Why does ESP include a padding field?
|
Encapsulating Security Payload (ESP) provides all encryption services in IPSec based on integrity for the payload and not for the IP header, confidentiality and authentication that using encryption, without authentication is strongly discouraged because it is insecure. Show Any translations in readable message format into an unreadable format are encrypted and used to hide the message content against data tampering. IPSec provides an open framework, such as SHA and MD5 for implementing industry standard algorithms. Encryption/decryption allows only the sender and the authorised receiver to make the data to be received in readable form and only after the integrity verification process is complete, the data payload in the packet is decrypted. IPSec uses a unique identifier for each packet, which is a data equivalent of a fingerprint and checks for packets that are authorised or not. It doesn't sign the entire packet unless it is being tunnelled—ordinarily, for this IP data payload is protected, not the IP header. In Tunnel Mode, where the entire original IP packet is encapsulated with a new packet header added. ESP in transport mode does not provide integrity and authentication for the entire IP packet. ESP FormatThe ESP format is diagrammatically represented as follows −  ExplanationSecurity Parameters Index (32 bits) − Identifies a security association. This field is mandatory. The value of zero is reserved for local, implementation- specific use and MUST NOT be sent on the wire. Sequence Number (32 bits) − A monotonically increasing counter value; this provides an anti-replay function, as discussed for AH. The first packet sent using a given SA will have a Sequence number of 1. Payload Data (variable) − This is a transport-level segment (transport mode) or IP packet (tunnel mode) that is protected by encryption. The type of content that was protected is indicated by the Next Header field. Padding (0-255 bytes) − Padding for encryption, to extend the payload data to a size that fits the encryption's cipher block size, and to align the next field. Pad Length (8 bits) − Indicates the number of pad bytes immediately preceding this field. Next Header (8 bits) − Identifies the type of data contained in the payload data field by identifying the first header in that payload. Authentication Data (variable) − A variable-length field (must be an integral number of 32-bit words) that contains the Integrity. Check Value computed over the ESP packet minus the Authentication Data field. This field is optional and is included only if the authentication service has been selected for the SA in question. Get full access to The IMS: IP Multimedia Concepts And Services, Second Edition and 60K+ other titles, with free 10-day trial of O'Reilly. There's also live online events, interactive content, certification prep materials, and more. Ans: Secure branch office connectivity over the Internet: A company can build a secure virtual private network over the Internet or over a public WAN. This enables a business to rely heavily on the Internet and reduce its need for private networks, saving costs and network management overhead. Secure remote access over the Internet: An end user whose system is equipped with IP security protocols can make a local call to an Internet service provider (ISP) and gain secure access to a company network. This reduces the cost of toll charges for traveling employees and telecommuters. Establishing extranet and intranet connectivity with partners: IPSec can be used to secure communication with other organizations, ensuring authentication and confidentiality and providing a key exchange mechanism. Enhancing electronic commerce security: Even though some Web and electronic commerce applications have built-in security protocols, the use of IPSec enhances that security. 2. What services are provided by IPsec? Ans: Access control; connectionless integrity; data origin authentication; rejection of replayed packets (a form of partial sequence integrity); confidentiality (encryption); and limited traffic flow confidentiality 3. What parameters identify an SA and what parameters characterize the nature of a particular SA? Ans: A security association is uniquely identified by three parameters: Security Parameters Index (SPI): A bit string assigned to this SA and having local significance only. The SPI is carried in AH and ESP headers to enable the receiving system to select the SA under which a received packet will be processed. IP Destination Address: Currently, only unicast addresses are allowed; this is the address of the destination endpoint of the SA, which may be an end user system or a network system such as a firewall or router. Security Protocol Identifier: This indicates whether the association is an AH or ESP security association. A security association is normally defined by the following parameters: Sequence Number Counter: A 32-bit value used to generate the Sequence Number field in AH or ESP headers. Sequence Counter Overflow: A flag indicating whether overflow of the Sequence Number Counter should generate an auditable event and prevent further transmission of packets on this SA (required for all implementations). Anti-Replay Window: Used to determine whether an inbound AH or ESP packet is a replay, (required for all implementations). AH Information: Authentication algorithm, keys, key lifetimes, and related parameters being used with AH (required for AH implementations). ESP Information: Encryption and authentication algorithm, keys, initialization values, key lifetimes, and related parameters being used with ESP (required for ESP implementations). Lifetime of this Security Association: A time interval or byte count after which an SA must be replaced with a new SA (and new SPI) or terminated, plus an indication of which of these actions should occur (required for all implementations). IPSec Protocol Mode: Tunnel, transport, or wildcard (required for all implementations). Path MTU: Any observed path maximum transmission unit (maximum size of a packet that can be transmitted without fragmentation) and aging variables (required for all implementations). 4. What is the difference between transport mode and tunnel mode? Ans: Transport mode provides protection primarily for upper-layer protocols. That is, transport mode protection extends to the payload of an IP packet. Tunnel mode provides protection to the entire IP packet. 5. What is a replay attack? Ans: A replay attack is one in which an attacker obtains a copy of an authenticated packet and later transmits it to the intended destination. The receipt of duplicate, authenticated IP packets may disrupt service in some way or may have some other undesired consequence. 6. Why does ESP include a padding field? Ans: If an encryption algorithm requires the plaintext to be a multiple of some number of bytes (e.g., the multiple of a single block for a block cipher), the Padding field is used to expand the plaintext (consisting of the Payload Data, Padding, Pad Length, and Next Header fields) to the required length. The ESP format requires that the Pad Length and Next Header fields be right aligned within a 32-bit word. Equivalently, the ciphertext must be an integer multiple of 32 bits. The Padding field is used to assure this alignment. Additional padding may be added to provide partial traffic flow confidentiality by concealing the actual length of the payload. 7. What are the basic approaches to bundling SAs? Ans: Transport adjacency: Refers to applying more than one security protocol to the same IP packet, without invoking tunneling. This approach to combining AH and ESP allows for only one level of combination; further nesting yields no added benefit since the processing is performed at one IPSec instance: the (ultimate) destination. Iterated tunneling: Refers to the application of multiple layers of security protocols affected through IP tunneling. This approach allows for multiple levels of nesting, since each tunnel can originate or terminate at a different IPSec site along the path. 8. What are the roles of the Oakley key determination protocol and ISAKMP in IPsec? Ans: ISAKMP by itself does not dictate a specific key exchange algorithm; rather, ISAKMP consists of a set of message types that enable the use of a variety of key exchange algorithms. Oakley is the specific key exchange algorithm mandated for use with the initial version of ISAKMP.Why is there a Padding field in ESP?The Padding field is used when encryption algorithms require it. Padding is also used to make sure that the ESP Trailer ends on a 32-bit boundary. That is, the size of the ESP Header plus Payload plus ESP Trailer must be a multiple of 32 bits. The ESP Authentication Data must also be a multiple of 32 bits.
What is Padding in IPsec?Padding: Extra bits of space are added to the original message in order to ensure confidentiality. Padding length is the size of the added bits of space in the original message. Next Header: Next header means the next payload or next actual data. Authentication Data This field is optional in ESP protocol packet format.
What does ESP provide?The ESP protocol provides data confidentiality (encryption) and authentication (data integrity, data origin authentication, and replay protection). ESP can be used with confidentiality only, authentication only, or both confidentiality and authentication.
What does ESP add to the IP packet?In a TCP packet, the ESP header is authenticated and it encapsulates the TCP header and its data. If the packet is an IP-in-IP packet, ESP protects the inner IP packet. Per-socket policy allows self-encapsulation, so ESP can encapsulate IP options when necessary.
|
