A Unix Streams Implementation of the Internet Protocol Security

Master's thesis submitted for approval Septemper 17, 1996 for the degree of Master of Science. Current Internet Protocol (IP) implementations provide no protection against eavesdropping of connections , spoofing of IP datagrams and TCP connection hijacking. Rapid advances in communication technology and expanding use of the Internet have accentuated the need for security in the Internet. Internet Protocol Security (IPSEC) is the Internet Engineering Task Force (IETF) standard for the network layer security. IPSEC provides cryptographic security services that support combinations of authentication, integrity and confidentiality. It provides security services to protect client protocols of IP and supports host-to-host, subnet-to-subnet and host-to-subnet security topologies. The IP security offers a system level security component available on all platforms. It does not provide non-repudiation security service; protection against traffic analysis or every possible denial of service attack are not provided either. The use of the IP security services increases IP protocol processing cost and communication latency due to computationally intensive cryptographic algorithms. In this study IP Security specifications and architecture are examined using a semi-formal model. IPSEC is described using the concepts of security variables, security management, security mechanisms and security control logic. Security variables are divided into security policy variables and security associations. Security policy variables control the enforcement of host security policy at the IP layer and the selection of security associations for datagrams. A security association is a relationship between two or more entities; it describes how the entities will utilize security services. The security management is responsible for establishing and updating the security variables. Authentication Header (AH) security mechanism provides integrity and authentication for IP data-grams by computing a cryptographic authentication function over the IP datagram and using a secret authentication key in this computation. Encapsulating Security Payload (ESP) provides integrity and confidentiality and optionally authentication for datagrams by encapsulating either an entire datagram or only the upper-layer protocol data inside, encrypting most of the ESP contents. The control logic of the AH and ESP security mechanisms is based on the security variables. The control reads the security variables and behaves accordingly. The focus of this study is in the implementation of an IPSEC prototype with manual key management in the Solaris 2.5 operating system. The IPSEC specification process is in progress and the prototype is based on the specifications such as they were at the beginning of this study. The objectives of the implementation are security, modularity …