25

Internet Protocol Security (IPsec) is a successor of the ISO standard Network Layer Security Protocol (NLSP). What are the advantages, disadvantages, other interesting facts regarding the protocol?

Tom Leek
  • 170,038
  • 29
  • 342
  • 480
Eric Warriner
  • 3,291
  • 3
  • 26
  • 20

4 Answers4

18

IPsec is actually a family of protocols, it has several sub-protocols that could be used or not used, and the overall security depends on each of these in turn and how they're configured:

  • IKE for protocol negotiation and key management
  • AH for authentication, integrity and I think some protocol protection
  • ESP for encryption and then some.

Advantages:

  • Transparent to applications and users (in most scenarios). To emphasize, this is not a trivial point - I have had many times when my recommendations to clients would be to encrypt the channel, e.g. with SSL - however they dont have access to source code, or SSL is not supported by vendor, etc - and IPsec is basically drop-in encryption (as far as the app is concerned) and totally out of view of the app.
  • Very secure, if implemented correctly
  • Less prone to user mistakes (as SSL)
  • More efficient than SSL, if you're encrypting most of the traffic anyway

Disadvantages:

  • Can be complex to deploy, depending on your network and requirements
  • Cannot be used over Internet or with unknown clients (okay not strictly accurate, but still holds for most intents and purposes).
  • Can provide false sense of security to network admins, if deployed incorrectly (e.g. without ESP, but hey I've got IPsec, right?).
  • Much less efficient than e.g. SSL, if you don't need to encrypt all the traffic (but IPsec will do so anyway).
AviD
  • 72,708
  • 22
  • 137
  • 218
8

IPsec provides two modes:

  • Authentication Header: each packet has an attached Message Authentication Code which guarantees its integrity; this also includes some protection against replay attacks (when the attacker sends copies of a previously exchanged packet).

  • Encapsulated Security Payload: each packet is encrypted (and also has a MAC); the encryption covers not only the packet data but also most of the header; a new header is added. This can be used to send the packet to a decrypting host which will then route it to its ultimate destination (the attacker cannot know where the packet is really intended to go).

The cryptography is sound, since it went through the same painful specify-attack-fix cycle than other protocols such as SSL or SSH.

The main difference with SSL is that IPsec runs at the machine level: it protects data from one machine to another, whereas SSL is between applications (e.g. a Web browser and a Web server). In most contexts (but not all), this makes no relevant difference, but it is still good to remember it.

The biggest practical difference is that Average Joe's PC is a fully configured SSL-able engine, but any attempt at IPsec is likely to fail, because it would require Joe to fiddle quite a bit with its configuration (most operating systems implement IPsec, including Windows since Windows 2000, but the implementation is not a problem -- the configuration is).

IPsec is a mandatory component of IPv6, so IPsec will be widespread at least when IPv6 becomes prevalent -- an event which was supposed to take place in 2007...

Thomas Pornin
  • 322,884
  • 58
  • 787
  • 955
4

IPsec was designed to improve security, but again, this protocol is also not so close to ideal solution. One of advantages that comes to mind is security, that is obvious. Depending on situation it may have following disadvantages:

  • encryption / decryption will use some CPU resources;
  • it can be complicated to manage traffic policy for complex networks;
  • promised security is questionable if IPsec is used in transport mode;
  • @Ams, I've never heard that transport mode is directly questionable, in fact this is the default mode as used in point-to-point communications (as opposed to site-to-site). Do you have any resources on that? – AviD Nov 14 '10 at 15:10
  • Well, as it's known, in transport mode only IP payload is encrypted, IP headers remains untouched. This is what allows attacker to conduct analysis on data stream. Those attacks are quite sophisticated, but can provide such information like number of transferred packets. Also there are known attacks on AH, IKE and ESP protocols. What first comes to my mind is old replay-attack. Sure, it all depends on that how configured software and old it is, but we never can blindly say that administrator does his work fairly. –  Nov 14 '10 at 15:36
  • 1
    @Ams, AH and ESP both provide anti-replay. Moreover, AH will prevent the IP headers from being altered (because of the hash). Obviously attacks may invalidate this, but currently none of the known attacks are feasible. And misconfiguration is an issue regardless of mode, tunnel or transport... – AviD Nov 15 '10 at 11:51
  • @AviD, I agree with what you have said - today and with more or less proper configuration such attack is rare to conduct. I was talking specifically about CVE-2006-0905 and cases without AH usage. Also, I would like to point to tool ike-can: http://www.nta-monitor.com/tools/ike-scan/. –  Nov 15 '10 at 12:14
1

It doesn't operate/scale to the needs of cloud-based networks and is therefore irrelevant (or soon to be)

atdre
  • 18,945
  • 6
  • 59
  • 108
  • 2
    More humour? Or are you really such a cloudy fanboy? – AviD Nov 15 '10 at 11:52
  • 1
    @ AviD: Do you see a lot of IPSec going into and out of the cloud? More or less with private clouds? I try not to ever be a fanboy of anything, but I do hate everything fairly equally... – atdre Nov 15 '10 at 12:02
  • A. IPsec has a lot more than just cloud networks, and it will be many decades before everything else is irrelevant; B. Yes, actually depending on the cloud model IPsec CAN be relevant in the cloud too, and even strongly recommended in some cases. C. In this day and age, I can totally sympathize with hating everything equally :). But still, lighten up. – AviD Nov 15 '10 at 13:03
  • @ AviD: I don't need to lighten up -- I'm really laid back and "cool". I guess IPSec is going to be around for a little bit longer than I had planned for it. Maybe we have to wait for IPv6 before it goes away... – atdre Nov 15 '10 at 14:31
  • 4
    Umm... what? IPsec is part of IPv6, and is mandated as part of the protocol. When we all move to IPv6 there's gonna be a whole lot more IPsec goin' round.... Maybe you meant IPv8? – AviD Nov 16 '10 at 05:51