how to debug ipsec and ike

CPUG:THECHECKPOINTUSERGROUPHowtoDebugIKEandIPSEC©AnAbbreviatedGuideByWarrenVerbanecYourHostWarrenVerbanec•UCDavisgraduate•SiliconValleyLocal•TwoyearsinNokia’sProductLineSupportgroup“HelloEverybody!”Goalsfortonight•Eatfreefood•Winraffle•DiscusshowCheckPointimplementsIKEandIPSec•Reviewavailabletroubleshootingtools•ProvidepracticalexamplesFirst,abitofreview…•WhatisIKEandIPSEC(inourcontext)?–Generallyspeaking,IKEisamethodforsecurelyexchangingencryptionciphersthatwillbeusedinalaterencryptedsession–IPSecisanoveralltermusedtodescribeencrypteddatacommunicationoverIP,usingthekeysexchangedwithIKEThisisPartOne•IKEandIPSecisahugetopic.There’snofeasiblewaytocoveritin½ofanhour•Therefore,PartOnewillprovideabasicintroductiontoonlytheconceptsrequiredtoworkwithCheckPointdebugging•PartTwowillprovidehands-onexamplesoftroubleshootingtheapplication•PartTwowillbepresentednextmonthWhat’sthebigdeal?•Thesearecomplexprotocolsratifiedbymultipleinternationalbodies•Lotsofconfigurableparameters•Generallydefinea“framework”forsecurity,whileallowingforadvancesincryptography–MD5collisiondemonstatesneedforexpandability–•Thus,debuggingandconfigurationishardHowdoesencryptionwork?•Init’sbasicform,cryptographyentailstheadditionoftwomessagestomakeanew,unreadablemessage•Message1+KeyMessage=Cipher•IfyouknowtheKeyMessage,youcandecodethecipherbysubtractingtheKeyinformationfromthecipher•Computersaregoodatthis,andcandoitveryquickly-say,onapacketbypacketbasis•Butthismeansthatyouhavetokeepthesecretkeysafe•Thismakestheprocessdifficult-generallyspeaking,ifyoulosethekeytothebadguys,ALLinformationeverencryptedwiththatkeyisnowreadableBasiccryptoapplications•Algorithms:DES,AES,3DES–Usedforactualreversibleencryption–“non-entropic”,reversibleoperations–Requiresaunique“secretkey”fortheencryptoranddecryptor•Hashes:SHA-1,MD5–Usedtogenerateauniquemathematical“summaryvalue”foragivendataset–“Entropic”,non-reversibleoperation–Usedtoauthenticateadataset–Canbecombinedwitha“secretkey”valuetocreateacustomHash-ensuresthatyourhashwascreatedbysomeoneyoutrust.HowdoesSSLdiffer?•SSLisbasedonPKI,whichusespublic/privatekeypairs-usingentirelydifferentmath•Designedtoenablesecuretransferofdata(likeatemporarycryptokey)tosomeoneyoudon’tnecessarilytrust•IKE/IPSecdoesnotusePKI,asitisinherentlylesssafe-anddesignedfore-commerceuse•Actually,PKI-likekeyexchangeisusedinsomelimitedwaysinIKE,butthecoreofIPSecisnotbasedonpublic/privatekeyexchange•AdiscussionofPKIisbeyondthescopeofthispresentation•AgoodPKItutorialis:…•PKIusespublic/privatekeypairs–Anythingencryptedwiththeprivatekeyisreadablewiththepublickey–Anythingencryptedwiththepublickeyisreadablewiththeprivatekey–AnythingencryptedwiththepublickeyisNOTreadablewiththepublickey•ThecoreofIPSecusesasinglekey-anythingencryptedwithitisreadableonlywiththesamekey•Diffie-Hellmankeyexchange,andPKIcertificatesareusedinIKEandIPSec,butinalimitedwaybyCheckPoint•Theextenttowhichpublic/privatekeyexchangeisusedinIPSecwillbediscussedlaterSo,howdoesaHashfitin?•Acryptographichashisusedtoderiveamathematical“summary”valueforasetofdata•Data“hashed”withaparticularalgorithmgeneratesauniqueoutputvalue•Thisvaluehasaone-to-onecorrelationwithit’sdataset-thisensuresthatifadatasetisaltered,it’shashvaluewillchange•ThisisgoodforensuringdataintegrityDiffie-Hellmaniskey!•Remember,theproblemisnotjustencryptingthemessages-it’skeepingyourkeyssafeinthelongterm–ThisisaccomplishedbyrenegotiatingkeysofteninIPSec-thiscompartmentalizestheencryptionanddataexchange–Thismeansthatsecretkeysmustbeexchangedoften•Diffie-Hellmankeyexchangedefineshowtousepublic/privatekeypairstotransportyoursecretkeys•D-Hgroupnumbersdefinethestrengthofthepublic/privatekeyencryptionused-CheckPointjustaddednewGroupsupportinHFA55_10Andnow,IPSec!•TherearethreepartstoIPSec:–AH-authenticationheader-providessessionsecurityata“sophisticated”levelbycheckingdataintegrityandprotectingagainst“replay”attacks–ESP-encapsulatingsecuritypayload-providesthebulkdataencryptionmethod–IKE-handlestheexchangeofsecretkeysusedinthepriortwocategoriesAH•IntheoperationalmodeusedinVPNs,AHwrapsanIPpacket(headerandall)inanencryptionenvelope,thenaddsanewIPheader•ThisprocessisperformedataVPNgateway,andisundoneattheterminatinggatewayattheotherendofthesecure“tunnel”•AHusesIPProtocol51-soit’snotUDPorTCP•AHisnottoorelevanttotheCheckPointworldMoreAH•AHhasseveralfieldsinit’sheader:–SecurityParameterIndexisanumericidentifierthatspecifiesaparticularlogicalconnection•ThisSPIistrackedonthegatewaysalongwiththeencryptionparametersassociatedwithit(hashalgorithm,bulkencryptionalgorithm,otherparameters)–Sequencenumberfieldisusedtotrackindividualpackets•OptionallyusedtoprotectagainstreplayattacksESP•ESPisusedforthebulkencryption–It’sbasicallyanalgorithm-encryptedpacketinsideaPKIsignaturewrapperforauthenticity–ESPusesIPprotocol50forthetransport-thisiswhatyoucommonlyseeinpackettracesoftunneltraffic–HasaSPIfield,likeAH,aswellastheoptionallyutilizedsequencenumberi