Tải bản đầy đủ
5 The Future of IPsec 247

5 The Future of IPsec 247

Tải bản đầy đủ


Demystifying the IPsec Puzzle

the elephant’s size or shape presents major problems and leads to unending
and sometimes unresolvable debates regarding the correct approach.
At a recent conference whose sole focus was IPsec1, a panel of experts
was convened to answer these questions: Where are we now? What are the
most pressing issues? What changes can we expect to see? It was agreed that
IPsec and IKE interoperate and that it is possible to create a working IPsec
VPN using the products of any two different vendors. Three or more vendors in an operational (as opposed to experimental or research) environment
is still a tricky business. The consensus was that the following features remain
to be addressed:
• Transparent interoperability among the IPsec implementations of

more than two vendors.

• Simple, failsafe configuration of IPsec devices.
• Secure, user-friendly VPN management and administration.
• A nonproprietary uniform approach to IPsec remote access, includ-

ing authentication that crosses administrative boundaries.

• Interdomain and intradomain policy issues: nonproprietary policy

configuration that is applicable to a wide range of devices (wireless
devices, palm pilots, household appliances); a secure policy distribution mechanism; gateway discovery.

• Facilitation of IPsec-based VPNs managed by ISPs. Adding

accounting, auditing, and billing capabilities to IPsec devices will
allow ISPs to provide different levels of service to different customers. It also will allow customers to include quality of service as a
criterion for satisfactory VPN management.

• The inclusion of high availability, backup capability, and resiliency

in IPsec devices.

• The seamless integration of IPsec as an integral part of the network-

ing infrastructure.

• Additional issues that doubtless will crop up as a result of the wide-

spread deployment of IPsec and the increased installation of very
high-speed networks.

1. IPsec2000, Paris Le Defense, October 25–27, 2000, http://www.upperside.fr/

The Whole Puzzle: Is IPsec the Correct Solution?


When asked whether IPsec should and would be simplified, Steve
Kent, one of the main architects of IPsec and the author of many Internet
Drafts, replied that everyone connected with IPsec agrees that it is too complex. However, when polled on essential features versus expendable ones,
there is no agreement. A feature labeled as extraneous and overly complex by
one person appears as essential and nonnegotiable on another person’s list.

12.6 Summary
Now that the IPsec puzzle has been assembled, what is it good for? Will it
suffer the fate of numerous standards-based solutions: to be hung on the wall
or shoved into the closet? Nowadays, even as an incomplete solution, IPsec
has a number of very useful applications. It is no longer an esoteric topic
relegated to experimental uses. It is deployed and used in a large number
of diverse networks, providing remote access security, VPN capabilities, and
general IP-level protection. Once the policy and PKI components are more
fully fleshed out, the use of IPsec may well expand into every facet of Internet
communications and infrastructure protection. Its use will spread and diversify as universal solutions are developed that remove the remaining barriers
to its widespread deployment.

12.7 Further Reading
General discussions of VPN frameworks and requirements can be found
in [7] and [8]. Each of IPsec’s rivals is defined in its own RFC: TLS in
RFC 2246 [1], L2TP in RFC 2661 [2], and PPTP in RFC 2637 [9]. PPP is
described in RFC 1661 [3]. Schneier’s critique of Microsoft’s PPTP appears
in [10, 11]. Differing approaches to the marriage of L2TP and IPsec can be
found in [4] and [5]. An IPsec VPN that uses IP tunnels is proposed in [6].


Dierks, T., and C. Allen, The TLS Protocol: Version 1.0, RFC 2246, Jan. 1999.


Townsley, W., Layer Two Tunneling Protocol (L2TP), RFC 2661, Aug. 1999.


Simpson, W., The Point-to-Point Protocol (PPP), RFC 1661, July 1994.


Patel, B., et al., “Securing L2TP Using IPsec,” ,
Aug. 2000.


Demystifying the IPsec Puzzle

[5] Srisurech, P., Secure Remote Access With L2TP, RFC 2888, Aug. 2000.
[6] Touch, J., and L. Eggert, “Use of IPsec Transport Mode for Virtual Networks,”
, Mar. 2000.
[7] Gleeson, B., et al., A Framework for IP Based Virtual Private Networks, RFC 2764,
Feb. 2000.
[8] Yu, J., “Criteria for Evaluating VPN Implementation Mechanisms,” , July 2000.
[9] Hamzeh, K., Point-to-Point Tunneling Protocol (PPTP), RFC 2637, July 1999.
[10] Schneier, B., and Mudge, “Cryptanalysis of Microsoft’s Point-to-Point Tunneling
Protocol (PPTP),” Proc. 5th ACM Conference on Communications and Computer
Security, ACM Press, Nov. 1998, http://www.counterpane.com/pptp.{pdf, ps, zip}
[11] Schneier, B., Mudge, and D. Wagner, “Cryptanalysis of Microsoft’s PPTP Authentication Extensions (MS-CHAPv2),” CQRE ‘99, Springer-Verlag, Heidelberg, Germany,
1999, pp. 192–203, http://www.counterpane.com/pptpv2.{pdf, ps, zip}.

List of Acronyms and Abbreviations
AA attribute authority
AC attribute certificate
AES Advanced Encryption Standard
AH Authentication Header
AM Aggressive Mode
API Application Programming Interface
ASN.1 Abstract Syntax Notation One
BER basic encoding rules
BITS bump in the stack
BITW bump in the wire
BM Base Mode



Demystifying the IPsec Puzzle

CA certification authority
CAST Carlisle Adams/Stafford Tavares
CBC cipher block chaining
CFB cipher feedback
CHAP Challenge Handshake Authentication Protocol
CMC Certificate Management using CMS
CMP Certificate Management Protocol
CMS cryptographic message syntax
CN common name
COPS Common Open Policy Service Protocol
COPS-PR COPS Usage for Policy Provisioning
CP certificate policy
CPS certificate practice statement
CR certificate request
CRACK challenge/response for authenticated cryptographic keys
CRL certificate revocation list
CRMF Certificate Request Message Format
DER distinguished encoding rules
DES Data Encryption Standard
DF don’t/may fragment flag

List of Acronyms and Abbreviations

DH Diffie-Hellman
DHCP Dynamic Host Configuration Protocol
DIT directory information tree
DN distinguished name
DNS Domain Naming System
DOI domain of interpretation
DSA digital signature algorithm
DSS Digital Signature Standard
EAP Extensible Authentication Protocol
ECB electronic codebook
EE end entity
ESP Encapsulating Security Protocol
FIPS Federal Information Processing Standard
FQDN fully qualified domain name
FTP File Transfer Protocol
GC group controller
GN general name
GSA group security association
H host
HTML Hyper Text Markup Language



Demystifying the IPsec Puzzle

HTTP Hyper Text Transfer Protocol
IAB Internet Architecture Board
iaPCBC integrity-aware plaintext-ciphertext block chaining
ICMP Internet Control Message Protocol
ICV integrity check value
ID identity or identifier
IDEA International Data Encryption Algorithm
IETF Internet Engineering Task Force
IGMP Internet Group Management Protocol
IKE Internet Key Exchange
IMAP Internet Message Access Protocol
IP Internet Protocol
IPCOMP IP compression
IPsec Internet Protocol Security
IPSP IP Security Policy
IPsra IP Security Remote Access
IPv4 Internet Protocol version 4
IPv6 Internet Protocol version 6
IRTF Internet Research Task Force
ISAKMP Internet Security Association and Key Management Protocol

List of Acronyms and Abbreviations

ISP Internet service provider
ITU International Telecommunication Union
ITU-T International Telecommunication Standardization Sector
IV initialization value (or vector)
KS key server
L2TP Layer 2 Tunneling Protocol
LDAP Lightweight Directory Access Protocol
MAC message authentication code
MD message digest
MESP Multicast Encapsulating Security Protocol
MF more/last fragment
MIB Management Information Base
MM Main Mode
MODP modular exponentiation
MTU maximum transmission unit
N Network
NAT network address translation
NSA National Security Agency
OCSP Online Certificate Status Protocol
OFB output feedback



Demystifying the IPsec Puzzle

OID object identifier
OTP one-time password
P10POUB PKCS 10 Plus Out of Band
PAP Password Authentication Protocol
PCBC Plaintext-Cyphertext Block Chaining
PCIM Policy Core Information Model
PEM privacy enhanced mail
PEP policy enforcement point
PF protocol family
PFS perfect forward secrecy
PIB policy information base
PIC Pre-IKE Credential Provisioning
PID Process Identifier
PIN Personal Identification Number
PKC public key certificate
PKCS Public Key Cryptography Standards
PKI public key infrastructure
PKIX Public Key Infrastructure X.509
PMI Privilege Management Infrastructure
PMTU path maximum transmission unit

List of Acronyms and Abbreviations

POP post office protocol or proof of possession or point of presence
PPP Point-to-Point Protocol
PPTP Point-to-Point Tunneling Protocol
PRF Pseudo-Random Function
PS policy server
QM Quick Mode
QOS quality of service
RA registration authority
RADIUS remote authentication dial-in user service
RFC Request for Comments
RIP Routing Information Protocol
RIPEMD Race Integrity Primitives Evaluation Message Digest
RSA Rivest/Shamir/Adelman
RSIP Realm-Specific Internet Protocol
SA security association
SACRED securely available credentials
SAD and SADB security association database
SCEP Simple Certificate Enrollment Protocol
SG security gateway
SHA Secure Hash Algorithm



Demystifying the IPsec Puzzle

SKIP Simple Key Management for Internet Protocol
SMTP Simple Mail Transfer Protocol
SMuG Secure Multicast Group
SN sequence number
SNMP Simple Network Management Protocol
SNMPCONF Configuration Management with Simple Network Management Protocol
SPD security policy database
SPI security parameters index
SPP Security Policy Protocol
SPSL Security Policy Specification Language
SSL secure sockets layer
TCP Transmission Control Protocol
TCP/IP Transmission Control Protocol/Internet Protocol
TFESP Transport-Friendly Encapsulating Security Protocol
TLS transport layer security
TOS type of service
TTL time to live
UDP User Datagram Protocol
ULA user-level authentication
URI Universal Resource Identifier