Friday, June 28, 2013

Cryptography Overhead Analysis With Practical Demostration

What is cryptography?
 
IPSec provides security to the Internet Protocol Layer. It does this by giving us the choices to use any encryption-decryption algorithm along with the mandatory security protocols.. IPSec uses some different important protocols such as AH (Authentication Header), ESP (Encapsulating Security Protocol), ISAKMP (Internet Security Association and Key Protocol) and IKE (Internet key exchange). Each has their own responsibility and functionality. To operate all this functionality, there are two basic modes such as: Transport Mode & Tunnel Mode.

Implementation of IPSEC

The introduction part shows the essential cryptographic design protocols in IPSec. The essential main 3 protocols are as follows :

1.    AH -> Authentication Header
2.    ESP -> Encapsulating Security Protocol
3.    IKEv2 -> Internet Key Exchange v2
4.    ISAKMP -> Internet Security Association & Key Management Protocol

Authentication Header
 
AH provides payload integrity protection as well as data origin authentication. The other important which is provided by AH is anti-relay service. The AH protocol uses the insertion of bit sequence to add the cryptographic protection. It adds AH into the IP packets before it transmit to the end. 
           
Authentication Header

Generally AH contains the MAC value and it is depended upon the particular MAC algorithm used in it. AH must be in a multiple of 32 bits lengths which is used for IPV4 and it has to be in a multiplication of 64 bit length for IPV6. Below table shows the mandatory MAC algorithms being be used for AH described in RFC 4305

Algorithm
Requirement
Key Size (Bits)
Output (Bits)
RFC Reference
HMAC-SHA1-96
MUST
160
96
AES-XCBC-MAC-96
SHOULD+
128
96
HMAC-MD5-96
MAY
128
96

Encapsulating Security Protocol

This protocol is cryptographic transformation. It gives integrity as well as confidentiality in one package, but the primary purpose of this protocol is to provide confidentiality. The ESP header is having a sequence number field and SPI. The below figure illustrates the format of the ESP protocol mentioned in RFC 4303.
Encapsulating Security Protocol



There are some mandatory encryption algorithms which have to be used for ESP which is specified in RFC 4305, in which 3DES,  AEC-CBC, DES-CBC and AES-CTR is used.

Algorithm
Requirement
Key Size (Bits)
Block Size (Bits)
RFC Reference
NULL
MUST
0
N/A
Triple DES-CBC
MUST-
192
64
AES-CBC
SHOULD+
128
128
AES-CTR
SHOULD
128
N/A
DES-CBC
SHOULD NOT
56
64
  
ESP is optional, therefore there is a null encryption which has to be implemented if required. DES CBC is used for general purpose and public demonstration where 3DES is widely used algorithm now a days due to having its longer key length and bigger block size. Thus all encryption algorithms are used in a different manner as per their need.

Internet Exchange Key


The main role of IKE is exchanging messages between the two ends. The best way to learn IKEv2 is to compare it with IKEv1.The essential features of IKEv2 is identity hiding,  Negotiation of cryptographic function, flexibility and the variety of securities. There are mainly 2 phases in IKEv2 the first phase is called IKE-SA. Once this phase is initiated, it is used it is used to send the messages between 2 peers. Below figure shows the architecture of IKE phase.


Internet Exchange Key


Generally IKE protocol uses UDP packets on port 500. On an average it requires 4 to 6 packets in order to create SA at the both ends. After this SA creation key material will be provided to the IPsec stack.


Internet Security Association And Key Management Protocol
It is responsible for defining all procedures at both ends. It also plays a vital role in authenticating procedures. It generates SAs and it also manages key integration. ISAKMP has an ability to prevent Denial of Service Attacks. It defines the packet format for the establishment and negotiation of security. It also defines the payload for key generation which gives a constant framework for exchanging authenticated data as well as key. ISAKMP and key exchange protocols both are different things.


ISAKMP
Generally it is implemented on a transport level protocol which uses UDP protocol on 500th port number.
 
IPSEC ALGORITHM  KEY LIMITATIONS


  •     IPSEC limitation can be expressed in terms of lack of expressive power in IPSEC policy control. Also there can be lack of application control on the different different polices.
  •     The biggest challenge in IPSEC is the deployment. Also authorization handling is a big challenge in the IPSEC mechanism because it needs security as well as application information.
  •     As we have seen that cryptographic algorithms are used in a different manner and need, at a same time there are a couple of limitations in cryptography algorithms. Some of the major algorithm scenario and their limitations are shown below:
  •     Talking about DES, it uses 64 bits of key size. In this DES 8 bits of all 64 are used for the odd parity. This is the cause of less effectiveness of this algorithm also DES have compromised on many occasions. There are some specially crafted hard-wares which can crack DES in some few hours. Due to this researcher are motivated to invent more secured DES. Thus the 3DES algorithm born which does the triple repetition of the DES encryption. It can be said that 3DES is able to use a larger key length of 112 bits. It is quite obvious that 3DES runs 3 times slower than normal DES due to a large number of key size repetition processes.
  •     MD5 and SHA1 are both single way hash functions. 512 blocks of bits are used to create 128 and 160 bit hash values. The limitation of them is they cannot be used directly as MAC algorithm due to not having a secret key. This is the reason that why they are being used in conjunction with key hashing technique.
  •     RSA algorithm requires modular exponentiations which lead it towards its main 2 limitations such as large memory space and the more complexity for computational performance.

IPSEC OVERHEAD ANALYSIS

To measure the IPsec overhead, firstly we need to measure the CPU cycle processing. This analysis can be done on essential security algorithms such as DES, 3DES, AES, HMAC-MD5 and HMAC-SHA1. There is a processing overhead as we all know in IPsec, but apart from it there is one more extra overhead which is called space overhead. It is generated by the increased size of packets transmitted on both ends. 

If the application is lighter weighted such as DES, HMAC-MD5 and HMAC-SHA1, then it does not in decrease more system throughput, which has a null impact on the total delay of the process. Here the MS processing rate is 100 MIPS or around it. On the other hand 3DEC and AES are more complex which uses bigger size of key length such as 192 and 256 bits. No doubt that it provides resistance against the targeted attacks but the high volume of processes decrease the throughput of the system. Here the MS processing rate is more than 300 MIPS. AES, DES and 3DES generate more strain on the system.

Overhead is not only depended upon the encryption algorithms but it also depends upon the size of the data which you are sending. Here in my demonstration I have rapidly increased the packet size to send from source to destination and we can clearly see that, as the number of packets are being increased the time taken to send each packet is also getting increased. We can also able to determine the fluctuation in time to send each packet.


C:\Documents and Settings\Administrator>ping -l 16000 10.10.10.11

Pinging 10.10.10.11 with 16000 bytes of data:

Reply from 10.10.10.11: bytes=16000 time=4msTTL=128
Reply from 10.10.10.11: bytes=16000 time=6msTTL=128
Reply from 10.10.10.11: bytes=16000 time=7msTTL=128
Reply from 10.10.10.11: bytes=16000 time=6msTTL=128

Ping statistics for 10.10.10.11:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 4ms, Maximum = 7ms, Average = 5ms

C:\Documents and Settings\Administrator>ping -l 32000 10.10.10.11

Pinging 10.10.10.11 with 32000 bytes of data:

Reply from 10.10.10.11: bytes=32000 time=10msTTL=128
Reply from 10.10.10.11: bytes=32000 time=14msTTL=128
Reply from 10.10.10.11: bytes=32000 time=9msTTL=128
Reply from 10.10.10.11: bytes=32000 time=13ms TTL=128

Ping statistics for 10.10.10.11:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 9ms, Maximum = 14ms, Average = 11ms

C:\Documents and Settings\Administrator>ping -l 64000 10.10.10.11


Pinging 10.10.10.11 with 64000 bytes of data:
Reply from 10.10.10.11: bytes=64000 time=18msTTL=128
Reply from 10.10.10.11: bytes=64000 time=28msTTL=128
Reply from 10.10.10.11: bytes=64000 time=27msTTL=128
Reply from 10.10.10.11: bytes=64000 time=16msTTL=128

Ping statistics for 10.10.10.11:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 16ms, Maximum = 28ms, Average = 22ms

Here we can clearly see that as the packet size/buffer size is increasing the time taken to send the packet is also getting increased and there is a fluctuation in timing for each packet to be sent and that causes large average time.

This is just a basic simple analysis of one machine to another machine with some simple encryption and hashing techniques.  Researchers of the university of Athens have found how the delay gets increased with the use of different     encryption  algorithms. The below figure illustrates the results presented by those researchers.
Total Mean Delay Analysis By Processing 100 MIPS

It is very clear from the graph that DES produces higher delay than other encryption techniques. On the flip side of it, it does not affect the rate of data transfer on the system. We can also see that 3DES and AES are those encryption methods which have a stronger impact on delay taken by packets in transmission. It is very clear from this graph that if the amount of data rate is increased then the total mean daily will be decreased compared to one another.

IPSEC Key Attacks

To improve the encryption and integrity standard we need to understand the previous IPSec key attacks well in deeper. So that we can secure our IPSec standard in a more efficient way in the future. There are some well known attacks on the IPsec key which are as follows:
    • Padding Oracle Attack = Side Channel Attacks
    • Chosen Plain Text Attacks = Plain Text Injection Attacks
    • Options Based Attacks
    • Splicing Attacks
Padding oracle attack is also called as side channel attack. This attack performs padding on messages. These attacks are mostly associated with CBC decryption, which are used in the block cipher. These attacks are widely used in the world for decrypting the cipher text without knowing the key. These attacks are broadly used to crack the CAPTCHAsystems.
In Choosing Plain Text Attack, the attacker chooses the arbitrary plain text in order to decrypt the cipher text. This attack has also an ability to revel the secret key of the whole cryptanalysis process. At the time of world war 2, Gardening Machine was used to crack the codes of the Enigma Machines with the help of plain text injection attacks.

In Choosing PlainText Attack, the attacker chooses the arbitrary plain text in order to decrypt the cipher text. This attack has also an ability to revel the secret key of the whole cryptanalysis process. At the time of world war 2, Gardening Machine was used to crack the codes of the Enigma Machines with the help of plain text injection attacks.
 
In Option Based Attacks, only cipher text is presented against the ESP. The complexity of this attack is more than average 214 trials. The number of trials can vary for 64 bit key length and 128 bit key length.

Splicing attacks are done on ESP. If ESP is used without any authentication then an attacker can intercept anyone’s packet because both the transmission will be on the same SA. Then he might use CBC splicing in order to place a new UDP packet instead of original one. Thus, reinjection of data can be done by using this attack.

Conclusion

Thus IPSec uses a security policy to secure the communication channel as well as the messages. It supports network level end-to-end authentication, payload authentication, confidentiality and integrity. One can use different algorithms and encryption techniques for their desired security.


Demostration : IPSEC Configuration between 2 XP machines
  

References

  1. CHRISTOS XENAKIS*, NIKOLAOS LAOUTARIS, LAZAROS MERAKOS, IOANNIS STAVRAKAKIS, A generic characterization of the overheads imposed by IPsec and associated cryptographic algorithms. Communication Networks Laboratory, Department of Informatics and Telecommunications, University of Athens, Athens 15784, Greece.
  2. S. P. MEENAKSHI,S. V. RAGHAVAN, Impact of IPSec Overhead on Web Application Servers.
  3. Mr. Hitesh dhall, M. D. (2012). IMPLEMENTATION OF IPSEC PROTOCOL. Rohtak, India .
  4. Nikander, J. A. (n.d.). Limitations of IPsec Policy Mechanisms. Jorvas, Finland: Ericsson Research NomadicLab.
  5. Paterson, J. P. (n.d.). Attacking the IPsec Standards in Encryption-only. Bristol, UK.
  6. Paterson, K. G. (2006). A cryptographic tour of the IPsec standards. Elsevier Ltd.
  7. S. P. Meenakshi, S. V. (2010). Impact of IPSec Overhead on Web Application.
  8. (n.d.). Retrieved from http://www.onlinebusiness.newstipstricks.com/wp-content/uploads/2013/03/Cryptography.png
  9. JARI ARKKO, P.N., Limitations of IPsec Policy Mechanisms. Ericsson Research NomadicLab, 02420 Jorvas, Finland.
  10. JEAN PAUL DEGABRIELE,KENNETH G. PATERSON, Attacking the IPsec Standards in Encryption-only Configurations. Information Security Group, Royal Holloway University of London, Egham, Surrey TW20 0EX, UK,Hewlett-Packard Laboratories, Bristol Filton Road, Stoke Gifford, Bristol BS34 8QZ, UK.
  11. KENNETH G. PATERSON, 2006. A cryptographic tour of the IPsec standards. Information Security Group, Royal Holloway, University of London, Egham, Surrey TW20 0EX, UK.
Source : http://infosecninja.blogspot.com/2013/06/cryptography-overhead-analysis-with.html






 

No comments:

Post a Comment