SlideShare une entreprise Scribd logo

IPsec for IMS

Hossein Yavari
Hossein Yavari

A quick introduction to IPsec and its usage in the IMS call establishment between UE and P-CSCF.

Ingénierie
1  sur  26
Télécharger pour lire hors ligne
IPsec for IMS Sena Software Solutions April 27, 2021 1
Agenda • What is IPsec • IPsec Protocols • IPsec Flow • IPsec Tunnel • IPsec in IMS 2
What is IPsec • IPsec is a set of security protocols and algorithms used to secure IP data at the network layer. • IPsec provides: – Data confidentiality (encryption and adding ESP header), integrity (hash), and authentication (signatures, certificates) of IP packets while maintaining the ability to route them through existing IP networks. • Consists of: – ESP (and historically AH) for protecting traffic – Separate key exchange protocol (IKE) – Separate authentication protocol in IKEv2 3
4 What is IPsec (Cont.)
IPsec involves some main components: • Security Protocols: The IP datagram protection mechanisms, – The authentication header (AH) signs IP packets and ensures integrity but the content of the datagram is not encrypted though. – The encapsulating security payload (ESP) encrypts IP data, thus obscuring the content during packet transmission. – ESP also can ensure data integrity through an authentication algorithm option. 5 What is IPsec (Cont.)
• Security Associations Database (SADB): – The database that associates a security protocol with an IP destination address and an indexing number (eq to SA). – The indexing number is called the Security Parameter Index (SPI). – These three elements (the security protocol, the destination address, and the SPI) uniquely identify a legitimate IPsec packet. – The database ensures that a protected packet that arrives to the packet destination is recognized by the receiver. – The receiver also uses information from the database to decrypt the communication, verify that the packets are unchanged, reassemble the packets, and deliver the packets to their ultimate destination. 6 What is IPsec (Cont.)
• Key Management: The generation and distribution of keys for the cryptographic algorithms and for the SPI. • Security Mechanisms: The authentication and encryption algorithms that protect the data in the IP datagrams. • Security Policy Database (SPD): – The database that specifies the level of protection to apply to a packet. – The SPD filters IP traffic to determine how the packets should be processed. – A packet can be discarded. A packet can be passed in the clear. Or, a packet can be protected with IPsec. For outbound packets, the SPD and the SADB determine what level of protection to apply. – For inbound packets, the SPD helps to determine if the level of protection on the packet is acceptable. If the packet is protected by IPsec, the SPD is consulted after the packet has been decrypted and has been verified. 7 What is IPsec (Cont.)
• Internet Key Exchange (IKE): – Used to transfer SA parameters between hosts – Handles negotiation of protocols – Generates keys 8 IPsec Protocols
– ISAKMP defines procedures and packet formats to establish, negotiate, modify and delete Security Associations (SA). – SAs contain all the information required for execution of various network security services, such as the IP layer services (such as header authentication and payload encapsulation), transport or application layer services, or self-protection of negotiation traffic. – ISAKMP defines payloads for exchanging key generation and authentication data. These formats provide a consistent framework for transferring key and authentication data which is independent of the key generation technique, encryption algorithm and authentication mechanism. IPsec ISAKMP: Internet Security Association and Key Management Protocol 9 IPsec Protocols (Cont.)
• Authentication Header(AH): – Host and Client Authentication – Provides Data Integrity – Protects from Anti-Replay Attacks • Encapsulating Security Payload (ESP): – Same as AH but also support data encryption and NAT – Encrypts data (either TCP/UDP payload for transport mode, or IP packet for tunnel mode) – Adds an ESP header with an “Security Parameter Index” (SPI) and sequence number – Adds an ESP trailer which contains the “original protocol” of the data that was encrypted. 10 IPsec Protocols (Cont.)
IPsec Transport vs Tunnel mode: • IPsec Transport mode: ESP/AH transforms apply to L4 (TCP or UDP) header and payload. – Protects L4 header – L3/routing information is not modified – Typically used for host-host IPsec • IPsec Tunnel mode: IP packet is encapsulated inside another IP packet. The IPsec transforms are applied to the inner (original) IP packet. – Protects IP and TCP header of the original packet – Typically used for VPNs – Routing information MAY be modified 11 IPsec Modes
12 IPsec Modes (Cont.) AH ESP
13 IPsec Modes (Cont.) AH & ESP
IPsec Applied to Outbound Packet Process 14 IPsec Flow
IPsec Flow IPsec Applied to Inbound Packet Process 15
• To establish an IPsec tunnel, we use IKE (Internet Key Exchange). • There are two phases to build an IPsec tunnel: – IKE phase 1 – IKE phase 2 • In IKE phase 1, two peers will negotiate about SAs. • In this phase, an ISAKMP session is established. This is also called the ISAKMP tunnel or IKE phase 1 tunnel. • The IKE phase 1 tunnel is only used for management traffic. We use this tunnel as a secure method to establish the second tunnel called the IKE phase 2 tunnel or IPsec tunnel. 16 IPsec Tunnel
17 IKE Phase 1 Step 1 : Negotiation • The two peers will negotiate about the following items: – Hashing: we use a hashing algorithm to verify the integrity, we use MD5 or SHA for this. – Authentication: each peer has to prove who he is. Two commonly used options are a pre-shared key or digital certificates. – DH (Diffie Hellman) group: the DH group determines the strength of the key that is used in the key exchange process. The higher group numbers are more secure but take longer to compute. – Lifetime: how long does the IKE phase 1 tunnel stand up? the shorter the lifetime, the more secure it is because rebuilding it means we will also use new keying material. Each vendor uses a different lifetime, a common default value is 86400 seconds (1 day). – Encryption: what algorithm do we use for encryption? For example, DES, 3DES or AES. Step 2: DH Key Exchange • Once the negotiation has succeeded, the two peers will know what policy to use. • They will now use the DH group that they negotiated to exchange keying material. • The end result will be that both peers will have a shared key. Step 3: Authentication • The last step is that the two peers will authenticate each other using the authentication method that they agreed upon on in the negotiation. • When the authentication is successful, we have completed IKE phase 1. • The end result is a IKE phase 1 tunnel (aka ISAKMP tunnel) which is bidirectional. • This means that both peers can send and receive on this tunnel.
18 IKE Phase 2 Like in IKE phase 1, our peers will negotiate about a number of items: • IPsec Protocol: do we use AH or ESP? • Encapsulation Mode: transport or tunnel mode? • Encryption: what encryption algorithm do we use? DES, 3DES or AES? • Authentication: what authentication algorithm do we use? MD5 or SHA? • Lifetime: how long is the IKE phase 2 tunnel valid? When the tunnel is about to expire, we will refresh the keying material.
19 IPsec in IMS • The scheme for authentication and key agreement in the IMS is called IMS AKA. • Authentication vector AV includes RAND, XRES, CK, IK and AUTN. • Two pairs of security associations (SAs) are established between the UE and the P- CSCF.
20 IPsec in IMS (Cont.) • CM1: Cx-AV-Req(IMPI, m) • CM2: Cx-AV-Req-Resp(IMPI, RAND1||AUTN1||XRES1||CK1||IK1,….,RANDn||AUTNn||XRESn||CKn||IKn) • SM4: 4xx Auth_Challenge(IMPI, RAND, AUTN, IK, CK) • SM6: 4xx Auth_Challenge(IMPI, RAND, AUTN) – Upon receiving the challenge, SM6, the UE takes the AUTN, which includes a MAC and the SQN. The UE calculates the XMAC and checks that XMAC=MAC and that the SQN is in the correct range as in TS 33.102 [1]. If both these checks are successful the UE uses RES and some other parameters to calculate an authentication response. • SM7:REGISTER(IMPI, Authentication response) • Upon receiving SM9 containing the response, the S-CSCF retrieves the active XRES for that user and uses this to check the authentication response sent by the UE
21 IPsec in IMS (Cont.) • IPsec ESP as specified in RFC 2406 [13] shall provide confidentiality protection of SIP signalling between the UE and the P-CSCF, protecting all SIP signalling messages at the IP level. • The SA parameters that shall be negotiated between UE and P-CSCF in the security mode set-up procedure are: • Encryption algorithm: – The encryption algorithm is either DES-EDE3-CBC as specified in RFC 2451 [20] or AES- CBC as specified in RFC 3602 [22] with 128 bit key. – Both encryption algorithms shall be supported by both, the UE and the P-CSCF. • Integrity algorithm – The integrity algorithm is either HMAC-MD5-96 [15] or HMAC-SHA-1-96 [16]. – Both integrity algorithms shall be supported by both, the UE and the P-CSCF as mandated by RFC 2406 [13].
22 IPsec in IMS (Cont.) • SPI (Security Parameter Index): – The SPI is allocated locally for inbound SAs. The triple (SPI, destination IP address, security protocol) uniquely identifies an SA at the IP layer. – The UE shall select the SPIs uniquely, and different from any SPIs that might be used in any existing SAs (i.e. inbound and outbound SAs). – The SPIs selected by the P-CSCF shall be different than the SPIs sent by the UE. – In an authenticated registration, the UE and the P-CSCF each select two SPIs, not yet associated with existing inbound SAs, for the new inbound security associations at the UE and the P-CSCF respectively.
23 IPsec in IMS (Cont.) • The P-CSCF associates two ports, called port_ps and port_pc, with each pair of security assocations established in an authenticated registration. • The number of the ports port_ps and port_pc are communicated to the UE during the security mode set-up procedure. • The UE associates two ports, called port_us and port_uc, with each pair of security assocations established in an authenticated registration. • For each unidirectional SA which has been established and has not expired, the SIP application at the P-CSCF stores at least the following data: (UE_IP_address, UE_protected_port, P-CSCF_protected_port, SPI, IMPI, IMPU1, ... , IMPUn, lifetime) in an "SA_table". The pair (UE_protected_port, P-CSCF_protected_port) equals either (port_uc, port_ps) or (port_us, port_pc). • UE stores at least the following data: (UE_protected_port, P-CSCF_protected_port, SPI, lifetime) in an "SA_table". The pair (UE_protected_port, P-CSCF_protected_port) equals either (port_uc, port_ps) or (port_us, port_pc).
24 Set-up of security associations
25 Set-up of security associations (Cont.) • SM1: REGISTER (Security-setup = SPI_U, Port_U, UE integrity and encryption algorithms list) – SPI_U is the symbolic name of a pair of SPI values (spi_uc, spi_us) that the UE selects. – spi_uc is the SPI of the inbound SA at UE’s the protected client port, and spi_us is the SPI of the inbound SA at the UE’s protected server port. – Port_U is the symbolic name of a pair of port numbers (port_uc, port_us) • SM6: 4xx Auth_Challenge (Security-setup = SPI_P, Port_P, P-CSCF integrity and encryption algorithms list) – SPI_P is the symbolic name of the pair of SPI values (spi_pc, spi_ps) that the P- CSCF selects. spi_pc is the SPI of the inbound SA at the P-CSCF’s protected client port, and spi_ps is the SPI of the inbound SA at the P-CSCF’s protected server port. – Port_P is the symbolic name of the port numbers (port_pc, port_ps)
• https://docs.oracle.com/cd/E19683-01/817-2694/index.html • https://networklessons.com/cisco/ccie-routing-switching/ipsec-internet- protocol-security • 3GPP TS 33.203 V7.9.0 • RFC 2401 • RFC 3329 26 References

Recommandé

Diameter Capabilities Exchange
Diameter Capabilities ExchangeDiameter Capabilities Exchange
Diameter Capabilities Exchange
Arpit Prajapati
 
VoLTE_SRVCC_E2Erevised
VoLTE_SRVCC_E2ErevisedVoLTE_SRVCC_E2Erevised
VoLTE_SRVCC_E2Erevised
Amit Deshmukh
 
IMS Authentication with AKAv1 and AKAv2
IMS Authentication with AKAv1 and AKAv2 IMS Authentication with AKAv1 and AKAv2
IMS Authentication with AKAv1 and AKAv2
mohammad norozzudegan
 
IMS Registration Flow
IMS Registration FlowIMS Registration Flow
IMS Registration Flow
Kent Loh
 
IMS Session Flow
IMS Session FlowIMS Session Flow
IMS Session Flow
Kent Loh
 
VoLTE Interfaces , Protocols & IMS Stack Explained
VoLTE Interfaces , Protocols & IMS Stack ExplainedVoLTE Interfaces , Protocols & IMS Stack Explained
VoLTE Interfaces , Protocols & IMS Stack Explained
Vikas Shokeen
 
Ims call flow
Ims call flowIms call flow
Ims call flow
Morg
 
SRVCC (Single Radio Voice Call Continuity) in VoLTE & Comparison with CSFB
SRVCC (Single Radio Voice Call Continuity) in VoLTE & Comparison with CSFBSRVCC (Single Radio Voice Call Continuity) in VoLTE & Comparison with CSFB
SRVCC (Single Radio Voice Call Continuity) in VoLTE & Comparison with CSFB
Vikas Shokeen
 

Recommandé

Diameter Capabilities Exchange
Diameter Capabilities ExchangeDiameter Capabilities Exchange
Diameter Capabilities Exchange
Arpit Prajapati
 
VoLTE_SRVCC_E2Erevised
VoLTE_SRVCC_E2ErevisedVoLTE_SRVCC_E2Erevised
VoLTE_SRVCC_E2Erevised
Amit Deshmukh
 
IMS Authentication with AKAv1 and AKAv2
IMS Authentication with AKAv1 and AKAv2 IMS Authentication with AKAv1 and AKAv2
IMS Authentication with AKAv1 and AKAv2
mohammad norozzudegan
 
IMS Registration Flow
IMS Registration FlowIMS Registration Flow
IMS Registration Flow
Kent Loh
 
IMS Session Flow
IMS Session FlowIMS Session Flow
IMS Session Flow
Kent Loh
 
VoLTE Interfaces , Protocols & IMS Stack Explained
VoLTE Interfaces , Protocols & IMS Stack ExplainedVoLTE Interfaces , Protocols & IMS Stack Explained
VoLTE Interfaces , Protocols & IMS Stack Explained
Vikas Shokeen
 
Ims call flow
Ims call flowIms call flow
Ims call flow
Morg
 
SRVCC (Single Radio Voice Call Continuity) in VoLTE & Comparison with CSFB
SRVCC (Single Radio Voice Call Continuity) in VoLTE & Comparison with CSFBSRVCC (Single Radio Voice Call Continuity) in VoLTE & Comparison with CSFB
SRVCC (Single Radio Voice Call Continuity) in VoLTE & Comparison with CSFB
Vikas Shokeen
 
IMS Core Elements
IMS Core ElementsIMS Core Elements
IMS Core Elements
Kent Loh
 
ims registration call flow procedure volte sip
ims registration call flow procedure volte sipims registration call flow procedure volte sip
ims registration call flow procedure volte sip
Vikas Shokeen
 
volte ims network architecture
volte ims network architecturevolte ims network architecture
volte ims network architecture
Vikas Shokeen
 
volte call flow - SIP IMS Call Flow - MO and MT Call - Volte Mobile originati...
volte call flow - SIP IMS Call Flow - MO and MT Call - Volte Mobile originati...volte call flow - SIP IMS Call Flow - MO and MT Call - Volte Mobile originati...
volte call flow - SIP IMS Call Flow - MO and MT Call - Volte Mobile originati...
Vikas Shokeen
 
VoWifi 03 - vowifi epdg aaa and architecture (pdf ppt)
VoWifi 03 - vowifi epdg aaa and architecture (pdf ppt)VoWifi 03 - vowifi epdg aaa and architecture (pdf ppt)
VoWifi 03 - vowifi epdg aaa and architecture (pdf ppt)
Vikas Shokeen
 
2 g data call flow
2 g data call flow2 g data call flow
2 g data call flow
Alfred Ongere
 
UMTS/LTE/EPC Call Flows for CSFB
UMTS/LTE/EPC Call Flows for CSFBUMTS/LTE/EPC Call Flows for CSFB
UMTS/LTE/EPC Call Flows for CSFB
Justin MA (馬嘉昌)
 
Lte security overview
Lte security overviewLte security overview
Lte security overview
aliirfan04
 
IMS + VoLTE Overview
IMS + VoLTE OverviewIMS + VoLTE Overview
IMS + VoLTE Overview
Hamidreza Bolhasani
 
Lte system signaling procedures
Lte system signaling proceduresLte system signaling procedures
Lte system signaling procedures
tharinduwije
 
VoLTE Interfaces , Protocols & IMS Stack
VoLTE Interfaces , Protocols & IMS StackVoLTE Interfaces , Protocols & IMS Stack
VoLTE Interfaces , Protocols & IMS Stack
Vikas Shokeen
 
Simplified Call Flow Signaling: Registration - The Attach Procedure
Simplified Call Flow Signaling: Registration - The Attach ProcedureSimplified Call Flow Signaling: Registration - The Attach Procedure
Simplified Call Flow Signaling: Registration - The Attach Procedure
3G4G
 
Dual transfer mode
Dual transfer modeDual transfer mode
Dual transfer mode
Morg
 
Rach procedure in lte
Rach procedure in lteRach procedure in lte
Rach procedure in lte
Saurav Banerjee
 
End to End volte ims sip call flow Guide - Mobile originating and Mobile term...
End to End volte ims sip call flow Guide - Mobile originating and Mobile term...End to End volte ims sip call flow Guide - Mobile originating and Mobile term...
End to End volte ims sip call flow Guide - Mobile originating and Mobile term...
Vikas Shokeen
 
5G Basic Call Flows.pdf
5G Basic Call Flows.pdf5G Basic Call Flows.pdf
5G Basic Call Flows.pdf
IbrahimSayed61
 
IMS ENUM & DNS Mechanism
IMS ENUM & DNS MechanismIMS ENUM & DNS Mechanism
IMS ENUM & DNS Mechanism
Houman Sadeghi Kaji
 
csma ca
csma ca csma ca
csma ca
Haroon Khan
 
IP Multimedia Subsystem architecture overview
IP Multimedia Subsystem architecture overviewIP Multimedia Subsystem architecture overview
IP Multimedia Subsystem architecture overview
Narasimham Settipalli
 
VoLTE flows - basics
VoLTE flows - basicsVoLTE flows - basics
VoLTE flows - basics
Karel Berkovec
 
18CS2005 Cryptography and Network Security
18CS2005 Cryptography and Network Security18CS2005 Cryptography and Network Security
18CS2005 Cryptography and Network Security
Kathirvel Ayyaswamy
 
IS Unit-4 .ppt
IS Unit-4 .pptIS Unit-4 .ppt
IS Unit-4 .ppt
NamanRockzz
 

Contenu connexe

Tendances

Lte system signaling procedures
Lte system signaling proceduresLte system signaling procedures
Lte system signaling procedures
tharinduwije
 
Dual transfer mode
Dual transfer modeDual transfer mode
Dual transfer mode
Morg
 

Tendances (20)

IMS Core Elements
IMS Core ElementsIMS Core Elements
IMS Core Elements
 
ims registration call flow procedure volte sip
ims registration call flow procedure volte sipims registration call flow procedure volte sip
ims registration call flow procedure volte sip
 
volte ims network architecture
volte ims network architecturevolte ims network architecture
volte ims network architecture
 
volte call flow - SIP IMS Call Flow - MO and MT Call - Volte Mobile originati...
volte call flow - SIP IMS Call Flow - MO and MT Call - Volte Mobile originati...volte call flow - SIP IMS Call Flow - MO and MT Call - Volte Mobile originati...
volte call flow - SIP IMS Call Flow - MO and MT Call - Volte Mobile originati...
 
VoWifi 03 - vowifi epdg aaa and architecture (pdf ppt)
VoWifi 03 - vowifi epdg aaa and architecture (pdf ppt)VoWifi 03 - vowifi epdg aaa and architecture (pdf ppt)
VoWifi 03 - vowifi epdg aaa and architecture (pdf ppt)
 
2 g data call flow
2 g data call flow2 g data call flow
2 g data call flow
 
UMTS/LTE/EPC Call Flows for CSFB
UMTS/LTE/EPC Call Flows for CSFBUMTS/LTE/EPC Call Flows for CSFB
UMTS/LTE/EPC Call Flows for CSFB
 
Lte security overview
Lte security overviewLte security overview
Lte security overview
 
IMS + VoLTE Overview
IMS + VoLTE OverviewIMS + VoLTE Overview
IMS + VoLTE Overview
 
Lte system signaling procedures
Lte system signaling proceduresLte system signaling procedures
Lte system signaling procedures
 
VoLTE Interfaces , Protocols & IMS Stack
VoLTE Interfaces , Protocols & IMS StackVoLTE Interfaces , Protocols & IMS Stack
VoLTE Interfaces , Protocols & IMS Stack
 
Simplified Call Flow Signaling: Registration - The Attach Procedure
Simplified Call Flow Signaling: Registration - The Attach ProcedureSimplified Call Flow Signaling: Registration - The Attach Procedure
Simplified Call Flow Signaling: Registration - The Attach Procedure
 
Dual transfer mode
Dual transfer modeDual transfer mode
Dual transfer mode
 
Rach procedure in lte
Rach procedure in lteRach procedure in lte
Rach procedure in lte
 
End to End volte ims sip call flow Guide - Mobile originating and Mobile term...
End to End volte ims sip call flow Guide - Mobile originating and Mobile term...End to End volte ims sip call flow Guide - Mobile originating and Mobile term...
End to End volte ims sip call flow Guide - Mobile originating and Mobile term...
 
5G Basic Call Flows.pdf
5G Basic Call Flows.pdf5G Basic Call Flows.pdf
5G Basic Call Flows.pdf
 
IMS ENUM & DNS Mechanism
IMS ENUM & DNS MechanismIMS ENUM & DNS Mechanism
IMS ENUM & DNS Mechanism
 
csma ca
csma ca csma ca
csma ca
 
IP Multimedia Subsystem architecture overview
IP Multimedia Subsystem architecture overviewIP Multimedia Subsystem architecture overview
IP Multimedia Subsystem architecture overview
 
VoLTE flows - basics
VoLTE flows - basicsVoLTE flows - basics
VoLTE flows - basics
 

Similaire à IPsec for IMS

IP Sec by Amin Pathan
IP Sec by Amin PathanIP Sec by Amin Pathan
IP Sec by Amin Pathan
aminpathan11
 
BAIT1103 Chapter 6
BAIT1103 Chapter 6BAIT1103 Chapter 6
BAIT1103 Chapter 6
limsh
 

Similaire à IPsec for IMS (20)

18CS2005 Cryptography and Network Security
18CS2005 Cryptography and Network Security18CS2005 Cryptography and Network Security
18CS2005 Cryptography and Network Security
 
IS Unit-4 .ppt
IS Unit-4 .pptIS Unit-4 .ppt
IS Unit-4 .ppt
 
The Security layer
The Security layerThe Security layer
The Security layer
 
Cryptography and network security
Cryptography and network securityCryptography and network security
Cryptography and network security
 
IP SEC.ptx
IP SEC.ptxIP SEC.ptx
IP SEC.ptx
 
IP security Part 1
IP security Part 1IP security Part 1
IP security Part 1
 
Lecture14..pdf
Lecture14..pdfLecture14..pdf
Lecture14..pdf
 
Cyber forensics
Cyber forensicsCyber forensics
Cyber forensics
 
Ip sec talk
Ip sec talkIp sec talk
Ip sec talk
 
ESP.ppt
ESP.pptESP.ppt
ESP.ppt
 
IPSec (Internet Protocol Security) - PART 1
IPSec (Internet Protocol Security) - PART 1IPSec (Internet Protocol Security) - PART 1
IPSec (Internet Protocol Security) - PART 1
 
Ipsecurity
IpsecurityIpsecurity
Ipsecurity
 
IP Sec by Amin Pathan
IP Sec by Amin PathanIP Sec by Amin Pathan
IP Sec by Amin Pathan
 
Ipsec
IpsecIpsec
Ipsec
 
BAIT1103 Chapter 6
BAIT1103 Chapter 6BAIT1103 Chapter 6
BAIT1103 Chapter 6
 
ICS PPT Unit 4.ppt
ICS PPT Unit 4.pptICS PPT Unit 4.ppt
ICS PPT Unit 4.ppt
 
Chapter 6.ppt
Chapter 6.pptChapter 6.ppt
Chapter 6.ppt
 
Chapter 6 (1).ppt
Chapter 6 (1).pptChapter 6 (1).ppt
Chapter 6 (1).ppt
 
Chapter 6 (1).ppt
Chapter 6 (1).pptChapter 6 (1).ppt
Chapter 6 (1).ppt
 
05 06 ike
05 06 ike05 06 ike
05 06 ike
 

Plus de Hossein Yavari

Plus de Hossein Yavari (20)

What is Matroska?
What is Matroska?What is Matroska?
What is Matroska?
 
SIPREC RTPEngine Media Forking
SIPREC RTPEngine Media ForkingSIPREC RTPEngine Media Forking
SIPREC RTPEngine Media Forking
 
Windows Forensics
Windows ForensicsWindows Forensics
Windows Forensics
 
SIP over TLS
SIP over TLSSIP over TLS
SIP over TLS
 
Desjardins Data Breach
Desjardins Data BreachDesjardins Data Breach
Desjardins Data Breach
 
Introduction to Metasploit
Introduction to MetasploitIntroduction to Metasploit
Introduction to Metasploit
 
Which IT Certification is Better for You?
Which IT Certification is Better for You?Which IT Certification is Better for You?
Which IT Certification is Better for You?
 
Disassembly Using IDA
Disassembly Using IDADisassembly Using IDA
Disassembly Using IDA
 
Introduction to Snort
Introduction to SnortIntroduction to Snort
Introduction to Snort
 
DLL Injection
DLL InjectionDLL Injection
DLL Injection
 
SQL Injection in JAVA
SQL Injection in JAVASQL Injection in JAVA
SQL Injection in JAVA
 
Malware Static Analysis
Malware Static AnalysisMalware Static Analysis
Malware Static Analysis
 
Creativity and Role of the Leaders
Creativity and Role of the LeadersCreativity and Role of the Leaders
Creativity and Role of the Leaders
 
eSIM Deep Dive
eSIM Deep DiveeSIM Deep Dive
eSIM Deep Dive
 
Yeastar Technical Training Course
Yeastar Technical Training CourseYeastar Technical Training Course
Yeastar Technical Training Course
 
SENA Cloud UC
SENA Cloud UCSENA Cloud UC
SENA Cloud UC
 
FreePBX Disaster Recovery
FreePBX Disaster RecoveryFreePBX Disaster Recovery
FreePBX Disaster Recovery
 
eSIM Overview
eSIM OvervieweSIM Overview
eSIM Overview
 
LTE Architecture Overview
LTE Architecture OverviewLTE Architecture Overview
LTE Architecture Overview
 
Introduction to DIAMETER
Introduction to DIAMETERIntroduction to DIAMETER
Introduction to DIAMETER
 

Dernier

VIP Call Girls Palanpur 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Palanpur 7001035870 Whatsapp Number, 24/07 BookingVIP Call Girls Palanpur 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Palanpur 7001035870 Whatsapp Number, 24/07 Booking
dharasingh5698
 
(INDIRA) Call Girl Bhosari Call Now 8617697112 Bhosari Escorts 24x7
(INDIRA) Call Girl Bhosari Call Now 8617697112 Bhosari Escorts 24x7(INDIRA) Call Girl Bhosari Call Now 8617697112 Bhosari Escorts 24x7
(INDIRA) Call Girl Bhosari Call Now 8617697112 Bhosari Escorts 24x7
Call Girls in Nagpur High Profile Call Girls
 
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
ssuser89054b
 
VIP Call Girls Ankleshwar 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Ankleshwar 7001035870 Whatsapp Number, 24/07 BookingVIP Call Girls Ankleshwar 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Ankleshwar 7001035870 Whatsapp Number, 24/07 Booking
dharasingh5698
 
University management System project report..pdf
University management System project report..pdfUniversity management System project report..pdf
University management System project report..pdf
Kamal Acharya
 
(INDIRA) Call Girl Meerut Call Now 8617697112 Meerut Escorts 24x7
(INDIRA) Call Girl Meerut Call Now 8617697112 Meerut Escorts 24x7(INDIRA) Call Girl Meerut Call Now 8617697112 Meerut Escorts 24x7
(INDIRA) Call Girl Meerut Call Now 8617697112 Meerut Escorts 24x7
Call Girls in Nagpur High Profile Call Girls
 
notes on Evolution Of Analytic Scalability.ppt
notes on Evolution Of Analytic Scalability.pptnotes on Evolution Of Analytic Scalability.ppt
notes on Evolution Of Analytic Scalability.ppt
MsecMca
 
Integrated Test Rig For HTFE-25 - Neometrix
Integrated Test Rig For HTFE-25 - NeometrixIntegrated Test Rig For HTFE-25 - Neometrix
Integrated Test Rig For HTFE-25 - Neometrix
Neometrix_Engineering_Pvt_Ltd
 
Call Girls Wakad Call Me 7737669865 Budget Friendly No Advance Booking
Call Girls Wakad Call Me 7737669865 Budget Friendly No Advance BookingCall Girls Wakad Call Me 7737669865 Budget Friendly No Advance Booking
Call Girls Wakad Call Me 7737669865 Budget Friendly No Advance Booking
roncy bisnoi
 

Dernier (20)

22-prompt engineering noted slide shown.pdf
22-prompt engineering noted slide shown.pdf22-prompt engineering noted slide shown.pdf
22-prompt engineering noted slide shown.pdf
 
VIP Call Girls Palanpur 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Palanpur 7001035870 Whatsapp Number, 24/07 BookingVIP Call Girls Palanpur 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Palanpur 7001035870 Whatsapp Number, 24/07 Booking
 
(INDIRA) Call Girl Bhosari Call Now 8617697112 Bhosari Escorts 24x7
(INDIRA) Call Girl Bhosari Call Now 8617697112 Bhosari Escorts 24x7(INDIRA) Call Girl Bhosari Call Now 8617697112 Bhosari Escorts 24x7
(INDIRA) Call Girl Bhosari Call Now 8617697112 Bhosari Escorts 24x7
 
Thermal Engineering -unit - III & IV.ppt
Thermal Engineering -unit - III & IV.pptThermal Engineering -unit - III & IV.ppt
Thermal Engineering -unit - III & IV.ppt
 
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
 
COST-EFFETIVE and Energy Efficient BUILDINGS ptx
COST-EFFETIVE and Energy Efficient BUILDINGS ptxCOST-EFFETIVE and Energy Efficient BUILDINGS ptx
COST-EFFETIVE and Energy Efficient BUILDINGS ptx
 
VIP Call Girls Ankleshwar 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Ankleshwar 7001035870 Whatsapp Number, 24/07 BookingVIP Call Girls Ankleshwar 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Ankleshwar 7001035870 Whatsapp Number, 24/07 Booking
 
University management System project report..pdf
University management System project report..pdfUniversity management System project report..pdf
University management System project report..pdf
 
(INDIRA) Call Girl Meerut Call Now 8617697112 Meerut Escorts 24x7
(INDIRA) Call Girl Meerut Call Now 8617697112 Meerut Escorts 24x7(INDIRA) Call Girl Meerut Call Now 8617697112 Meerut Escorts 24x7
(INDIRA) Call Girl Meerut Call Now 8617697112 Meerut Escorts 24x7
 
data_management_and _data_science_cheat_sheet.pdf
data_management_and _data_science_cheat_sheet.pdfdata_management_and _data_science_cheat_sheet.pdf
data_management_and _data_science_cheat_sheet.pdf
 
Hostel management system project report..pdf
Hostel management system project report..pdfHostel management system project report..pdf
Hostel management system project report..pdf
 
ONLINE FOOD ORDER SYSTEM PROJECT REPORT.pdf
ONLINE FOOD ORDER SYSTEM PROJECT REPORT.pdfONLINE FOOD ORDER SYSTEM PROJECT REPORT.pdf
ONLINE FOOD ORDER SYSTEM PROJECT REPORT.pdf
 
2016EF22_0 solar project report rooftop projects
2016EF22_0 solar project report rooftop projects2016EF22_0 solar project report rooftop projects
2016EF22_0 solar project report rooftop projects
 
notes on Evolution Of Analytic Scalability.ppt
notes on Evolution Of Analytic Scalability.pptnotes on Evolution Of Analytic Scalability.ppt
notes on Evolution Of Analytic Scalability.ppt
 
chapter 5.pptx: drainage and irrigation engineering
chapter 5.pptx: drainage and irrigation engineeringchapter 5.pptx: drainage and irrigation engineering
chapter 5.pptx: drainage and irrigation engineering
 
Integrated Test Rig For HTFE-25 - Neometrix
Integrated Test Rig For HTFE-25 - NeometrixIntegrated Test Rig For HTFE-25 - Neometrix
Integrated Test Rig For HTFE-25 - Neometrix
 
Double Revolving field theory-how the rotor develops torque
Double Revolving field theory-how the rotor develops torqueDouble Revolving field theory-how the rotor develops torque
Double Revolving field theory-how the rotor develops torque
 
Design For Accessibility: Getting it right from the start
Design For Accessibility: Getting it right from the startDesign For Accessibility: Getting it right from the start
Design For Accessibility: Getting it right from the start
 
FEA Based Level 3 Assessment of Deformed Tanks with Fluid Induced Loads
FEA Based Level 3 Assessment of Deformed Tanks with Fluid Induced LoadsFEA Based Level 3 Assessment of Deformed Tanks with Fluid Induced Loads
FEA Based Level 3 Assessment of Deformed Tanks with Fluid Induced Loads
 
Call Girls Wakad Call Me 7737669865 Budget Friendly No Advance Booking
Call Girls Wakad Call Me 7737669865 Budget Friendly No Advance BookingCall Girls Wakad Call Me 7737669865 Budget Friendly No Advance Booking
Call Girls Wakad Call Me 7737669865 Budget Friendly No Advance Booking
 

IPsec for IMS

  • 1. IPsec for IMS Sena Software Solutions April 27, 2021 1
  • 2. Agenda • What is IPsec • IPsec Protocols • IPsec Flow • IPsec Tunnel • IPsec in IMS 2
  • 3. What is IPsec • IPsec is a set of security protocols and algorithms used to secure IP data at the network layer. • IPsec provides: – Data confidentiality (encryption and adding ESP header), integrity (hash), and authentication (signatures, certificates) of IP packets while maintaining the ability to route them through existing IP networks. • Consists of: – ESP (and historically AH) for protecting traffic – Separate key exchange protocol (IKE) – Separate authentication protocol in IKEv2 3
  • 4. 4 What is IPsec (Cont.)
  • 5. IPsec involves some main components: • Security Protocols: The IP datagram protection mechanisms, – The authentication header (AH) signs IP packets and ensures integrity but the content of the datagram is not encrypted though. – The encapsulating security payload (ESP) encrypts IP data, thus obscuring the content during packet transmission. – ESP also can ensure data integrity through an authentication algorithm option. 5 What is IPsec (Cont.)
  • 6. • Security Associations Database (SADB): – The database that associates a security protocol with an IP destination address and an indexing number (eq to SA). – The indexing number is called the Security Parameter Index (SPI). – These three elements (the security protocol, the destination address, and the SPI) uniquely identify a legitimate IPsec packet. – The database ensures that a protected packet that arrives to the packet destination is recognized by the receiver. – The receiver also uses information from the database to decrypt the communication, verify that the packets are unchanged, reassemble the packets, and deliver the packets to their ultimate destination. 6 What is IPsec (Cont.)
  • 7. • Key Management: The generation and distribution of keys for the cryptographic algorithms and for the SPI. • Security Mechanisms: The authentication and encryption algorithms that protect the data in the IP datagrams. • Security Policy Database (SPD): – The database that specifies the level of protection to apply to a packet. – The SPD filters IP traffic to determine how the packets should be processed. – A packet can be discarded. A packet can be passed in the clear. Or, a packet can be protected with IPsec. For outbound packets, the SPD and the SADB determine what level of protection to apply. – For inbound packets, the SPD helps to determine if the level of protection on the packet is acceptable. If the packet is protected by IPsec, the SPD is consulted after the packet has been decrypted and has been verified. 7 What is IPsec (Cont.)
  • 8. • Internet Key Exchange (IKE): – Used to transfer SA parameters between hosts – Handles negotiation of protocols – Generates keys 8 IPsec Protocols
  • 9. – ISAKMP defines procedures and packet formats to establish, negotiate, modify and delete Security Associations (SA). – SAs contain all the information required for execution of various network security services, such as the IP layer services (such as header authentication and payload encapsulation), transport or application layer services, or self-protection of negotiation traffic. – ISAKMP defines payloads for exchanging key generation and authentication data. These formats provide a consistent framework for transferring key and authentication data which is independent of the key generation technique, encryption algorithm and authentication mechanism. IPsec ISAKMP: Internet Security Association and Key Management Protocol 9 IPsec Protocols (Cont.)
  • 10. • Authentication Header(AH): – Host and Client Authentication – Provides Data Integrity – Protects from Anti-Replay Attacks • Encapsulating Security Payload (ESP): – Same as AH but also support data encryption and NAT – Encrypts data (either TCP/UDP payload for transport mode, or IP packet for tunnel mode) – Adds an ESP header with an “Security Parameter Index” (SPI) and sequence number – Adds an ESP trailer which contains the “original protocol” of the data that was encrypted. 10 IPsec Protocols (Cont.)
  • 11. IPsec Transport vs Tunnel mode: • IPsec Transport mode: ESP/AH transforms apply to L4 (TCP or UDP) header and payload. – Protects L4 header – L3/routing information is not modified – Typically used for host-host IPsec • IPsec Tunnel mode: IP packet is encapsulated inside another IP packet. The IPsec transforms are applied to the inner (original) IP packet. – Protects IP and TCP header of the original packet – Typically used for VPNs – Routing information MAY be modified 11 IPsec Modes
  • 14. IPsec Applied to Outbound Packet Process 14 IPsec Flow
  • 15. IPsec Flow IPsec Applied to Inbound Packet Process 15
  • 16. • To establish an IPsec tunnel, we use IKE (Internet Key Exchange). • There are two phases to build an IPsec tunnel: – IKE phase 1 – IKE phase 2 • In IKE phase 1, two peers will negotiate about SAs. • In this phase, an ISAKMP session is established. This is also called the ISAKMP tunnel or IKE phase 1 tunnel. • The IKE phase 1 tunnel is only used for management traffic. We use this tunnel as a secure method to establish the second tunnel called the IKE phase 2 tunnel or IPsec tunnel. 16 IPsec Tunnel
  • 17. 17 IKE Phase 1 Step 1 : Negotiation • The two peers will negotiate about the following items: – Hashing: we use a hashing algorithm to verify the integrity, we use MD5 or SHA for this. – Authentication: each peer has to prove who he is. Two commonly used options are a pre-shared key or digital certificates. – DH (Diffie Hellman) group: the DH group determines the strength of the key that is used in the key exchange process. The higher group numbers are more secure but take longer to compute. – Lifetime: how long does the IKE phase 1 tunnel stand up? the shorter the lifetime, the more secure it is because rebuilding it means we will also use new keying material. Each vendor uses a different lifetime, a common default value is 86400 seconds (1 day). – Encryption: what algorithm do we use for encryption? For example, DES, 3DES or AES. Step 2: DH Key Exchange • Once the negotiation has succeeded, the two peers will know what policy to use. • They will now use the DH group that they negotiated to exchange keying material. • The end result will be that both peers will have a shared key. Step 3: Authentication • The last step is that the two peers will authenticate each other using the authentication method that they agreed upon on in the negotiation. • When the authentication is successful, we have completed IKE phase 1. • The end result is a IKE phase 1 tunnel (aka ISAKMP tunnel) which is bidirectional. • This means that both peers can send and receive on this tunnel.
  • 18. 18 IKE Phase 2 Like in IKE phase 1, our peers will negotiate about a number of items: • IPsec Protocol: do we use AH or ESP? • Encapsulation Mode: transport or tunnel mode? • Encryption: what encryption algorithm do we use? DES, 3DES or AES? • Authentication: what authentication algorithm do we use? MD5 or SHA? • Lifetime: how long is the IKE phase 2 tunnel valid? When the tunnel is about to expire, we will refresh the keying material.
  • 19. 19 IPsec in IMS • The scheme for authentication and key agreement in the IMS is called IMS AKA. • Authentication vector AV includes RAND, XRES, CK, IK and AUTN. • Two pairs of security associations (SAs) are established between the UE and the P- CSCF.
  • 20. 20 IPsec in IMS (Cont.) • CM1: Cx-AV-Req(IMPI, m) • CM2: Cx-AV-Req-Resp(IMPI, RAND1||AUTN1||XRES1||CK1||IK1,….,RANDn||AUTNn||XRESn||CKn||IKn) • SM4: 4xx Auth_Challenge(IMPI, RAND, AUTN, IK, CK) • SM6: 4xx Auth_Challenge(IMPI, RAND, AUTN) – Upon receiving the challenge, SM6, the UE takes the AUTN, which includes a MAC and the SQN. The UE calculates the XMAC and checks that XMAC=MAC and that the SQN is in the correct range as in TS 33.102 [1]. If both these checks are successful the UE uses RES and some other parameters to calculate an authentication response. • SM7:REGISTER(IMPI, Authentication response) • Upon receiving SM9 containing the response, the S-CSCF retrieves the active XRES for that user and uses this to check the authentication response sent by the UE
  • 21. 21 IPsec in IMS (Cont.) • IPsec ESP as specified in RFC 2406 [13] shall provide confidentiality protection of SIP signalling between the UE and the P-CSCF, protecting all SIP signalling messages at the IP level. • The SA parameters that shall be negotiated between UE and P-CSCF in the security mode set-up procedure are: • Encryption algorithm: – The encryption algorithm is either DES-EDE3-CBC as specified in RFC 2451 [20] or AES- CBC as specified in RFC 3602 [22] with 128 bit key. – Both encryption algorithms shall be supported by both, the UE and the P-CSCF. • Integrity algorithm – The integrity algorithm is either HMAC-MD5-96 [15] or HMAC-SHA-1-96 [16]. – Both integrity algorithms shall be supported by both, the UE and the P-CSCF as mandated by RFC 2406 [13].
  • 22. 22 IPsec in IMS (Cont.) • SPI (Security Parameter Index): – The SPI is allocated locally for inbound SAs. The triple (SPI, destination IP address, security protocol) uniquely identifies an SA at the IP layer. – The UE shall select the SPIs uniquely, and different from any SPIs that might be used in any existing SAs (i.e. inbound and outbound SAs). – The SPIs selected by the P-CSCF shall be different than the SPIs sent by the UE. – In an authenticated registration, the UE and the P-CSCF each select two SPIs, not yet associated with existing inbound SAs, for the new inbound security associations at the UE and the P-CSCF respectively.
  • 23. 23 IPsec in IMS (Cont.) • The P-CSCF associates two ports, called port_ps and port_pc, with each pair of security assocations established in an authenticated registration. • The number of the ports port_ps and port_pc are communicated to the UE during the security mode set-up procedure. • The UE associates two ports, called port_us and port_uc, with each pair of security assocations established in an authenticated registration. • For each unidirectional SA which has been established and has not expired, the SIP application at the P-CSCF stores at least the following data: (UE_IP_address, UE_protected_port, P-CSCF_protected_port, SPI, IMPI, IMPU1, ... , IMPUn, lifetime) in an "SA_table". The pair (UE_protected_port, P-CSCF_protected_port) equals either (port_uc, port_ps) or (port_us, port_pc). • UE stores at least the following data: (UE_protected_port, P-CSCF_protected_port, SPI, lifetime) in an "SA_table". The pair (UE_protected_port, P-CSCF_protected_port) equals either (port_uc, port_ps) or (port_us, port_pc).
  • 24. 24 Set-up of security associations
  • 25. 25 Set-up of security associations (Cont.) • SM1: REGISTER (Security-setup = SPI_U, Port_U, UE integrity and encryption algorithms list) – SPI_U is the symbolic name of a pair of SPI values (spi_uc, spi_us) that the UE selects. – spi_uc is the SPI of the inbound SA at UE’s the protected client port, and spi_us is the SPI of the inbound SA at the UE’s protected server port. – Port_U is the symbolic name of a pair of port numbers (port_uc, port_us) • SM6: 4xx Auth_Challenge (Security-setup = SPI_P, Port_P, P-CSCF integrity and encryption algorithms list) – SPI_P is the symbolic name of the pair of SPI values (spi_pc, spi_ps) that the P- CSCF selects. spi_pc is the SPI of the inbound SA at the P-CSCF’s protected client port, and spi_ps is the SPI of the inbound SA at the P-CSCF’s protected server port. – Port_P is the symbolic name of the port numbers (port_pc, port_ps)