Introduction to VPNs, PKI, and PGP

Chia sẻ: Huy Hoang | Ngày: | Loại File: PDF | Số trang:43

0
165
lượt xem
62
download

Introduction to VPNs, PKI, and PGP

Mô tả tài liệu
  Download Vui lòng tải xuống để xem tài liệu đầy đủ

Hello, in this module we continue our discussion of encryption and we look at some practical applications of it. We start off by looking at VPN’s or virtual private networks and see how you can use them to create secure communications using public networks such as the Internet. We than briefly look at the problem of key management and finish our discussion with a look at PGP or Pretty Good Privacy, which is an application that allows you to encrypt files and send encrypted email.

Chủ đề:
Lưu

Nội dung Text: Introduction to VPNs, PKI, and PGP

  1. Introduction to VPNs, PKI, and PGP Security Essentials The SANS Institute Encryption and Exploits - SANS ©2001 1 Hello, in this module we continue our discussion of encryption and we look at some practical applications of it. We start off by looking at VPN’s or virtual private networks and see how you can use them to create secure communications using public networks such as the Internet. We than briefly look at the problem of key management and finish our discussion with a look at PGP or Pretty Good Privacy, which is an application that allows you to encrypt files and send encrypted email. 3-1
  2. Foundations of a VPN • VPNs use cryptography to communicate securely in the presence of adversaries – Encryption: Scramble data into something difficult to read without a key. – Decryption: the opposite process of encrypting. – Authentication: How are you sure you’re talking to the right person? VPNs, PKI, and PGP - SANS ©2001 2 To architect and deploy a VPN, we need to understand how to apply these three tools. These concepts are easy to grasp at the conceptual level, but the devil is in the details as they say. Crypto has evolved from an abstract playground for mathematicians to something with widespread public awareness (those little solid, gold keys in the browser have people asking the darndest questions). Likewise, authentication is a discipline in its own right. We’ll be discussing authentication systems and client-side web certificates. 3-2
  3. What is a VPN? • Dedicated leased lines are expensive • Most locations have low-cost connectivity to the Internet • Why not use the Internet as the communication media and use encryption for security • So, a VPN is a secure communication path that utilizes public networks VPNs, PKI, and PGP - SANS ©2001 3 In its most basic sense, VPN’s, or virtual private networks, are a secure communication path that utilizes public networks. Having dedicated leased lines between locations provides for secure communications but can get very expensive. With most leased lines, you pay by the distance. So the greater the distance between two locations, the more expensive the line. But most sites have fairly inexpensive connections to the Internet, so why not use those connections in order to communicate? The main problem is security. Public networks, such as the Internet, have no security built-in. However, if we encrypt the data that is sent over the lines, we now have the security we need with the costs that we like, thus a VPN. 3-3
  4. Why Use a VPN? • Flexibility – A VPN “tunnel” over the Internet can be set up rapidly. A frame circuit can take weeks. – A good VPN will also support Quality of Service (QOS). • Cost – There are documented cases of a VPN paying for itself in weeks or months. – There are also cases where the hidden costs sunk the project! VPNs, PKI, and PGP - SANS ©2001 4 One of the biggest benefits of VPN technology is their flexibility. Need a secure channel between two hosts for only a day? Maybe just for an hour every business day? A VPN may fit the bill. Once you have the components, setting up a VPN is a software change. This makes the technology far more flexible than legacy frame and dedicated circuits which must be wired and possibly require additional hardware. This flexibility lends itself to creating new business solutions. For example its not cost-effective to wire a T1 for every employee who works from home. Its very practical however to load up software on their laptop and let them connect to the home office via a VPN over the Internet. In looking for VPNs, ask about quality of service (QOS). Leased and dial-up lines offer both bandwidth and latency guarantees, while dedicated connection technologies, like ATM and Frame Relay, have extensive mechanisms for similar guarantees. As IP-based VPNs become more widely deployed, there will be market demand for similar guarantees, in order to ensure end-to-end application transparency. Cost is another potential benefit. With a frame or dedicated circuit, you typically pay a flat monthly fee so even if the circuit goes unused, its costing you money. Also, crossing state and government boundaries with a dedicated circuit only increases their cost. With a VPN, you pay for a local connection to the Internet with no “distance” charges. Given these benefits, its not surprising that Taylor and Hecht report that VPN technology is expected to expand 300-1000% by 2003 (Taylor and Hecht). 3-4
  5. What VPN systems are Made of • Routers, Firewalls • LDAP Server • Servers, clients • Key Management Schemes • Public Key Infrastructure • Load balance, QOS, failover, redundancy • X.509 Digital • Encryption Certificates VPNs, PKI, and PGP - SANS ©2001 5 The fundamental components of VPN’s can usually be built on existing equipment. Most routers and firewalls have capabilities for providing VPN capabilities, or dedicated boxes can also be purchased. The thing to remember is in order to properly create a VPN, it requires several other components such as a PKI or public key infrastructure, X.509 certificates, key management schemes, etc. One of the biggest problems that companies face is they try to setup a VPN without proper planning. VPN’s can be straightforward to configure and setup but only if you do your homework and plan properly. 3-5
  6. Security Issue • If you are encrypting tunneled data coming into your network, you lose a number of checks and balances. – What ELSE is connected to the VPN client that is connected to YOU? 192.68.0.0 IP address = 192.67.1.1 IP address = 10.0.1.1 10.0.0.0 ? Security Security Gateway B Public IP Gateway A 192.68.0.10 10.0.0.10 Network VPNs, PKI, and PGP - SANS ©2001 6 VPN’s are good but remember that they are encrypting the data so that no one else can read it. Depending on where your VPN device is, one of the devices that might not be able to read the encrypted data is your firewall. A firewall cannot really do its job if it allows encrypted data through. Or to put it another way,allows un-trusted data into your network. Since the firewall cannot read the data, it cannot provide proper filtering. 3-6
  7. IPSec Review • IETF standard enables encrypted communication between users and devices – Implemented transparently into the network infrastructure – Scales from small to very large networks • Open standard enables multivendor interoperability • Most VPN devices and clients are IPSec compliant VPNs, PKI, and PGP - SANS ©2001 7 Now I’m going to spend some time discussing some of the aspects you should understand about IPSec technology as part of your security solution. IPSec is a Layer 3 method for providing tunnels. It is an IETF standard, enabling encrypted communication between users and devices as illustrated here. The goal is enabling a lot of different types of devices to understand one another. One of the first applications of IPSec is Remote Access VPNs. IPSec is transparent to the network infrastructure, and is scalable from very small applications to very large networks. As an open standard, IPSec is available to everyone, so vendors can ensure interoperability. As of now, there are different levels of implementation available among the different vendors, but ideally the same technology needs to be available to everyone to assure future interoperability in multivendor networks, including the Internet. At Cisco, IPSec functionality is available in Cisco IOS software releases 11.3T and later. Initially, Cisco targeted gateway devices for IPSec, including routers and access servers. 3-7
  8. IPSec Components • IPSec (RFC 2401)—framework for security protocols to provide: –Data integrity –Data authentication –Data confidentiality –Encryption protocols • Internet Key Exchange (RFC 2406)—provides: –Security association management –Key management VPNs, PKI, and PGP - SANS ©2001 8 At the IETF, IPSec includes security protocols that provide: •Data integrity monitoring •Data, user, and device authentication capabilities •Data confidentiality, including encryption protocols There are also Internet Key Exchange (IKE) capabilities that provide security association management and key management. (The RFC numbers are listed here for you to look up on the IETF web site if you like.) 3-8
  9. IPSec Overview • Headers • Key Exchange Policy – Authentication Header Management • Integrity, Authentication – IKE – Encapsulating Security • Negotiates security Payload parameters • Confidentiality, Integrity and Authentication – Diffie-Hellman • Negotiates digital • Modes certificates – Transport – ISAKMP/Oakley • IP Payload Only • Generates shares secret – Tunnel keys • Entire datagram • Encryption – DES, 3DES VPNs, PKI, and PGP - SANS ©2001 9 The following is a breakdown of the different areas of IPSec: Headers Authentication Header Integrity and Authentication Encapsulating Security Payload Confidentiality, Integrity, and Authentication Modes Transport IP payload only Tunnel Entire datagram Encryption DES, 3DES Key Exchange Policy Management IKE Negotiates security parameters Diffie-Hellman Negotiates digital certificates ISAKMP/Oakley Generates/shares secret keys 3-9
  10. IPSec Overview: Headers Encapsulated Security Payload All Data-encrypted Router IP HDR AH Data Router Authentication Header • Two types: Encapsulated Security Payload (ESP) and Authentication Header (AH) – Data integrity-no modification of data in transit – Origin authentication-identifies where data originated – AH does not provide confidentiality; industry moving toward ESP, which does VPNs, PKI, and PGP - SANS ©2001 10 IPSec takes an IP packet and adds two headers to it. First, it provides an authentication header, which provides knowledge that a packet originated from a trusted source. It also guarantees that if a packet is changed, you know it. This is not encryption. It just ensures that information is not intercepted, nor has its content changed. The second header is the encapsulated security payload. This does the same thing as the authentication header and also allows you to encrypt the payload. 3 - 10
  11. IPSec Modes—Security Associations • Two types of SA Tunnel Mode IP HDR DATA • Tunnel mode: applied to an IP tunnel New IP HDR IPSec HDR IP HDR DATA –Outer IP header specifies IPSec processing destination Encrypted –Inner IP header specifies ultimate packet destination Transport Mode • Transport mode: between two hosts IP HDR DATA –Header after IP header, before TCP/UDP header IP HDR IPSec HDR DATA Encrypted VPNs, PKI, and PGP - SANS ©2001 11 When you are encrypting information, there are two basic modes you can use. The first and most commonly used is the Tunnel Mode. This is applied to an IP tunnel between gateway devices. It can also be used on remote clients talking to gateways. In Tunnel Mode, the original packet is encrypted. Then the IPSec header is added (as we just talked about), along with a second IP header that corresponds to the gateway you want to talk to. The flow here goes like this: information goes to the first gateway, which encodes the payload, puts a new header on, and sends it to the second gateway. The second gateway strips the new header, decrypts the payload, checks the packet for integrity, and forwards it to the destination. Transport Mode happens between two hosts. As diagrammed here, the packet header is removed, the payload is encrypted, an IPSec header is added, the first header is reattached, and the packet is forwarded. 3 - 11
  12. Encryption: DES and 3DES • Widely adopted standard • Encrypts plain text, which becomes “cyphertext” • Triple DES – The 56 bit DES algorithm run 3 times – 112-bit triple DES includes 2 keys – 168- bit triple DES includes 3 keys • Accomplished on VPN client, server, router, or firewall VPNs, PKI, and PGP - SANS ©2001 12 IPSec provides a framework for plugging in and using many different encryption algorithms. The most common are Data Encryption Standard, or DES, and Triple DES. DES is lighter than Triple DES. Triple DES does multiple passes over the packets. This can be applied at IPSec termination points on the VPN client, a server, router, or firewall. DES is a symmetric encryption algorithm. I use a key on the front-end to encrypt the data, and the same key on the back-end to decipher it to get the original data. IPSec lets you re-key the DES key. The end points renegotiate the DES key they wish to use. So if you want to, you can make a different key periodically and stump any hackers. As a quick disclaimer, there are export limitations on encryption technology depending upon which technology it is and where you want to send it. 3 - 12
  13. Internet Key Exchange (IKE) • Authenticates peers –Pre-shared keys –Public key cryptography –Digital signatures IKE IPSec 1st Next • Negotiates policy to protect communication • Key exchange –Diffie-Hellman VPNs, PKI, and PGP - SANS ©2001 13 Ifyou have two end points, the first thing they need to do is agree upon who they are. The second thing they do is figure out a series of algorithms for authentication and encryption so they can talk to each other. After that, they start bulk encryption and start passing data back and forth. This process is called the IKE, or Internet Key Exchange negotiation. Once the initial handshake is agreed upon, the endpoints set up a security association that defines the parameters they will use for bulk data transfer. That’s the next step, the IPSec step. Part of the initial IKE negotiation commonly uses a Diffie-Hellman algorithm. This is the way the end points agree on the encryption key they will use for the bulk data transfer. 3 - 13
  14. Digital Certificate The Authenticity of the Subject Name: Certificate Is Credential Ties “Internet, Organization, Guaranteed by the a Name Jane Doe” Digital Signature or Identity to a Generated Using the Public Key Public key: CA’s Private Key Usage- Serial #: 29483756 Specific Other Data: Attributes 10236283025273 Private Credential Expires: 11/30/99 Expiration Signed: CA’s Signature • Binds the subject’s identity with a public key –Signed by a “trusted” certifying authority • Identity proved by ability to sign using associated private key VPNs, PKI, and PGP - SANS ©2001 14 Digital certificates are analogous to passports or driver’s licenses. It is a unique certificate for a given user or device. It contains the kinds of information listed here, including a public key, usage- specific attributes such as a serial number or unique qualifier, an expiration date, and the subject name. A “public key” is stored with the certificate. 3 - 14
  15. Other Non-IPSec VPNs • Layer 2 Forwarding (L2F) • Layer 2 Tunneling Protocol (L2TP), combines PPTP and L2F • PPP Extensible Authentication Protocol (authentication only, RFC 2284) • SOCKS protocol VPNs, PKI, and PGP - SANS ©2001 15 The following are some other non-IPSec VPN solutions: Layer 2 Forwarding (L2F) Layer 2 Tunneling Protocol (L2TP), combines PPTP and L2F PPP Extensible Authentication Protocol (authentication only, see RFC 2284) SOCKS protocol 3 - 15
  16. VPN Web Resources –The URLs in your notes pages provide a number of valuable resources for researching VPNs VPNs, PKI, and PGP - SANS ©2001 16 The following are various VPN resources that can provide additional information on VPN’s: http://kubarb.phsx.ukans.edu/~tbird/vpn.html http://www.usenix.org/publications/login/1999-12/features/harmful.html (requires USENIX membership) http://www.optonline.com/plweb-cgi/fastweb?getdoc+view1+all002+1093+0++cryptography http://www.ietf.org/html.charters/ipsec-charter.html http://www.openssh.com/ http://www.uni-erlangen.de/docs/RRZE/dezentral/unix/linux/HOWTOS/mini/VPN-4.html http://www.xs4all.nl/~freeswan/ http://www.antd.nist.gov/itg/cerberus/ http://www.antd.nist.gov/itg/plutoplus/ http://www.timestep.com/downloads/ipsec.pdf http://www.timestep.com/HTML/Crypto.htm http://www.phoneboy.com/fw1: http://www.enteract.com/~lspitz/pubs.html 3 - 16
  17. PKI (In a Nutshell) • PKI, the glue that binds ecommerce – SSL is a simple, particle example • Boils down to resolving trust – Who is really on *both* ends of the pipe? • Enables remote access – VPN connectivity, email, extranets, etc. VPNs, PKI, and PGP - SANS ©2001 17 With VPN’s, there is a big problem with key management. PKI or public key infrastructure is the glue that binds all of the pieces of e-commerce together. It all comes down to trust and PKI provides the inter-trust relationship needed for people to communicate. 3 - 17
  18. What is PKI? • A management structure for public keys – Ok, we both have private/public keys. Now what? – There is more than meets the eye • public and private encryption keys • digital certificates • certificate authorities • digital signatures • key-management protocols VPNs, PKI, and PGP - SANS ©2001 18 PKI is a management structure for public keys. We have all of these public and private keys but how do we manage and track them? When it comes to PKI, the following are some of the key concerns: •public and private encryption keys •digital certificates •certificate authorities •digital signatures •key-management protocols 3 - 18
  19. PKI Issues • There are a few problems – Competing standards, or standards still in flux – Certification of certificate authorities • Important issue but easy to overlook – Cross certification between “CA’s” – Do-it-yourself or outsource? – User education and/or perception VPNs, PKI, and PGP - SANS ©2001 19 PKI can get very complex very quickly because the following are some of the key problems that need to be solved: Competing standards, or standards still in flux Certification of certificate authorities Important issue but easy to overlook Cross certification between “CA’s” Do-it-yourself or outsource? User education and/or perception 3 - 19
  20. Things to Know • Most PKI is based upon X.509 – X.509v3 standard targeted CA interoperability – Movement is still slow • Planning and deployment are critical to success or failure • Large scale management isn’t necessarily a walk in the park VPNs, PKI, and PGP - SANS ©2001 20 To sum up our brief discussion of PKI, most PKI is based upon X.509. X.509v3 standard targeted CA interoperability, but movement towards a universal standard is slow. When is comes to PKI, it can be very complicated and may not move too fast. Planning and deployment are critical to success or failure. Large scale management isn’t necessarily a walk in the park. Now, lets take a look at PGP. 3 - 20
Đồng bộ tài khoản