CCIE SEC Security Protocols & Encryption

RADIUS
1. Remote Authentication Dial In User Service
2. UDP
  1. OLD = 1645
  2. New = 1812
3. Only Encrypts the Password
4. Accounting
  1. UDP
    1. OLD = 1646
    2. New = 1813
5. RFC 2865
  1. Obsoletes 2138!
6. Packet Types
  1. Access-Request
  2. Access-Accept
  3. Access-Reject
  4. Accounting-Request
  5. Accounting-Response
  6. Access-Challenge
7. Reply ATTRIBUTES
8. Check ITEMS
9. VSA
  1. Vendor Specific Attribues
  2. Type 26
  3. Cisco's Vendor ID = 9
    1. 1: Cisco-AVPair
    2. 250: Account-Info
    3. 251:Service-Info
    4. 252:Command-Code
10. Radius Does not support these protocols
  1. AppleTalk Remote Access (ARA) protocol
  2. NetBIOS Frame Protocol Control protocol
  3. Novell Asynchronous Services Interface (NASI)
  4. X.25 PAD connection
11. / etc / radius / clients (file)
  1. The clients file contains a list of clients that are allowed to make requests of the RADIUS server.
    The clients file contains a list of clients that are allowed to make requests of the RADIUS server. Typically, for each client, NAS or AP, you must enter the client IP address along with the shared secret between the RADIUS server and the client and an optional poolname for IP pooling. The file consists of entries in the following form: A sample entry list appears as follows: 10.10.10.1 mysecret1 floor6 10.10.10.2 mysecret2 floor5 A shared secret is a character string that is configured on both the client hardware and on the RADIUS server. The maximum length of the shared secret is 256 bytes and is case sensitive. The shared secret is not sent in any of the RADIUS packets and is never sent over the network. System administrators must make sure the exact secret is configured on both sides (client and RADIUS server). The shared secret is used for encrypting the user password information and can be used for verifying message integrity by the use of a Message Authentication attribute. Each client's shared secret should be unique in the /etc/radius/clients file and, like any good password, it is best to use a mixture of uppercase/lowercase letters, numbers, and symbols in the secret. To keep a shared secret secure, make it at least 16 characters in length. The /etc/radius/clients file can be modified using SMIT. The shared secret should be changed often to prevent dictionary attacks. The poolname is the name of the pool from which global IP addresses are allocated during dynamic translation. The system administrator creates the poolname when setting up the RADIUS server. Using a SMIT panel, the poolname is added from Configure Proxy Rules > IP Pool > Create an IP Pool. It is used during server side IP pooling.
12. radius-server vsa send
TACACS+
1. Terminal Access Controller Access-Control System Plus
2. TCP 49
3. Encryptes whole packet Body
4. By default, there are three command levels on the router
  1. privilege level 0—Includes the disable, enable, exit, help, and logout commands
  2. privilege level 1—Includes all user-level commands at the router> prompt
  3. privilege level 15—Includes all enable-level commands at the router> prompt
5. if-needed
6. You can move commands around between privilege levels
  1. privilege exec level priv-lvl command
7. RFC 1492
Ciphers RSA, DSS, RC4
1. Symmetric Key = Same Key Both Ends
2. Asymetric Key = RSA, Pub/Priv Key pair
3. Block Cipher
  1. Encrypts data of a fixed size
  2. Fixed input & output, i.e. 128bitr of plain text = 128but of cipher text
  3. To encrypt data larger than block size need a "mode of operation"
    1. Most modes of operation require an IV
      1. IV: Initilation Vector A sort of "dummy" block of data to kick off the proccess for the real block & provide some randomisation
    2. Electronic codebook (ECB)
      The simplest of the encryption modes is the electronic codebook (ECB) mode. The message is divided into blocks and each block is encrypted separately. The disadvantage of this method is that identical plaintext blocks are encrypted into identical ciphertext blocks; thus, it does not hide data patterns well.
    3. Cipher-block chaining (CBC)
      CBC mode of operation was invented by IBM in 1976. [1] In the cipher-block chaining (CBC) mode, each block of plaintext is XORed with the previous ciphertext block before being encrypted. This way, each ciphertext block is dependent on all plaintext blocks processed up to that point. Also, to make each message unique, an initialization vector must be used in the first block.
    4. Cipher feedback (CFB)
      The cipher feedback (CFB) mode, a close relative of CBC, makes a block cipher into a self-synchronizing stream cipher. Operation is very similar; in particular, CFB decryption is almost identical to CBC encryption performed in reverse
    5. Output feedback (OFB)
      The output feedback (OFB) mode makes a block cipher into a synchronous stream cipher: it generates keystream blocks, which are then XORed with the plaintext blocks to get the ciphertext. Just as with other stream ciphers, flipping a bit in the ciphertext produces a flipped bit in the plaintext at the same location. This property allows many error correcting codes to function normally even when applied before encryption.
    6. Counter (CTR)
      Like OFB, counter mode turns a block cipher into a stream cipher. It generates the next keystream block by encrypting successive values of a "counter". The counter can be any simple function which produces a sequence which is guaranteed not to repeat for a long time, although an actual counter is the simplest and most popular. CTR mode has similar characteristics to OFB, but also allows a random access property during decryption. Note that the nonce in this graph is the same thing as the initialization vector (IV) in the other graphs. The IV/nonce and the counter can be concatenated, added, or XORed together to produce the actual unique counter block for encryption. CTR mode is well suited to operation on a multi-processor machine where blocks can be encrypted in parallel.
4. Stream Cipher
  1. Encrypts data bit by bit
  2. Contrinuous stream
Cryptographic hash Functions
1. MD5
  1. Message Digest 5
  2. 128 Bit
  3. One-Way Hashing Algorithm
  4. Because MD5 makes only one pass over the data, if two prefixes with the same hash can be constructed, a common suffix can be added to both to make the collision more reasonable.
  5. Rainbow Tables
    1. A rainbow table is a lookup table offering a time-memory tradeoff used in recovering the plaintext password from a password hash generated by a hash function, often a cryptographic hash function.
    2. Made less effective by "salt"
  6. Example md5sum The quick brown fox jumps over the lazy dog 37c4b87edffc5d198ff5a185cee7ee09
2. SHA
  1. Secure Hash Algorithm
  2. 160 Bit
    1. SHA-0 (or SHA) was withdrawn
    2. SHA-1
      1. SHA-1 is the most widely employed of the SHA family.
      2. It forms part of several widely used security applications and protocols, including TLS and SSL, PGP, SSH, S/MIME, and IPsec.
      3. SHA-1 hashing is also used in distributed revision control systems such as Git, Mercurial, and Monotone to identify revisions, and detect data corruption or tampering.
      4. EXAMPLE: SHA1("The quick brown fox jumps over the lazy dog") = 2fd4e1c6 7a2d28fc ed849ee1 bb76e739 1b93eb12
  3. SHA-2
    1. Stronger! Version Numbers reflect bits
    2. SHA-224
    3. SHA-256
    4. SHA-384
    5. SHA-512
  4. SHA-3 In Development
3. Properties
  1. * it is easy to compute the hash for any given data,
  2. * it is extremely difficult to construct a text that has a given hash,
  3. * it is extremely difficult to modify a given text without changing its hash,
  4. * it is extremely unlikely that two different messages will have the same hash.
EAP PEAP TKIP TLS
1. Extensible Authentication Protocol
2. LEAP
  1. Cisco Protocol
    1. Cisco Wiki
    2. Cisco LEAP is an 802.1X authentication type for Wireless LANs
  2. Lightweight EAP
  3. Uses external protocol for client auth, i.e. RADIUS
  4. can be used with WPA and WPA2 networks
    1. ... i.e. old WEP implementations can be upgraded
    2. The RADIUS server dynamically assigns a unique key for each client
3. EAP-TLS
  1. RFC 2716
  2. Every AP & Every Client must have a CA signed certificate
  3. TLS Session Key is used to derive a unique WEP Key
4. PEAP
  1. Protected EAP
  2. Also known as EAP-PEAP
  3. Similar to EAP-TLS, except on the SERVER has a Certificate
  4. Clients use MSCAHPv2 to authenticate
  5. As with EAP-TLS, TLS session keys are used to derive WEP Keys
5. EAP-FAST
  1. EAP Flexible Authentication via Secure Tunneling
  2. Cisco Protocol
  3. Doesn't require certificates
  4. Doesn't require strong passwords
  5. Requires a PAC to secure Tunnel
    1. Protected Access Credential
    2. PAC authenticates client
    3. Can be distributed by server
    4. Can be negotiated / created dynamically
6. WPA
  1. Wi-Fi Protected Access
  2. 802.11i
  3. Replaces WEP
  4. Client Authentication
    1. 802.1x
    2. Pre-Shared Key
      1. WPA-PSK
      2. Key only used for Client / AP Authentication
      3. Key not used for for data encryption, that is handled by TKIP
  5. Mutual Client-Server Authentication
  6. Data Privacy via TKIP
    1. Temporal Key Integrity Protocol
    2. Leverages Existing WEP Encryption hardware
    3. Generates a new WEP key per-packet!
  7. Data Integrity via MIC
    1. Message Integrity Check
    2. Uses clear txt packet contents, source mac & destination MAC to create HASH
7. WPA2
  1. More security than WPA
  2. Data Privacy via AES
    1. TKIP is supported for backwards compatability
  3. Intrudoces PKC
    1. Proactive Key Caching
    2. Speeds up AP to AP roaming
DES
1. Data Encryption Standard
2. Encryption Cipher
3. Block Cipher
4. 56bit
5. Symmetric-key algorithm
6. DES is now considered to be insecure for many applications
3DES
1. Triple DES
2. Triple DES is a block cipher formed from the Data Encryption Standard (DES) cipher by using it three times.
3. 112 (2TDES) or 168 bits (3TDES)
  1. In general TDES with three different keys (3-key TDES) has a key length of 168 bits: three 56-bit DES keys (with parity bits 3-key TDES has the total storage length of 192 bits), but due to the meet-in-the-middle attack the effective security it provides is only 112 bits.
4. DES is slowly disappearing from use, largely replaced by the Advanced Encryption Standard (AES)
AES
1. Advanced Encryption Standard
  1. Cisco Tech Page
  2. Wikipedia
  3. also known as Rijndael
2. To enable AES, your router must support IPSec and long keys (the "k9" subsystem).
  1. Router(config-isakmp)# encryption {aes | aes 192 | aes 256}
  2. aes—Specifies 128-bit AES as the encryption algorithm.
  3. aes 192—Specifies 192-bit AES as the encryption algorithm.
  4. aes 256—Specifies 256-bit AES as the encryption algorithm.
3. AES has a fixed block size
  1. Strictly speaking, AES is not precisely Rijndael
  2. Rijndael can be specified with key and block sizes in any multiple of 32 bits, with a minimum of 128 bits and a maximum of 256 bits.
IPSec
1. IP Security
2. Provides Security at the IP layer to protect the IP later and those above
  1. Access Control
  2. Connectionless Integrity
  3. Data Origin Authentication
  4. Rejection on replayed packets
  5. Confidentiliaty (encryption)
3. Can by used by both Hosts & Gateways
4. Implemented Methods
  1. Integrated into native IP
    1. Requires acces to IP source code
    2. Applicable to hosts & gatewats
  2. Bump in the stack
    1. Implemented under IP, before the NIC driver
    2. Good for legacy hosts
  3. Bump in the wire
    1. Implemnted by a devices, i.e. a firewall or router
    2. off-load crypto processing to another device
5. Security Associations
  1. Components
    1. SPI: Security Paramater Index
    2. Destination IP (only Unicast supported)
    3. AH or ESP Identifier
      1. AH & ESP canNOT share SA's
AH
1. Authentication Header
2. Protocol 51
3. RFC 2402
4. Transport Mode
  1. AH is inserted after the IP Header and before the upper layer protocol e.f. TCP, UDP, ICMP etc
  2. Packet Format
5. Tunnel Mode
  1. Can only be used on "gateway" devices
  2. AH protects the entire IP packet including inner header
  3. Packet Format
6. Header Format
ESP
1. Encapsulating Security Payload
2. Protocol 50
3. RFC2406
4. Provides confidentiallity, data origin authentication, connectionless integrity & limited traffic flow confidentiality
5. Packet Header
6. Transport Mode
  1. ESP is inserted after the IP header and before the upper layer protocols (and before any other IPSEC header)
  2. Packet Format
7. Tunnel Mode
  1. Used on either Hosts or Gateways
  2. ESP Tunnel protects the entire inner IP packet, including headers
  3. Packet Format
IKE
1. Internet Key Exchange
2. UDP 500
3. Internet Key Exchange is the protocol used to set up a security association (SA) in the IPsec protocol suite.
4. IKE uses a Diffie-Hellman key exchange to set up a shared session secret, from which cryptographic keys are derived.
5. Public key techniques or, alternatively, a pre-shared key, are used to mutually authenticate the communicating parties.
6. Version 1
  1. Version 1 of IKE was defined in RFCs 2407, 2408, and 2409 [Pip98, MSST98, HC98].
  2. RFC 2409
7. IKE V2
  1. RFC4306
    This version of the IKE specification combines the contents of what were previously separate documents, including Internet Security Association and Key Management Protocol (ISAKMP, RFC 2408), IKE (RFC 2409), the Internet Domain of Interpretation (DOI, RFC 2407), Network Address Translation (NAT) Traversal, Legacy authentication, and remote address acquisition.
    1. Replaces All VERSION 1 RFCS!
  2. Version 2 of IKE does not interoperate with version 1
  3. It has enough of the header format in common that both versions can unambiguously run over the same UDP port
  4. IKE message flow always consists of a request followed by a response
    1. It is the responsibility of the requester to ensure reliability.
    2. If the response is not received within a timeout interval, the requester needs to retransmit the request (or abandon the connection).
    3. Every request requires a response
  5. IKE Messages
    All IKE communications consist of pairs of messages: a request and a response. The pair is called an "exchange". We call the first messages establishing an IKE_SA IKE_SA_INIT and IKE_AUTH exchanges and subsequent IKE exchanges CREATE_CHILD_SA or INFORMATIONAL exchanges. In the common case, there is a single IKE_SA_INIT exchange and a single IKE_AUTH exchange (a total of four messages) to establish the IKE_SA and the first CHILD_SA. In exceptional cases, there may be more than one of each of these exchanges. In all cases, all IKE_SA_INIT exchanges MUST complete before any other exchange type, then all IKE_AUTH exchanges MUST complete, and following that any number of CREATE_CHILD_SA and INFORMATIONAL exchanges may occur in any order. In some scenarios, only a single CHILD_SA is needed between the IPsec endpoints, and therefore there would be no additional exchanges. Subsequent exchanges MAY be used to establish additional CHILD_SAs between the same authenticated pair of endpoints and to perform housekeeping functions.
    1. IKE_SA_INIT
      1. The first request/response of an IKE session negotiates security parameters for the IKE_SA, sends nonces, and sends Diffie-Hellman values.
    2. IKE_AUTH
      1. The second request/response transmits identities, proves knowledge of the secrets corresponding to the two identities, and sets up an SA for the first (and often only) AH and/or ESP CHILD_SA
    3. CREATE_CHILD_SA
      1. subsequent exchanges ... which creates CHILD_SA
    4. INFORMATIONAL
      1. which deletes an SA, reports error conditions, or does other housekeeping
      2. An INFORMATIONAL request with no payloads (other than the empty Encrypted payload required by the syntax) is commonly used as a check for liveness.
    5. These subsequent exchanges cannot be used until the initial exchanges have completed
CEP
1. Certificate Enrollment Protocol
2. Cisco Press Info
  CEP is a protocol jointly developed by Cisco and VeriSign, Inc. CEP is an early implementation of Certificate Request Syntax (CRS), a proposed standard to the IETF. CEP specifies how a device communicates with the CA, how to retrieve the CA's public key, and how to enroll a device with the CA. CEP uses Public Key Cryptography Standards (PKCS). CEP uses HTTP as a transport mechanism and uses the same TCP port (80) used by HTTP. You can find more details on CEP at http://www.cisco.com/warp/public/cc/pd/sqsw/tech/scep_wp.htm. For the CCIE Security lab, the candidate is expected to be able to use common IOS commands such as crypto ca trustpoint and know how to enroll certificates. To declare the CA that a Cisco IOS router should use, use the crypto ca identity name command in global configuration mode. The CA might require a particular name, such as the domain name. Finally, to cover the exam blueprint, this chapter closes with a short explanation of some of the security protocols used in today's networks to ensure security over wireless connections.
3. SCEP
  1. Simple Certificate Enrollment Protocol
  2. Internet Draft / standard of CEP
TLS
1. Transport Layer Security
2. Cryptographic Protocol
3. Layer 4 Encryption
  1. Vs IPSEC which runs at Layer3
  2. TLS runs on layers beneath application protocols such as HTTP, FTP, SMTP, NNTP, and XMPP and above a reliable transport protocol, TCP for example.
  3. TLS can also be used to tunnel an entire network stack to create a VPN, as is the case with OpenVPN.
4. RFC5246
SSL
1. Secure Socket Layer
2. Technology used to encrypt clear-text protocols such as HTTP / SMTP / IMAP & POP3
3. According to Wikipedia SSL has been replaced by TLS
4. Info from Verisign
  1. An SSL Certificate enables encryption of sensitive information during online transactions
  2. Each SSL Certificate contains unique, authenticated information about the certificate owner.
  3. A Certificate Authority verifies the identity of the certificate owner when it is issued
PPTP
1. Point to Point Tunneling Protocol
2. TCP 1723 & GRE!!!
  PPTP works by sending a regular PPP session to the peer with the Generic Routing Encapsulation (GRE) protocol. A second session on TCP port 1723 is used to initiate and manage the GRE session. PPTP is difficult to forward past a network firewall because it requires two network sessions. As such, some firewalls are unable to let pass this traffic flawlessly, resulting in an inability to connect. This rarely happens in Windows or Mac OS, though.
3. RFC2637
4. Cisco Tech Page
5. Point to Point Tunneling Protocol (PPTP) is a network protocol that enables the secure transfer of data from a remote client to a private enterprise server by creating a VPN across TCP/IP-based data networks. PPTP supports on-demand, multiprotocol, virtual private networking over public networks, such as the Internet.
6. PPTP does not provide confidentiality or encryption
7. It relies on the protocol being tunneled to provide privacy.
8. PPTP has been made obsolete by Layer 2 Tunneling Protocol (L2TP)[1] and IPSec.
L2TP
1. Layer 2 Tunneling Protocol
2. Wikipedia
3. UDP 1701
  1. Although L2TP acts like a Data Link Layer 2 protocol (of the OSI model), L2TP is in fact a Session Layer 5 protocol,
  2. The entire L2TP packet, including payload and L2TP header, is sent within a UDP datagram.
4. The two endpoints of an L2TP tunnel are called the LAC (L2TP Access Concentrator) and the LNS (L2TP Network Server).
  1. The LAC is the initiator of the tunnel
  2. LNS is the server, which waits for new tunnels.
  3. Once a tunnel is established, the network traffic between the peers is bidirectional.
5. The Layer 2 Tunnel Protocol (L2TP) is an emerging Internet Engineering Task Force (IETF) standard that combines the best features of two existing tunneling protocols: Cisco's Layer 2 Forwarding (L2F) and Microsoft's Point-to-Point Tunneling Protocol (PPTP).
  1. L2TP offers the same full-range spectrum of features as L2F, but offers additional functionality.
  2. A L2TP-capable home gateway will work with an existing L2F network access server and will concurrently support upgraded components running L2TP.
6. Benefits of L2TP
  1. Vendor interoperability.
  2. Can be used as part of the wholesale access solution, which allows ISPs to the telco or service providers offer VPNs to Internet Service Providers (ISPs) and other service providers.
  3. Can be operated as a client initiated VPN solution, where enterprise customers using a PC, can use the client initiated L2TP from a third party.
  4. All value-added features currently available with Cisco's L2F, such as load sharing and backup support, will be available in future IOS releases of L2TP
  5. Supports Multihop, which enables Multichassis Multilink PPP in multiple home gateways. This allows you to stack home gateways so that they appear as a single entity.
GRE
1. Generic Route Encapsulation
2. Protocol 47
3. GRE tunnels are designed to be completely stateless. This means that each tunnel end-point does not keep any information about the state or availability of the remote tunnel end-point
4. RFC2784
  1. Packet Form
  2. Security Considerations
    Security in a network using GRE should be relatively similar to security in a normal IPv4 network, as routing using GRE follows the same routing that IPv4 uses natively. Route filtering will remain unchanged. However packet filtering requires either that a firewall look inside the GRE packet or that the filtering is done on the GRE tunnel endpoints. In those environments in which this is considered to be a security issue it may be desirable to terminate the tunnel at the firewall.
5. RFC1701
  1. Packet Header
    1. 4bytes
SSH
1. Secure Shell
2. TCP 22
3. Secure Shell (SSH) is an application and a protocol that provides secure replacement for the suite of Berkeley r-tools such as rsh, rlogin and rcp. (Cisco IOS supports rlogin.) The protocol secures the sessions using standard cryptographic mechanisms, and the application can be used similarly to the Berkeley rexec and rsh tools.
4. Secure Shell or SSH is a network protocol that allows data to be exchanged using a secure channel between two networked devices
5. SSH is typically used to log into a remote machine and execute commands
  1. SSH was designed as a replacement for TELNET and other insecure remote shells,
  2. supports tunneling, Port forwarding, X11 forwarding
  3. Supports the transfer of files using the associated SFTP or SCP protocols.
PGP
1. Pretty Good Privacy
2. Web of Trust
3. Pretty Good Privacy (PGP) is a computer program that provides cryptographic privacy and authentication.
4. PGP is often used for signing, encrypting and decrypting e-mails to increase the security of e-mail communications.
5. Public Key Cryptography!!