlock sha2
![Page 23: Andreas Steffen, 29.06.2015, Siemens-1.pptx 1 strongSwan Workshop for Siemens Block 1 Overview / IPsec Basics Prof. Dr. Andreas Steffen andreas.steffen@strongswan.org](https://reader033.vdocuments.us/reader033/viewer/2022061420/56649dad5503460f94a9c8dd/html5/thumbnails/23.jpg)
Andreas Steffen, 29.06.2015, Siemens-1.pptx 23
Modular Architecture: libtnccs plugins
tnc-imc
tnc-imv
tnc-tnccs
tnccs-11
tnccs-20
tnccs-dynamic
![Page 24: Andreas Steffen, 29.06.2015, Siemens-1.pptx 1 strongSwan Workshop for Siemens Block 1 Overview / IPsec Basics Prof. Dr. Andreas Steffen andreas.steffen@strongswan.org](https://reader033.vdocuments.us/reader033/viewer/2022061420/56649dad5503460f94a9c8dd/html5/thumbnails/24.jpg)
Andreas Steffen, 29.06.2015, Siemens-1.pptx 24
Modular Architecture: libimcv plugins
imc-attestation imv-attestation
imc-os imv-os
imc-scanner imv-scanner
imc-swid imv-swid
imc-test imv-test
![Page 25: Andreas Steffen, 29.06.2015, Siemens-1.pptx 1 strongSwan Workshop for Siemens Block 1 Overview / IPsec Basics Prof. Dr. Andreas Steffen andreas.steffen@strongswan.org](https://reader033.vdocuments.us/reader033/viewer/2022061420/56649dad5503460f94a9c8dd/html5/thumbnails/25.jpg)
Andreas Steffen, 29.06.2015, Siemens-1.pptx 25
strongSwan Roadmap
• Release Cycle• Stable minor release (strongSwan x.y.z) every 3 months• Stable major release (strongSwan x.y) every 12-18 months• Release candidate and code freeze about 2 weeks before
release
• Roadmap• Windows 10 port (Q3 2015)• Windows 10 Mobile port (Q4 2015) • iOS port (Q4 2015?)• Post-quantum BLISS standardization (Q3 2015)• Public key retrieval via DNSSEC (DANE) (Q4 2015)• Refactoring of entropy generation (Q4 2015)
![Page 26: Andreas Steffen, 29.06.2015, Siemens-1.pptx 1 strongSwan Workshop for Siemens Block 1 Overview / IPsec Basics Prof. Dr. Andreas Steffen andreas.steffen@strongswan.org](https://reader033.vdocuments.us/reader033/viewer/2022061420/56649dad5503460f94a9c8dd/html5/thumbnails/26.jpg)
Andreas Steffen, 29.06.2015, Siemens-1.pptx 26
KVM VPN Testbed
![Page 27: Andreas Steffen, 29.06.2015, Siemens-1.pptx 1 strongSwan Workshop for Siemens Block 1 Overview / IPsec Basics Prof. Dr. Andreas Steffen andreas.steffen@strongswan.org](https://reader033.vdocuments.us/reader033/viewer/2022061420/56649dad5503460f94a9c8dd/html5/thumbnails/27.jpg)
Andreas Steffen, 29.06.2015, Siemens-1.pptx 27
strongSwan Workshop for Siemens
IPsec Transport Modeusing AH or ESP
![Page 28: Andreas Steffen, 29.06.2015, Siemens-1.pptx 1 strongSwan Workshop for Siemens Block 1 Overview / IPsec Basics Prof. Dr. Andreas Steffen andreas.steffen@strongswan.org](https://reader033.vdocuments.us/reader033/viewer/2022061420/56649dad5503460f94a9c8dd/html5/thumbnails/28.jpg)
Andreas Steffen, 29.06.2015, Siemens-1.pptx 28
Internet
IPsec – Transport Mode
2001:1620:f00::1 2001:620:130:a036::121
IP connectionsecure
• Secure Host to host connection• IP datagrams must be authenticated• IP datagrams should be encrypted and authenticated
![Page 29: Andreas Steffen, 29.06.2015, Siemens-1.pptx 1 strongSwan Workshop for Siemens Block 1 Overview / IPsec Basics Prof. Dr. Andreas Steffen andreas.steffen@strongswan.org](https://reader033.vdocuments.us/reader033/viewer/2022061420/56649dad5503460f94a9c8dd/html5/thumbnails/29.jpg)
Andreas Steffen, 29.06.2015, Siemens-1.pptx 29
IPsec – Transport ModeIP Authentication Header (AH)
• IP protocol number for AH: 51• Mutable fields: Type of Service (TOS), Fragment Offset,
Flags, Time to Live (TTL), IP header checksum
OriginalIP Header
OriginalIP Header
TCPHeader
TCPHeader DataDataIPv4
Before applying AH
AH: RFC 4302
After applying AH
IPv4
authenticatedexcept for mutable fields
OriginalIP Header
OriginalIP Header
AHHeader
AHHeader
TCPHeader
TCPHeader DataData
![Page 30: Andreas Steffen, 29.06.2015, Siemens-1.pptx 1 strongSwan Workshop for Siemens Block 1 Overview / IPsec Basics Prof. Dr. Andreas Steffen andreas.steffen@strongswan.org](https://reader033.vdocuments.us/reader033/viewer/2022061420/56649dad5503460f94a9c8dd/html5/thumbnails/30.jpg)
Andreas Steffen, 29.06.2015, Siemens-1.pptx 30
IPsec – Transport ModeIP Encapsulating Security Payload (ESP)
• IP protocol number for ESP: 50• ESP authentication is optional• With ESP authentication the IP header is not protected.
OriginalIP Header
OriginalIP Header
TCPHeader
TCPHeader DataDataIPv4
Before applying ESP
ESP: RFC 4303
OriginalIP Header
OriginalIP Header
ESPHeader
ESPHeader
IPv4
After applying ESP
encryptedauthenticate
d
TCPHeader
TCPHeader DataData ESP
Trailer
ESPTrailer
ESPAuth
ESPAuth
![Page 31: Andreas Steffen, 29.06.2015, Siemens-1.pptx 1 strongSwan Workshop for Siemens Block 1 Overview / IPsec Basics Prof. Dr. Andreas Steffen andreas.steffen@strongswan.org](https://reader033.vdocuments.us/reader033/viewer/2022061420/56649dad5503460f94a9c8dd/html5/thumbnails/31.jpg)
Andreas Steffen, 29.06.2015, Siemens-1.pptx 31
strongSwan Workshop for Siemens
IPsec Tunnel Modeusing ESP
![Page 32: Andreas Steffen, 29.06.2015, Siemens-1.pptx 1 strongSwan Workshop for Siemens Block 1 Overview / IPsec Basics Prof. Dr. Andreas Steffen andreas.steffen@strongswan.org](https://reader033.vdocuments.us/reader033/viewer/2022061420/56649dad5503460f94a9c8dd/html5/thumbnails/32.jpg)
Andreas Steffen, 29.06.2015, Siemens-1.pptx 32
Internet
IPsec – Tunnel ModeVirtual Private Network (VPN)
10.1.0.2
10.1.0.3
10.1.0.1
Subnet10.1.0.0/16
10.2.0.2
10.2.0.3
10.2.0.1
Subnet10.2.0.0/16
194.230.203.86
160.85.180.0
SecurityGateway
SecurityGateway
secure IP tunnel
![Page 33: Andreas Steffen, 29.06.2015, Siemens-1.pptx 1 strongSwan Workshop for Siemens Block 1 Overview / IPsec Basics Prof. Dr. Andreas Steffen andreas.steffen@strongswan.org](https://reader033.vdocuments.us/reader033/viewer/2022061420/56649dad5503460f94a9c8dd/html5/thumbnails/33.jpg)
Andreas Steffen, 29.06.2015, Siemens-1.pptx 33
IPsec Tunnel Mode using ESP
OriginalIP Header
OriginalIP Header
TCPHeader
TCPHeader DataDataIPv4
Before applying ESP
• IP protocol number for ESP: 50• ESP authentication is optional but often used in place of
AH• Original IP Header is encrypted and therefore hidden
OuterIP Header
OuterIP Header
ESPHeader
ESPHeader
IPv4
After applying ESP
encryptedauthenticate
d
OriginalIP Header
OriginalIP Header
TCPHeader
TCPHeader DataData ESP
Trailer
ESPTrailer
ESPAuth
ESPAuth
Encapsulating SecurityPayload (ESP): RFC 4303
![Page 34: Andreas Steffen, 29.06.2015, Siemens-1.pptx 1 strongSwan Workshop for Siemens Block 1 Overview / IPsec Basics Prof. Dr. Andreas Steffen andreas.steffen@strongswan.org](https://reader033.vdocuments.us/reader033/viewer/2022061420/56649dad5503460f94a9c8dd/html5/thumbnails/34.jpg)
Andreas Steffen, 29.06.2015, Siemens-1.pptx 34
ESP Header (Header / Payload / Trailer)
encrypted
authenticated
After applying ESP
Security Parameters Index (SPI)
Anti-Replay Sequence Number
Payload Data (variable, including IV)
Padding (0-255 bytes)
Authentication Data (variable)
0 1 2 3 4 bytes
Next HeaderPad Length
![Page 35: Andreas Steffen, 29.06.2015, Siemens-1.pptx 1 strongSwan Workshop for Siemens Block 1 Overview / IPsec Basics Prof. Dr. Andreas Steffen andreas.steffen@strongswan.org](https://reader033.vdocuments.us/reader033/viewer/2022061420/56649dad5503460f94a9c8dd/html5/thumbnails/35.jpg)
Andreas Steffen, 29.06.2015, Siemens-1.pptx 35
IPsec Tunnel Mode CBC Packet Overhead
Outer IP Header
AES_XCBC_96
HMAC_SHA1_96
SPI / Seq. Number
3DES_CBC IV
AES_CBC IV
3DES_CBC max Pad
AES_CBC max Pad
Pad Len / Next Header
HMAC_SHA2_256_128
HMAC_SHA2_384_192
HMAC_SHA2_512_256
20
8
8
16
7
15
12
2
12
16
24
32
12
12
16
24
32
12
12
16
24
32
20 20 20 20 20 20 20 20 20 20
8 8 8 8 8 8 8 8 8 8
8 8 8 8 8
16 16 16 16 16
7 7 7 7 7
15 15 15 15 15
2 2 2 2 2 2 2 2 2 2
50 50 54Best Case Overhead 62 70 58 58 62 70 78
BytesWorst Case Overhead 57 57 61 69 77 73 73 77 85 93
![Page 36: Andreas Steffen, 29.06.2015, Siemens-1.pptx 1 strongSwan Workshop for Siemens Block 1 Overview / IPsec Basics Prof. Dr. Andreas Steffen andreas.steffen@strongswan.org](https://reader033.vdocuments.us/reader033/viewer/2022061420/56649dad5503460f94a9c8dd/html5/thumbnails/36.jpg)
Andreas Steffen, 29.06.2015, Siemens-1.pptx 36
Authenticated Encryption with Associated Data (AEAD)
• AEAD is based on specialblock cipher modes:
• Block size: 128 bits• Key size: 128/256 bits• Tag size : 128/96/64 bits• Nonce size: 96 bits
32 bits 64 bits 32 bits
• Recommended AEAD Modes: AES-Galois/Counter ModeAES-GMAC (auth. only)
• Alternative AEAD Modes:AES-CCMCAMELLIA-GCMCAMELLIA-CCM
Salt IV Counter
Salt IV 0 Salt IV 1 Salt IV 2
Key K Key K
Hash Subkey H
0………………..0
Key K
Hash Subkey Derivation
![Page 37: Andreas Steffen, 29.06.2015, Siemens-1.pptx 1 strongSwan Workshop for Siemens Block 1 Overview / IPsec Basics Prof. Dr. Andreas Steffen andreas.steffen@strongswan.org](https://reader033.vdocuments.us/reader033/viewer/2022061420/56649dad5503460f94a9c8dd/html5/thumbnails/37.jpg)
Andreas Steffen, 29.06.2015, Siemens-1.pptx 37
IPsec Tunnel Mode AEAD Packet Overhead
Outer IP Header
AES_GCM_96 Tag
AES_GCM_64 Tag
Security Parameter IndexAES_GCM IV
AES_CNT max Pad
Pad Len / Next Header
20
8
8
3
8
2
12
8
12
20 20 20
8 8 8
8 8 8
2 2 2
46 50 54Best Case Overhead
Bytes
Worst Case Overhead 49 53 57
3 3 3
AES_GCM_128 Tag 16 16
Additional Authenticated Data:
Sequence Number
0 1 2 3
Security Parameter Index
ExtendedSequence Number
0 1 2 3
SPI / Seq. Number
or
![Page 38: Andreas Steffen, 29.06.2015, Siemens-1.pptx 1 strongSwan Workshop for Siemens Block 1 Overview / IPsec Basics Prof. Dr. Andreas Steffen andreas.steffen@strongswan.org](https://reader033.vdocuments.us/reader033/viewer/2022061420/56649dad5503460f94a9c8dd/html5/thumbnails/38.jpg)
Andreas Steffen, 29.06.2015, Siemens-1.pptx 38
strongSwan Workshop for Siemens
Layer 3 VPN vs Layer 4 VPN
![Page 39: Andreas Steffen, 29.06.2015, Siemens-1.pptx 1 strongSwan Workshop for Siemens Block 1 Overview / IPsec Basics Prof. Dr. Andreas Steffen andreas.steffen@strongswan.org](https://reader033.vdocuments.us/reader033/viewer/2022061420/56649dad5503460f94a9c8dd/html5/thumbnails/39.jpg)
Andreas Steffen, 29.06.2015, Siemens-1.pptx 39
Layer 3 Tunnel based on IPSec
IPIP PayloadPayload
Private Network
InternetIP
ISPVPN Client VPN Gateway
PSTN
IPsec TunnelIPIP ESPESP IPIP PayloadPayload
PPPPPP
PSTN
IPIP ESPESP IPIP PayloadPayload
![Page 40: Andreas Steffen, 29.06.2015, Siemens-1.pptx 1 strongSwan Workshop for Siemens Block 1 Overview / IPsec Basics Prof. Dr. Andreas Steffen andreas.steffen@strongswan.org](https://reader033.vdocuments.us/reader033/viewer/2022061420/56649dad5503460f94a9c8dd/html5/thumbnails/40.jpg)
Andreas Steffen, 29.06.2015, Siemens-1.pptx 40
IPIP PayloadPayload
Private Network
InternetIP
ISPTLS Client
TLS Proxy Server
PSTN
PPPPPP IPIP
PSTN
TCP*TCP* TLSTLS IPIP PayloadPayload
SSL/TLSTunnelIPIP TCP*TCP* TLSTLS IPIP PayloadPayload
Layer 4 Tunnel based on SSL/TLS
*OpenVPN uses TLS over UDP
![Page 41: Andreas Steffen, 29.06.2015, Siemens-1.pptx 1 strongSwan Workshop for Siemens Block 1 Overview / IPsec Basics Prof. Dr. Andreas Steffen andreas.steffen@strongswan.org](https://reader033.vdocuments.us/reader033/viewer/2022061420/56649dad5503460f94a9c8dd/html5/thumbnails/41.jpg)
Andreas Steffen, 29.06.2015, Siemens-1.pptx 41
• Layer 3 – IPSecIPsec is an Internet standard ESP and AH don’t have ports and thus cannot traverse NAT
routersBut with ESP-in-UDP encapsulation NAT-Traversal becomes
simpleFirst generation IPsec with IKEv1 was complex and difficult to
set upSecond generation IPsec with IKEv2 is fast, simple and robustHigh throughput because encryption is handled by kernel
• Layer 4 – TLS (OpenVPN)Although available on many platforms, OpenVPN is not a
standardEasy to handle NAT situations since single TCP or UDP socket is
usedFast, simple and robust connection setupLower throughput (factor 2..3) because encryption is done in
userland
Layer 3 versus Layer 4 VPN