Explorer

Time Synchronization Security using IPsec and MACsec

download Plainte

Transcription

Time Synchronization Security using IPsec and MACsec 
Time Synchronization Security
using IPsec and MACsec
Appeared in ISPCS 2011
Tal Mizrahi
Israel Networking Seminar
May 2012
Time Synchronization Security
• Time synchronization is used for various applications.
• Securing the time protocol is a must for securing the applications
that use it.
• IEEE 1588 standard: Precision Time Protocol (PTP).
• IEEE 1588 is challenging to secure:
– A large number of nodes involved in the protocol.
– Hop-by-hop data modification.
• IEEE 1588 - Annex K: experimental security appendix.
Time Synchronization Security using IPsec and MACsec
2
Agenda
• Brief overview of IPsec, MACsec, and Annex K.
• The IPsec and MACsec scenarios.
• Attacker types.
• Effectiveness of each attacker in the IPsec and MACsec
scenarios, Annex K.
• Summary and comparison.
• Conclusion.
Time Synchronization Security using IPsec and MACsec
3
IPsec
• A suite of security protocols defined by the IETF (RFC 4301 –
architecture).
• Two main functions:
– Integrity protection using Authentication Header (AH).
– Confidentiality using Encapsulating Security Payload (ESP).
• Both functions support:
– Integrity protection using Integrity Check Value (ICV).
– Replay protection using Sequence Number.
• Both functions support:
– Tunnel mode.
– Transport mode.
Partly
Protected
by ICV
Ethernet Header
IPv4 Header
Next Header Payload Len
Reserved
1B
1B
2B
Security Parameters Index (SPI)
4B
Sequence Number Field
4B
Integrity Check Value – ICV
(variable length)
• IPsec AH encapsulation.
Protected
by ICV
IP Header (tunnel mode)
IP Payload
Ethernet FCS
4B
Time Synchronization Security using IPsec and MACsec
4
MACsec
• IEEE 802.1AE – MAC security protocol.
• IEEE 802.1X – authentication, key exchange.
• Supports both encrypted and non-encrypted mode.
• Integrity protection using Integrity Check Value (ICV).
– L2 header protected by ICV.
MAC DA
MAC SA
MACsec Ethertype
2B
MACsec Header
Encrypted
• MACsec encrypted packet.
Protected
by ICV
• Replay protection using Sequence Number.
6B / 14B
Ethertype
2B
Ethernet Payload
Integrity Check Value – ICV
16B
Ethernet FCS
4B
Time Synchronization Security using IPsec and MACsec
5
IEEE 1588 Annex K
• Experimental annex in IEEE 1588-2008 (v2).
• Provides data integrity using symmetric key scheme.
• Authentication TLV includes:
– Integrity Check Value (ICV).
– Replay protection using replayCounter.
Ethernet Header
IPv4/IPv6 + UDP Headers (optional)
• Annex K authenticated packet.
Protected
by ICV
PTP Header
PTP Payload
Authentication TLV
Ethernet FCS
4B
Time Synchronization Security using IPsec and MACsec
6
PTP Security – the IPsec Scenario
• Can be used when PTP is transported over an IP network.
• Network-to-network configuration.
• IPsec can be used in encrypted (ESP) or authenticated (AH) mode.
• Either dedicated tunnel for time sync, or single tunnel for all traffic.
• Typical example: Femtocells in 3GPP.
Security
GW
Slave
Customer
Network
Security
GW
IPsec Tunnel
Master
Clock
Operator
Network
Public
Network
Time Synchronization Security using IPsec and MACsec
7
PTP Security – the MACsec Scenario
• Can be used in L2 networks.
• Either with/without encryption.
• All data is secured on a hop-by-hop basis.
• Typical example: Audio and Video Bridging (AVB).
L2
Network
Slave
MACsec Tunnel
MACsec Tunnel
Master
Clock
L2 Bridge
Time Synchronization Security using IPsec and MACsec
8
Typical Attackers
• Mary – internal man-in-the-middle (MITM).
• Jeanie – internal injector.
• Emma – external MITM.
• Enya – external injector.
Slave 2
Security
GW
Tu
Security
u re
c
GW
Se
Slave 1
n
Jeanie (2)
l
ne
Security
GW
Secure Tunnel
Emma
Master
Security Clock
GW
Secure Tunnel
Mary (1)
Mary (2)
Enya
Trusted
Network
Jeanie (1)
Trusted
Network
Time Synchronization Security using IPsec and MACsec
9
Enya – WHAT can Enya do?
Slave 2
Security
GW
Secure Tunnel
Emma
GW
Mary (1)
Secure Tunnel
Mary (2)
Jeanie (1)
MACsec
Enya
Trusted
Network
1588
Annex K
Slave 1
Security
GW
Master
Security Clock
IPsec
Security
r
cu
GW
Se
un
eT
Jeanie (2)
l
ne
•
•
•
•
Trusted
Network
• Cryptographic Performance Attack.
• L2/L3 DoS attacks.
Time Synchronization Security using IPsec and MACsec
•
10
Emma – WHAT can Emma do?
Slave 2
Security
GW
Security
GW
Secure Tunnel
Mary (2)
Enya
Trusted
Network
•
•
•
•
Mary (1)
Secure Tunnel
Packet Interception and Removal.
Packet Delay Manipulation.
Cryptographic Performance Attack.
L2/L3 DoS attacks.
Time Synchronization Security using IPsec and MACsec
•
•
•
Jeanie (1)
1588
Annex K
Emma
GW
IPsec
Slave 1
n
Master
Security Clock
MACsec
Tu
Security
u re
c
GW
Se
Jeanie (2)
l
ne
•
•
•
•
•
•
•
•
Trusted
Network
11
Jeanie – WHAT can Jeanie do?
Slave 2
Security
GW
Tu
Security
u re
c
GW
Se
Slave 1
n
Jeanie (2)
l
ne
Security
GW
Secure Tunnel
Emma
Master
Security Clock
Secure Tunnel
GW
Mary (1)
Mary (2)
Enya
Trusted
Network
Spoofing.
•
• Replay.
Replay Attack.
• Rogue Master Attack.
• L2/L3 DoS attacks.
Time Synchronization Security using IPsec and MACsec
Jeanie (1)
Trusted
Network
12
Jeanie (1) – WHERE can Jeanie be found?
Slave 2
Security
GW
IPsec scenario.
Security
GW
c
Se
Jeanie (2)
Master
Security Clock
GW
IPsec Tunnel
Slave 1
• Jeanie 1 is relevant
specifically in the IPsec
scenario.
• Network-to-network scheme.
ur
un
eT
l
ne
Mary (1)
Jeanie (1)
Trusted
Network
Trusted
Network
Slave
2
el
Se
MACsec scenario /
Annex K
Slave 1
r
cu
n
un
T
e
Jeanie (2)
Secure Tunnel
Time Synchronization Security using IPsec and MACsec
Secure Tunnel
Master
Clock
13
Mary – WHAT can Mary do?
Slave 2
Security
GW
Security
GW
Slave 1
c
Se
u re
n
Tu
Jeanie (2)
l
ne
Security
GW
Secure Tunnel
Emma
Secure Tunnel
GW
Mary (1)
Mary (2)
Enya
•
•
•
•
•
•
•
Master
Security Clock
Trusted
Interception Network
and Manipulation.
Packet
Packet Delay Manipulation.
Packet Interception and Removal.
Spoofing.
Replay.
Rogue Master Attack.
L2/L3 DoS attacks.
Time Synchronization Security using IPsec and MACsec
Jeanie (1)
Trusted
Network
14
Mary – WHERE can Mary be found?
Security
GW
IPsec scenario.
• Mary 1 is relevant specifically
in the IPsec scenario.
• Network-to-network scheme.
Slave 2
Security
GW
cu
Se
re
Tu
nn
el
Jeanie (2)
Master
Security Clock
GW
IPsec Tunnel
Slave 1
Trusted
Network
Mary (1)
Jeanie (1)
Trusted
Network
• Mary 2 is relevant specifically
in the MACsec scenario.
• Hop-by-hop scheme.
Slave
2
l
cu
Se
Slave 1
re
Tu
e
nn
Secure Tunnel
MACsec scenario /
Annex K
Time Synchronization Security using IPsec and MACsec
Secure Tunnel
Mary (2)
Master
Clock
15
Analysis Summary
IEEE 1588 Annex
K
Hop-by-hop
IPsec
Scenario
L3
typically public
network
Network-to-network
+
(TCs/BCs)
~
(no TCs/BCs)
+
(TCs/BCs)
L2/L3 DoS Attack Prevention
+
-
-
Internal attackers
“trusted network”
(Jeanie 1, Mary 1)
+
-
+
-
+
-
Threats
Characteristics
MACsec Scenario
L2
typically LAN
Network
Security approach
Accuracy
in
Any
Hop-by-hop
the
Internal MITM attacks in
intermediate nodes (Mary 2)
Security
GW
Security
GW
Slave 1
c
Se
ur
u
eT
e
nn
l
Secure Tunnel
Emma
Jeanie (2)
Security
GW
Security
GW
Secure Tunnel
Master
Clock
Mary (1)
Mary (2)
Enya Security using IPsec and MACsec
Time Synchronization
Jeanie (1)
16
Conclusion
• IPsec and MACsec are used in different topologies and
scenarios.
• Two complementary building blocks for securing time
synchronization.
• Intermediate solutions in the absence of a standard security
solution for PTP.
• Hybrid solutions can be used in certain topologies.
Master
Clock
Cs
MA
Security
GW
Public
Network
ne
l
L2
Network
IPsec Tunnel
Slave
e
un
cT
Hybrid
Security
GW
Time Synchronization Security using IPsec and MACsec
17
Thanks!

Documents pareils

2026 © doczz.fr
À propos de nous | DMCA / GDPR | Abuser de