Hp sa3110, sa3150, sa3400, sa3450 virtual private networking concepts guide

hewlett-packard company

virtual private networking

concepts guide

Hewlett-Packard Company

HP: 5971-3009

P/N: A5 5310-00 1

March 2001

Disclaimer

DisclaimerDisclaimer

Information in this document is provided in connection with Hewlett-Packard Company products. No license, express or implied, by estoppel or otherwise, to any intellectual property rights is granted by this d ocument. Except as provided in Hewlett-Packard Company’s Terms and Conditi on s of Sale for such products, Hewlett-Packard Company assumes no liability whatsoever, and Hewlett-Packard Company disclaims any express or implied warranty, relating to sale and/or use of Hewlett-Packard Company products including liability or warranties relating to fitness for a particular purpose, merchantability, or infringement of any patent, copyright or other intellectual property right. Hewlett-Packard Company products are not intended for use in medical, life saving, or life sustaining applications.

Hewlett-Packard Company may make changes to specifications and product descriptions at any time, without notice.

Hewlett-Packard Company Virtual Private Networking

This

Concepts Guide

furnishe d under lic e ns e and ma y only be u s ed or copied i n accordance with the terms of the license. The in formation in this manual is furnished for inf ormation al use onl y, is subject t o change without notice, and should not be construed as a commitment by Hewlett -Packard Company. Hewlett-Packard Company assumes no respon sibility or liabil ity for any errors or inaccuracies that may appear in this document or any software that may be provided in association with this document.

, as well as the software described in it is

Except as permitted by such license, no part of this document may be reproduced, stored in a retrieval system, or transmitted in any form or by any means without the express written consent of Hewlett-Packard Company.

iii

Contents

ContentsContents

HP VPN Concepts Guide Overview

HP VPN Concepts Guide OverviewHP VPN Concepts Guide Overview

HP VPN Concepts Guide Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-1

HP VPN Suite Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-2

Operational Overview. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-5

TCP/IP Basics Overview. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-6

Cryptographic Systems and Encryption Terminology

Cryptographic Systems and Encryption TerminologyCryptographic Systems and Encryption Terminology

Cryptographic Systems and Encryption Terminology Overview . . . . . . . . . . . . . . . . . 2-1

Symmetric Cryptographic Systems. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-3

Data Encryption Standard (DES) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-4

Triple Pass DES. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-5

3DES. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-7

Outer Cipher Block Chaining (CBC) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-8

Asymmetric Cryptographic Systems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-9

Symmetric Vs. Asymmetric Cryptography. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-10

Diffie-Hellman Session Key Exchange. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-11

Key Space and Brute Force Attacks. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-13

Encapsulation and Packet Handling

Encapsulation and Packet HandlingEncapsulation and Packet Handling

Encapsulation Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-1

Secure Profiles . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-2

ESP Encapsulation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-4

SST Encapsulation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-6

Packet Handling . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-7

Packet Keys . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-8

Authentication Methods

Authentication MethodsAuthentication Methods

Authentication Methods Overview. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-1

Certificate Authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-2

Challenge Phrase Authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-3

SecurID Authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-4

RADIUS Authentication. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-5

Entrust Authentication. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-6

Firewalls and Tunnels

Firewalls and TunnelsFirewalls and Tunnels

Firewall and Tunnels Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-1

Firewall Functions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-2

Hewlett-Packard Company Virtual Private Networking Concepts Guide i

Filters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-6

Tunnel Types. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-8

Site-to-Site Tunnels. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-9

Single-User Tunnels . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-12

Multiuser Tunnels. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-16

Tunnel Modes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-20

One-Way In Firewall Rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-22

One-Way Out Firewall Rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-24

Outbound Proxy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-26

Inbound Proxy. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-28

Tunnel Termination and Firewall Rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-31

Load Balancing and Redundancy

Load Balancing and RedundancyLoad Balancing and Redundancy

Load Balancing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-1

Redundancy. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-2

Hewlett-Packard Company Virtual Private Networking Concepts Guide ii

HP VPN Concepts Guide Overview

HP VPN Concepts Guide OverviewHP VPN Concepts Guide Overview

HP VPN Concepts Guide Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-1

HP VPN Suite Overview. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1-2

Operational Overview. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1-5

TCP/IP Basics Overview. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1-6

H PP

P V

VP PP

PN NN

N C

Co oo

Gu uu

Ov vv

Hewlett-Packard Company Virtual Private Networking Concepts Guide

ve OO

ui GG

on CC

C NN

N PP

PN VV

V PP

P H

Hewlett-Packar d Company Virtual Pri vate Networking Concepts Guide

HP VPN Concep ts Guide Overview

HP VPN Concepts Guide Overview

HP VPN Concepts Guide OverviewHP VPN Concepts Guide Overview

The purpose of this HP VPN Concepts Guide is to provide you with information on the Hewlett-Packard Company virtual private networking (VPN) suite, consisting of five modular components that work together to provide s ecu re communications across any network. The term VPN device is used in this document to refer to the HP VPN Server Appliance SA3110/SA3150/SA3400/SA3450 devices.

In addition, the

Networking Concepts Guide

and theory on topics ranging from firewall functions and cryptographic systems to authentication types and encapsulation.

Contents

Contents HP VPN Suite Overview (page1-2)

ContentsContents

Operational Overview (page 1-5) TCP/IP Basics Overview (page 1-6) Encapsulation Overview (page 3-1) Packet Handling (page 3-7) Authentication Methods Overview (page 4-1) Cryptographic Systems and Encryption Terminology Overview

(page 2-1) Firewall and Tunnels Overview (page 5-1) Load Balancing (page 6-1) Redundancy (page 6-2)

Hewlett-Packard Compan y Vi rtual Private

provides background information

Hewlett-Packard Company Virtual Private Networking Concepts Guide 1-1

HP VPN Concepts Guide Overview

HP VPN Suite Overview

HP VPN Suite OverviewHP VPN Suite Overview

The HP virtual private networking (VPN) suite consists of three modular components that work together to provide secure communications acro ss any network:

• VPN device

• HP SA3000 Series VPN Manager

• HP SA3000 Series VPN Client

VPN Device

VPN Device The VPN device is a hardware/software security system,

VPN DeviceVPN Device

responsible for processing data packets as they pass between the public side and the private side of a network. The VPN device is designed to perform three major functions:

• At the communications level, the VPN device can act as either a router or as a bridge.

• As a packet encryptor, the VPN device can selectively encrypt and decrypt data b ased on source and dest in ation addresses and ports. This provides t he flexibility of sending both encrypted and clear data us ing the same infrastructure, without compromising your centrally managed security policy.

• As a firewall, the VPN device can be used as a packet filter and a stateful inspe ction proxy. The VPN device goes further than tr aditional firewalls , howeve r , by adding authe ntica tion to the fir ewall function, which allows the creation of truly secure virtual private networks.

The VPN device includes an industry-standard PCI bus card, which accelerates encryption and decryption to Local Area Network speeds. The card incorporates a dedicated ASIC chip optimized for DES and Triple Pass DES encryption and provides a significant increase in throughput over software-only encryption impleme ntat io ns.

HP SA3000

HP SA3000 HP SA3000 Series VPN

Series VPN

Series VPN Series VPN Manager

Manager

ManagerManager

1-2 Hewlett-Packard Company Virtual Private Networking Concepts Guide

The VPN Manager is a software p ackage based in Windows 95 or Windows NT that ce ntrall y monitors and configures the VPN devices in your network. Using a powerful graphical user interface (GUI), you can configure and monitor VPN devices deployed in the field. The VPN Manager is also used to define and grant access to VPN Client users.

HP SA3000

HP SA3000 HP SA3000 Series VPN

Series VPN

Series VPN Series VPN Client

Client

ClientClient

HP VPN Server

HP VPN Server HP VPN Server Appliance

Appliance

Appliance Appliance SA3110/SA3150/

SA3110/SA3150/

SA3110/SA3150/SA3110/SA3150/ SA3400/SA3450

SA3400/SA3450

SA3400/SA3450 SA3400/SA3450 Product Suite

Product Suite

Product SuiteProduct Suite

HP VPN Suite Overview

The VPN Client is a software package based in Windows 95 or Windows NT th at provides deskto p-to-gatewa y secu rity withi n a LAN or across any WAN.

Because all VPN devices operate at the network layer, the VPN Client is completely transparent to users and works with any application. With the VPN Client, users ca n dial in to any Internet service provider (ISP) and create a secure channel back to your network, which eliminates the need for expensive dial-in equipment and toll-charges.

The VPN suite supports the use of secure tokens. These tokens are a tamper-resistant PCMCIA card designed to meet FIPS-1401 level 2 criteria. The token stores and performs all public key operations while keeping private keys secure from attacks.

The VPN devices are designed to grow with your network. If you only have a few sites, you can operate them wi th only a few VPN devices. As your network grows, you can add additional VPN devices, remote clients, and central management at any time. These components are illustrated next in a typical network configuration.

Hewlett-Packard Company Virtual Private Networking Concepts Guide

1-3

HP VPN Concepts Guide Overview

Branch or Supplier's Office

Related Related Information

Information

InformationInformation

Office PCs

VPN Device

Office PCs

Existing

Server

Branch or Supplier's Office

VPN Device

Firewall

Figu r e : Typical Netw ork Configura t i on

Figu r e : Typical Netw ork Configura t i onFigu r e : Typical Netw ork Configura t i on

(Mail, Web)

Router

VPN ManagerServers

Internet

Operational Overview (page 1-5) TCP/IP Basics Overview (page 1-6)

Office PCs

Servers

(Mail, Web)

Router

Laptop Computers

With modems

Router

Internet Sites

VPN Client

HP VPN Concepts Guide Overview (page1-1)

1-4 Hewlett-Packard Company Virtual Private Networking Concepts Guide

Related Related Information

Information

InformationInformation

Operational Overview

Operational OverviewOperational Overview

The VPN devices fit into typical network configurations in various locations. VPN devices often sit at the gateway between LANs and WANs. All data into and out of a protected LAN passes through the VPN device for proces sing. The VPN Client software package runs on PCs either directly connected to a LAN or remotely located and connect to the WAN by means of a dial-up connection.

VPN devic es are configu red by using the VPN Ma nager (which runs on a Windows 95 or Win dows NT workstat ion), a command line interface from a console, or through a Telnet sess ion from a computer on the VPN's trusted netw or k.

HP VPN Conce pts Guide Overview (page1-1) TCP/IP Basics Overview (page 1-6)

Hewlett-Packard Company Virtual Private Networking Concepts Guide

1-5

HP VPN Concepts Guide Overview

TCP/IP Basics Over view

TCP/IP Basics Over viewTCP/IP Basics Over view

The VPN devices operate on Transmission Control Protocol/ Internet Protocol (TCP/IP) ne tw orks . TCP/IP is the foundation of the Internet. To fully appreciate how the VPN devices work, you need to understand some basic TCP/IP terms.

Packe ts an d

Packe ts an d Packe ts an d Packe t H e ade rs

Packe t H e ade rs

Packe t H e ade rsPack e t H e ade rs

Communications in a TCP/IP network are broken into small chunks called packets. The typical maximum packet size carried over TCP/IP networks is 1500 bytes. Each packet carries s o me user data called payl oad. Th e payl oad could be part of an e- mail message or a Web page. Every packet also has some control information that i ndicates w here the packet origi nated, where it is going, and what application should receive it when it arrives. This information is referred to as the packet header. A simplified packet example is shown in the following diagram.

Figure:

Figure: Simple Packet Diagram

Figure: Figure:

Simple Packet Diagram

Simple Packet DiagramSimple Packet Diagram

IP Address

IP Address All devices on a TCP/IP network must have at least one address

IP AddressIP Address

called an IP address. This address uniquely identifi es the device on a network (actually in the entire world). For example, "Test Company's" Web server has the following IP address:

205.250.128.2.

There are some reserved IP addresses that are never assigned, which are called unroutable. Anyo ne can use these add resses on a closed network. Well-known unroutable IP addresses start with 10.x.x.x and 192. 168. x.x, w here x is an y n umb er between 1 and 254.

Subnet Mask

Subnet Mask One function of a subnet mask is to tell a device what other

Subnet MaskSubnet Mask

addresses it can directly communicate with. An example of a subnet mask is 255.255.255.0, which defines a class C subnet. Each component of the subnet mask (either 255 or 0 in the example) is called an octet. A class C subnet mask means that there are 254 addresses with which the device can directly communicate.

1-6 Hewlett-Packard Company Virtual Private Networking Concepts Guide

TCP/IP Basics Overview

For example, "Test C ompany" is assigned a full class C. This means "Test Company" can use any address betwe e n

205.250.128.1 up to 205.250.128. 254. The addresses 205.250.128.0

and 205.250.128.255 are also part of the addresses in the class C subnet, but are res erved for broadcasting and cannot be assigned to any devices on the network (often called bo undar y addresses).

If you want to break your clas s C into separate networks, y o u do this by varying the last octet of the subnet mask. If you make your subnet mask 255.255.255.128, your class C is split into 2 parts. This gives you one subnet containing the addresses from

205.250.128.1 to 205.250.128.126 and another subnet containing

205.250.128.129 to 205.250.128.254.

When you work with the full class C, there are 2 boundary addresses reser ved for broadcasts. E very subnet requires 2 addresses for broadcasts. When you split your class C into 2 parts, you must still have broadcast ad dr esses in each subnet. The first subnet uses 205.250.128.0 and 205.250.128.127 for broadcasts while the second uses 205.250.128.128 and

205.250.128.255.

When you have the full class C, there are 254 addresses you can use. Once the class C is split into two subnets, there are 126 addresses in each subnet for a total of 252 addresses.

The following values, if placed in the last octet of the subnet mask, divide a class C subnet into smaller subnets.

Decimal Value

Decimal Value Decimal Value (Binary Value)

(Binary Value)

(Binary Value)(Binary Value)

Number of Subnets

Number of SubnetsNumber of Subnets

255 (1111-1111) 254 1 254 (1111-1110) 128 0 252 (1111-1100) 64 2 248 (1111-1000) 32 6 240 (1111-0000) 16 14 224 (1110-0000) 8 30

Hewlett-Packard Company Virtual Private Networking Concepts Guide

Number of

Number of Number of Addresses in Each

Addresses in Each

Addresses in Each Addresses in Each Subnet

Subnet

SubnetSubnet

1-7

HP VPN Concepts Guide Overview

192 (1100-0000) 4 62 128 (1000-0000) 2 126 0 (0000-0000) 1 254

Note:

Note: If you d ivide your class C into more and mor e subnets, the

Note: Note: number of available addresses becomes smaller and smaller.

Routing Table

Routing Table When a device creates a packet for transmission, it looks at the

Routing TableRouting Table

destina t ion IP address. If the address is on t he same su bn et as the device (as defined by the subnet mask), the device looks for the address on its LAN. If the destination device responds, the originating device transmits the packet directly to the destination. However, if the destination device is not found locally, the originating de vice must decide what to do with the packet.

The rules upon which the device bases the decision are called routes, which are stored in a routing table. The routing table maps network addresses to gateways. B asi cally, it tells the device that if it has a packet dest ined for a certain network, the packet should be sent to a specific gateway. The gateway can be any device such as a router or a switch that can send the packet out of the local subnet.

Static routes are entries in the routing table that do not change. They are often defined on routers and switches when network topologies become complex and the network administrator wants to force packets to go in a certain k nown direc t ion (that is, through a specif ic gateway ). Dynamic rou tes are e ntries in the routing table that may change over time. This type of route is usually added automatically, based on some network routing protocol.

Default Gateway

Default Gateway The routing table usually has a route of last resort known as a

Default GatewayDefault Gateway

default gateway. The default gateway is where the originating device sends any packet for which it has no specific rule in its routing table. Most desktop computers do not have static routes added to them and therefore rely on the default gateway being set to be able to communicate outside t heir lo cal subnet. This

1-8 Hewlett-Packard Company Virtual Private Networking Concepts Guide

TCP/IP Basics Overview

implies that the default gateway's IP address must be on the same subnet as the originating device. Computers can directly communicate only wit h devices on their local subnet (as defined by their IP address and subnet mask).

Default gateways are what make the Internet work. When a packet is created by a desktop computer destined for an address on the Internet, the desktop computer often sends the packet to its default gateway. The default gateway is often an edge router connecting the LAN (on which the desktop computer is sitting) to the Internet. The edge router probably does not have specific routes telling it what to do with the packet. The edge router, therefore, most l ikely sends the pack et off to its def ault gateway. This cycle occurs until th e packet arrives at a devi ce that knows where to find the destination address.

Application Port

Application Port When a computer (or an y network device) receives a packet, the

Application PortApplication Port

computer decides what to do with it. The computer may have many different program s running simultane ously (for example, a mail server and a Web server). Each program expecting to receive or send packets from or to a network opens something called a socket. If you look at an IP address as a street address that identifies a building, then an open socket can be compared to a room number within the building. The number given to a socket is called an applica t i o n port number.

Each packet contains both a source application port and destination application po rt in it s hea der. The destination application port number is used by the receiving computer to decide which pro gram should be given the payload of the packet for final proce ssi ng.

Many application port numbers are standard. Some common numbers ar e port 80, which is associated wit h http (www ) packets; port 25, wh ich is associated with SMTP mail; port 110 (POP3 mail); port 23 (Telnet); and port 21 (FTP). Therefore, when Web servers start, they usually connect to port 80 and listen for requests to come in. Note that a Web server can be configured to listen on another port, but most follow the standard.

Packets with the source and destination applic ati o n ports set to 2233 are encrypted with a HP VPN device.

Hewlett-Packard Company Virtual Private Networking Concepts Guide

1-9

HP VPN Concepts Guide Overview

Related Related Information

Information

InformationInformation

HP VPN Concepts Guide Overview (page1-1) Operational Overview (page 1-5)

The Template Concept

1-10 Hewlett-Packard Company Virtual Private Networking Concepts Guide

Cryptographic Systems and Encryption Terminology

Cryptographic Systems and Encryption TerminologyCryptographic Systems and Encryption Terminology

Cryptographic Systems and Encryption Terminology Overview . . . . . . . . . . . . . . . . . 2-1

Symmetric Cryptographic Systems. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2-3

Data Encryption Standard (DES) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2-4

Triple Pass DES. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2-5

3DES. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2-7

Outer Cipher Block Chaining (CBC) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2-8

Asymmetric Cryptographic Systems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2-9

Symmetric Vs. Asymmetric Cryptography. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2-10

Diffie-Hellman Session Key Exchange. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2-11

Key Space and Brute Force Attacks. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2-13

C rr

ms ss

En nn

Te ee

mi ii

Hewlett-Packard Company Virtual Private Networking Concepts Guide

in mm

er TT

nc EE

s mm

ry C

Hewlett-Packar d Company Virtual Pri vate Networking Concepts Guide

Cryptographic Systems and Encryption Terminology

Cryptographic Systems and E ncryption

Cryptographic Systems and E ncryption Cryptographic Systems and E ncryption

Terminology Overview

Terminology OverviewTerminology Overview

When Julius Caesar sent messages to his trusted acquaintances, he did not trust the mes sengers. So he replaced every A with a D, every B with an E, and so on throughout the alphabet. This was the beginning of cryptography. Only those who knew the "shift by 3" rule could decipher his messages.

A cryptographic system is a method of disguising messages so that only certain people can see through the disguise. Cryptography is the art of creating and using cryptographic systems.

The original message is called a plaintext. The disguise d message is called ciphertext. Encryption means any procedure to conver t plaintext into ciphertext. Decryption means any procedure to convert ciphertext into plaintext.

The term cryptographic system refers to a set of encryption and decryption algorith ms. The algorithms are labeled and the labels are called keys. For example, Caesar probably used "shift by n" encryption for several different values of n. It is natural to say that n is the key here.

Two general types of cryptograp hic systems exist: symmetric cryptographic systems and asymmetric cryptographic systems.

Encryption

Encryption Encryption is a mathematical operation that transforms data

EncryptionEncryption

from cle a r te xt to cipher text. Us ually the math ema tical operation requires that a key be supplied along with the clear text.

Encryption, therefore, can be expressed as t he formula:

Cipher Text = f ( Clear Text , Ke )

In this formula, f represents some mathematical operati on or algorithm and Ke represents a key.

Decryption is the opposite of encryption, a mathematical operation that transforms cipher text to clear text. Decryption usually requires a key and can be expressed as the formula:

Clear Text = g ( Cipher Text , Kd )

Hewlett-Packard Company Virtual Private Networking Concepts Guide 2-1

Cryptographic Systems and Encryption Terminology

In this formula, g represents a mathematical operation, which "undoe s" the s t eps per formed b y the algorithm f, and Kd represents a key.

Related Related Information

Information

InformationInformation

Symmetric Cryptographic Systems (page 2-3) Asymmetric Cryptographic Systems (page 2-9) Symmetric Vs. Asymmetric Cryptography (page 2-10)

2-2 Hewlett-Packard Company Virtual Private Networking Concepts Guide

Symmetric Cryptographic Systems

Symmetric Cryptographic Sys tems

Symmetric Cryptographic Sys temsSymmetr ic Cr yptographic Sys tems

A very simple encryption algorithm involves shifting the letters of the alphabet to the right by some offset. For example if you had the clear text "AT" and decided to encrypt this data by shifting each letter 3 letters to the right, you would end up with DW. In this example, the clear text is AT, the key is 3, the algorithm is "shift K letters to the right," and the cipher text i s DW. Your encryption formula would look like this:

DW = shift-right ( AT , 3 )

Of course, decryption in this case involves shifting the letters of the cipher text to the left by the same offset used when the data was encrypted. Therefore, your decryption formula would look like this:

AT = shift-left ( DW , 3 )

Note that the key used to encrypt the data is the same key used to decrypt the data.

Ke = Kd

This algorithm is therefore referred to as symmetric. In this case, the person encrypting the data and the person decrypting the data must both know the same key. The strength of the system relies on the key being kept secret. Symmetric cryptography is therefore often referred to as secret key cryptography.

A real world metaphor for symmetric cryptography is a lock box with a single lock. To safely transfer an object from one person to another, the first person opens the box with a key, puts the object in the box, and then locks the box. The second person needs only a copy of the key, and can then open the box and retrieve the object.

Related Related Information

Information

InformationInformation

Hewlett-Packard Company Virtual Private Networking Concepts Guide

Data Encryption Standard (DES) (page 2-4) Triple Pass DES (page 2-5) 3DES (page 2-7)

2-3

Cryptographic Systems and Encryption Terminology

Data Encryption Standard (DES)

Data Encryption Standard (DES)Data Encryption Standard (DES)

The Data Encryption Standard (DES) is a well-known and thoroughly tested cryptographic system. The DES algorithm is a very complex symmetric algorithm that specifies that data be encrypted in 64-bit b lo cks . A 64-bit block of clear text goes into the algorithm al ong with a 56-bit ke y. The resul t is a 64-b it block of cipher text. Since the key size is fixed at 56 bits, the number of keys available (the key space) is 256 different keys (about 72,000,000,000,000,000 keys). This is a huge increase over the size of the key space in simple cryptographic systems.

A recent report by a group of scientists from AT&T Research, Sun Microsystems, the MIT Laboratory for Computer Science, the San Diego Supercomputer Center, Bell Northern Research and others, entitled "Minimal Key Lengths for Symmetric Ciphers to Provi de Adequate Commercial S ecurity (Blaze, Dif fie, Rivest, Schneier, Shimomura, Thompson and Wiener)" found that a pedestrian hacker with US $400 to spend requires about 38 years of effort to decode data encrypted with DES with its large key space. Unfortunately, they also determined that a large organization with US $300 million to spend could crack a 56-bit key space in about 12 seconds, using brute force techniques. They estimate that a 90-bit key protects data for about 20 years in the face of expected advances in computing power.

Related Related Information

Information

InformationInformation

2-4 Hewlett-Packard Company Virtual Private Networking Concepts Guide

Triple Pass DES (page 2-5) 3DES (page 2-7) Outer Cipher Block Chaining (CBC) (page 2-8)

Triple Pass DES

Triple P ass DES

Triple P ass DESTriple P ass DES

Triple Pass DES is a cryptographic system that uses multiple passes of the DES algorithm to increase the effective key space available to the system. In triple pass DES, the clear text data is first encrypted with a 56-bit key. The resul ting cipher text is th en decrypted with a different key. Decrypting cipher text w i th the wrong key will result in unreadable data. Finally the unread able data is encrypted again wi th the first key. This implementatio n of triple pass DES is known as EDE (for Encr ypt, Decrypt, Encrypt) and the technique increases the effective key len gth from 56 bits to 112 bits. Note that 90-bit keys should protect encrypted data for about 20 years.

Go back to the simple Symmetric Cryptographic Systems (page 2-3) to illustrate the EDE technique. Assuming that the

clear text is AT

1. Encrypt with the key set to 3.

DW = shift-right( AT , K1 = 3 )

2. Decrypt the result DW with a different key (for example, 5 ).

YR = shift-left( DW , K2 = 5 )

Note that the result in this case is not the original clear text. Now encrypt the result YR wi th the key used in the first step.

BU = shift-right( YR , K1 = 3 )

the following steps are involved:

The final cipher text is BU. When this cipher text is received, the decoding process must be performed in reverse (DED). The decoder must know the 2 keys (K1 = 3 and K2 = 5) and then make 3 passes:

1. Decrypt with the key set to 3.

YR = shift-left( BU , K1 = 3 )

2. Encrypt with the key set to 5.

DW = shift-right( YR , K2 = 5 )

3. Decrypt with the key set to 3.

AT = shift-left( DW , K1 = 3 )

The steps for both the triple pass DES technique and the 3DES technique are illustrated with the simple symmetric cryptographic system in the following table.

Hewlett-Packard Company Virtual Private Networking Concepts Guide

2-5

Cryptographic Systems and Encryption Terminology

Algorithm

AlgorithmAlgorithm

Clear

Clear Clear Text

Text

TextText

After

After After First

First

First First Encrypt

Encrypt

Encrypt Encrypt EEEE

After

After After First

First

First First Decrypt

Decrypt

Decrypt Decrypt DDDD

After

After After Second

Second

Second Second Encrypt

Encrypt

Encrypt Encrypt EEEE

Related Related Information

Information

InformationInformation

Triple Pass DES (Key Space = 2*26

AT K1 = 3

=52) 3DES

(Key Space = 3*26

AT K1 = 3

=78)

3DES (page 2-7) Data Encryption Standard (DES) (page 2-4) Outer Cipher Block Chaining (CBC) (page 2-8)

K2 = 5 YR

K1 = 3 BU

K3 = 4 CV

2-6 Hewlett-Packard Company Virtual Private Networking Concepts Guide

3DES

3DES3DES

3DES is a symmetric cryptographic system that uses multiple passes of the DES algorithm to increase the effective key space available to the system even further than triple pas s DES. Use the same EDE technique as in Triple Pass DES (page 2-5), except that 3 different keys are u sed. Therefore, in pass 3 of Triple Pass DES, you would sel ect a third key (K3 = 4), which increases the effective key length from 56 bits for simple DES to 168 bits for 3DES.

The steps for both the triple pass DES technique and the 3DES technique are illustrated with the simple symmetric cryptographic system in the following table.

After

Algorithm

AlgorithmAlgorithm

Clear

Clear Clear Text

Text

TextText

After

After After First

First

First First Encrypt

Encrypt

Encrypt Encrypt EEEE

After

After After First

First

First First Decrypt

Decrypt

Decrypt Decrypt DDDD

3DES

After

After After Second

Second

Second Second Encrypt

Encrypt

Encrypt Encrypt EEEE

Related Related Information

Information

InformationInformation

Triple Pass DES (Key Space = 2*26

AT K1 = 3

=52) 3DES

(Key Space = 3*26

AT K1 = 3

=78)

Data Encryption Standard (DES) (page 2-4) Outer Cipher Block Chaining (CBC) (page 2-8)

K2 = 5 YR

K1 = 3 BU

K3 = 4 CV

Hewlett-Packard Company Virtual Private Networking Concepts Guide

2-7

Cryptographic Systems and Encryption Terminology

Outer Cipher Block Chaining (CBC)

Outer Cipher Block Chaining (CBC)Outer Cipher Block Chaining (CBC)

Outer Cipher Block Chain ing or outer-CBC is a techni que used to further strengthen the DES, triple pass DES, and 3DES algorithms. This technique involves injecting random spoiler data into the encryption algo rithm so that identical blocks of clear text d oes not resul t in the s ame cipher text even if the same key is used repeatedly. Therefore, if the clear text s tri ng " A T" is encrypted a thousand times with the same key, the resulting cipher text would be different each time. This is important since most file structures and application protocols use identical header information.

Related Related Information

Information

InformationInformation

Data Encryption Standard (DES) (page 2-4) Triple Pass DES (page 2-5) 3DES (page 2-7)

2-8 Hewlett-Packard Company Virtual Private Networking Concepts Guide

Asymmetric Cryptographic Systems

Asymmetric Cryptographic SystemsAsymmetric Cryptographic Systems

Some algorithms do not use the same key to encrypt and d ecrypt. These algorithms are referred to as asymmetric, are usually complex, and often rely on the properties of very large prime numbers. A simple asymmetric algorithm, similar to the symmetric example, uses the same formula for encryption:

DW = shift-right ( AT , 3 )

In the symmetric examp le the encryption was "undone" usin g the mathematical operation of "shift-left." If you change the decryption operatio n to "shift- righ t," you need a di ffere n t key to arrive back at the clear text:

AT = shift-right ( DW , -3 )

Note that the key used to decrypt the cipher text in this case is different from the key used to encrypt th e clear text. T he keys, however, are related. The relationship between the keys in the simple asymmetric algorithm can be expressed:

Ke = -1 * Kd

When asymmetric cryptography is used, the person doing the encrypting does not need to know the same key as the person doing the decrypting.

Asymmetric cryptography is often referred to as a public key cryptography. The public and private keys used in asymmetric cryptography are sometimes called key pairs, and are always related through some mathematical operation.

Related Related Information

Information

InformationInformation

Hewlett-Packard Company Virtual Private Networking Concepts Guide

Symmetric Cryptographic Systems (page 2-3) Symmetric Vs. Asymmetric Cryptography (page 2-10) Key Space and Brute Force Attacks (page 2-13)

2-9

Cryptographic Systems and Encryption Terminology

Symmetric Vs. Asymmetr ic Cryptogra phy

Symmetric Vs. Asymmetr ic Cryptogra phySymmetric Vs. Asymmetr ic Cryptogra phy

Symmetric and asymmetric cryp tograph y have some significant differences. Symmetric cryptography tends to be fast compared to asymmetric cryptography. Therefore, symmetric algorithms are often used when large quantities of data need to be exchanged and the 2 parties are known to each other. Conversely, a symm et ric algorithms are used when small quantities of data need to be exchanged or the 2 parties are not known to each other.

Asymm et r ic cryptogr aphy is often used during authentication processes. Another significant di fference between the 2 types of cryptographic systems is the length of the keys required by the algorithms. The keys used in symmetric algorithms are usually much smaller than those used in asymmetric algorithms, as described in the following table.

Speed Fast Slow

Symmetric

Symmetric Asymmetric

SymmetricSymmetric

Asymmetric

AsymmetricAsymmetric

Key size Relatively small Extremely large Key usage Shared secret Public/private Usual usage Bulk data transfer Authentication Examples DES, Triple Pass

DES, 3DES, rc4

Related Related Information

Information

InformationInformation

2-10 Hewlett-Packard Company Virtual Private Networking Concepts Guide

Asymmetric Cryptographic Systems (page 2-9) Symmetric Cryptographic Systems (page 2-3) Key Space and Brute Force Attacks (page 2-13)

RSA, PGP

+ 69 hidden pages