基于扩展认证机制的IKEv2研究
摘要
IPsec已成为构建VPN的国际标准之一,而互联网密钥交换协议(IKE)又是IPsec实现中首选的密钥交换协议。但由于它是一种混合型的协议,其自身的复杂性不可避免带来一些安全及性能上的缺陷。为此IETF于2005年12月正式推出新的IKE标准——RFC4306 IKEv2。IKEv2是在IKEvl基础上改进的结果,保留了第一版本的大部分特性,如身份隐藏、PFS、两个阶段的协商等特性,同时重新设计了某些部分,在强壮性、高效性和安全性上都显著提供。其中,相比之前版本增加了对扩展认证的支持。扩展认证协议是一个框架性协议,通过在IKEv2上支持扩展认证,可以用新的多种安全性更高的认证方式来取代目前白带的与共享密钥方式和证书方式。
论文的研究目标通过IKE两个版本的分析对比,发现新版本的优势所在;然后分析目前EAP的实现形式,寻找一种可行的EAP与IKEv2结合的实现方式;再通过实现IKEv2来提高密钥交换的安全性,进而实现其新增的扩展认证功能,给使用IKEv2和IPsec带来更多的灵活性。论文首先分析研究了IPsec协议及相关内容掌握IPsec的体系结构和工作机制;进而分析研究IKEv2协议及其扩展功能和较之前版本的优势;然后分析扩展认证协议的应用情况,以及为了使用扩展认证RADIUS协议做出的相应修改;之后在深入研究相关协议的基础上,设计实现能够进行扩展认证的密钥管理系统。本系统运行在操作系统的用户空间,由配置管理模块、网络通信模块、密钥协商模块、载荷处理模块、算法处理模块、IPsec模块和线程处理等七大模块组成。采用NETLINK套接字与操作系统内核XFRM相关结构构建的安全数据库进行通信。本文对各个模块的设计思想和功能划分进行了描述,并介绍了其工作流程。测试结果表明,能够完成在设计的多种情况下经过协商建立IKE_SA并最终建立IPsec SA。
IPsec has become one of the international standards of VPN. And Internet Key Exchange Protocol (IKE) has become the preferred internet key exchange protocol in the realization of IPsec. While, because it is a kind of mixed protocol, its complexity brings some inevitable limitations. To improve these limitations, IETF published a new version of IKE standard--RFC4306 IKEv2 in December 2005. IKEv2 is designed based on the previous version. Most of the features of IKEv1 were reserved, such as identity hiding, perfect forward safe, two phases of negociations etc. Some parts of the previous version standard were redesigned to make it more robust, effcient and safe. One of the enhancements is adding the support for extensible authentication. Extensible Authentication Protocol (EAP) is a frame-like protocol. After supporting EAP, It can use more kinds of authentication method, which are much safer, to replace the Pre-Shared Key and Certification.
The target of the paper is to find the advantages of the new version IKE through comparing between the two. Then find a feasible impletement way to combine IKEv2 and EAP, through analysing the applications of EAP. In the end, enhance the security of the process of Key Exchange using IKEv2, and to impletement its expanded function ? Extensible Authentication function, in order to bring both IKEv2 and IPsecmore security and flexibility. Firstly, the paper analysises and researches the IPsec protocol and related materials to master its architecture and working mechanism. Then, analysises and researches the IKEv2 protocol, its expanded function, its advantages and the Extensible Authentication protocol. Lastly, based on the work mentioned above, design and implement the IKEv2 system which not only has basic key exchange functions, but also has one of the expanded functions ? Expensible Authentication. This system runs in the user space of the operation system. It consists of the following seven modules: configuration and management modules, network communication module, key exchange module, payload disposing module, algorithm disposing module, IPsec module and thread disposing module. It adopts the NETLINK socket for communication between IKE and the operating system kernel secure database, which construct by XFRM. In this paper, the design conceptunction of the various modules are described and their work processes are introduced. The test results show that the system can make the key exchange in designed differents kinds of circumstances, can establish IKE SA, and at last establish IPsec SA.
论文的研究目标通过IKE两个版本的分析对比,发现新版本的优势所在;然后分析目前EAP的实现形式,寻找一种可行的EAP与IKEv2结合的实现方式;再通过实现IKEv2来提高密钥交换的安全性,进而实现其新增的扩展认证功能,给使用IKEv2和IPsec带来更多的灵活性。论文首先分析研究了IPsec协议及相关内容掌握IPsec的体系结构和工作机制;进而分析研究IKEv2协议及其扩展功能和较之前版本的优势;然后分析扩展认证协议的应用情况,以及为了使用扩展认证RADIUS协议做出的相应修改;之后在深入研究相关协议的基础上,设计实现能够进行扩展认证的密钥管理系统。本系统运行在操作系统的用户空间,由配置管理模块、网络通信模块、密钥协商模块、载荷处理模块、算法处理模块、IPsec模块和线程处理等七大模块组成。采用NETLINK套接字与操作系统内核XFRM相关结构构建的安全数据库进行通信。本文对各个模块的设计思想和功能划分进行了描述,并介绍了其工作流程。测试结果表明,能够完成在设计的多种情况下经过协商建立IKE_SA并最终建立IPsec SA。
IPsec has become one of the international standards of VPN. And Internet Key Exchange Protocol (IKE) has become the preferred internet key exchange protocol in the realization of IPsec. While, because it is a kind of mixed protocol, its complexity brings some inevitable limitations. To improve these limitations, IETF published a new version of IKE standard--RFC4306 IKEv2 in December 2005. IKEv2 is designed based on the previous version. Most of the features of IKEv1 were reserved, such as identity hiding, perfect forward safe, two phases of negociations etc. Some parts of the previous version standard were redesigned to make it more robust, effcient and safe. One of the enhancements is adding the support for extensible authentication. Extensible Authentication Protocol (EAP) is a frame-like protocol. After supporting EAP, It can use more kinds of authentication method, which are much safer, to replace the Pre-Shared Key and Certification.
The target of the paper is to find the advantages of the new version IKE through comparing between the two. Then find a feasible impletement way to combine IKEv2 and EAP, through analysing the applications of EAP. In the end, enhance the security of the process of Key Exchange using IKEv2, and to impletement its expanded function ? Extensible Authentication function, in order to bring both IKEv2 and IPsecmore security and flexibility. Firstly, the paper analysises and researches the IPsec protocol and related materials to master its architecture and working mechanism. Then, analysises and researches the IKEv2 protocol, its expanded function, its advantages and the Extensible Authentication protocol. Lastly, based on the work mentioned above, design and implement the IKEv2 system which not only has basic key exchange functions, but also has one of the expanded functions ? Expensible Authentication. This system runs in the user space of the operation system. It consists of the following seven modules: configuration and management modules, network communication module, key exchange module, payload disposing module, algorithm disposing module, IPsec module and thread disposing module. It adopts the NETLINK socket for communication between IKE and the operating system kernel secure database, which construct by XFRM. In this paper, the design conceptunction of the various modules are described and their work processes are introduced. The test results show that the system can make the key exchange in designed differents kinds of circumstances, can establish IKE SA, and at last establish IPsec SA.
引文
[1]S.Kent,R.Atkinson.Security Architecture for the Internet Protocol.RFC2401.November 1998.Page(s):3
[2]S.Kent,R.Atkinson.IP Encapsulating Security Payload(ESP).RFC2406.November 1998.Page(s):3-4
[3]S.Kent,R.Atkinson.IP Authentication Header.RFC2402.November 1998.Page(s):7
[4]D.Harkins,D.Carrel,The lnternet Key Exchange(IKE).RFC2409.Nov 1998.Page(s):16
[5]C.Kaufman,Ed.Internet Key Exchange(IKEv2)Protocol.RFC 4306.December 2005Page(s):2,27-29,36,40-42
[6]B.Aboba,L.Blunk,J.Vollbrecht,J.Carlson,H.Levkowetz,Ed.Extensible Authentication Protocol(EAP).RFC 3748.June 2004.Page(s):36-37
[7]W.Aiello,S.M.Bellovin,M.Blaze,R.Canetti,J.Ioannidis,A.D.Keromytis,0.Reingold.Just fast keying(JFK).draft-ietf-ipsec-jfk-04.2002.Page(s):3
[8]陈熊贵.基于Linux的IPSec的研究与实现[学位论文].上海交通大学.2006.页27-29
[9]Faigl,Lindskog,Brunstrom.Analyzing IKEv2 Performance when Protecting Mobile IPv6Signaling.Wireless Communication Systems,2007.ISWCS 2007.4th International Symposium on 17-19 Oct.2007 Page(s):390-395
[10]马士.IPSec协议实现及其现状分析.计算机工程.2006第7期.页33
[11]孙仁洲.IPv6安全机制(IPSec)研究[学位论文].电子科技大学.2006.页45-46
[12]VijayBollapragada,Mohamed Khalid,ScottWainner著.袁国忠译.IPsec VPN设计.第一版.北京.人民邮电出版社.2006.页66-67
[13]J.Schiller.Cryptographic Algorithms for Use in the Internet Key Exchange Version 2(IKEv2).RFC 4307.December 2005.Page(s):19,33
[14]Y.Nir.Repeated Authentication in lnternet Key Exchange(IKEv2)Protocol.RFC 4478.April 2006.Page(s):26-29
[15]Haddad,Mirmohamadi.Comparative evaluation of successor protocols to lntemet key exchange(IKE).Industrial Informatics,2005.INDIN '05.2005 3rd IEEE International Conference on 10-12 Aug.2005 Page(s):692-696
[16]Hussain,M,Hajjeh.Extending IKEv2 for multi-vendor home network environment.Advanced Communication Technology,2005,ICACT 2005.The 7th International Conference onVolume 1,21-23 Feb.2005 Page(s):63-68
[17]戚文峰.IPSec系统中IKEv2的实现技术[学位论文].解放军信息工程大学,2005.页40-41
[18]Iso-Anttila,Lari,Ylinen,Jorma,Loula,Pekka.A Proposal to Improve IKEv2 negotiation.Emerging Security Information Systems and Technologies,2007.The International Conference on 14-20 Oct.2007.Page(s):169-174
[19]曹宇,祝跃飞,李勤等.IKEv2实现方案研究.计算机应用研究.2005 2.页74-76
[20]张朝东,徐明伟.密钥交换协IKEv2的分析与改进.清华大学学报.2006.Vol 46.No.7页1274-1277
[21]范红.互联网密钥交换协议及其安全性分析.软件学报.2003.14(3):600-605
[22]IEEE Standard for Local and metropolitan area networks - Port-Based Network Access Control.IEEE 802.1x.December 13,2004
[23]H.Tschofenig,D.Kroeselberg,A.Pashalidis,Y.Ohba,F.Bersani.The Extensible Authentication Protocol-Internet Key Exchange Protocol version 2(EAP-IKEv2)Method.RFC 5106.February 2008 Page(s):23-25
[24]Bhakti,A.Catur,Abdullah.EAP-based Authentication with EAP Method Selection Mechanism:Simulation Design.Research and Development,2007.SCORED 2007.5th Student Conference on 12-11 Dec.2007 Page(s):1-4
[25]冯雯.基于802.1x的校园网身份认证系统的设计与实施.四川大学学报(自然科学版).2006/06页13-14
[26]周贤伟.IEEE 802.1x协议的认证机制及其改进.计算机应用.2006/12页24-25
[27]于承斌.对基于802.1x协议的认证机制及缺陷的研究.信息技术.2006/11页31-33
[28]S.Kelly,S.Ramamoorthi.Requirements for IPsec Remote Access Scenarios.RFC 3457.January 2003 Page(s):22-24
[29]C.Rigney,S.Willens,A.Rubens,W.Simpson.Remote Authentication Dial In User Service (RADIUS).RFC 2865 June 2000 Page(s):40-42
[30]B.Aboba,P.Calhoun.RADIUS Support For Extensible Authentication Protocol(EAP).RFC 3579.September 2003 Page(s):27-29
[31]P.Eronen,P.Hoffman.IKEv2 Clarifications and Implementation Guidelines.RFC 4718.October 2006 Page(s):49-51
[32]J.Salim,H.Khosravi,A.Kleen,A.Kuznetsov.Linux Netlink as an IP Services Protocol.RFC3549.July 2003 Page(s):23o25,34-39
[33]章晓明.IPsec VPN中Netlink消息通信机制的研究和设计.计算机工程与应用.2006/34页34-35
[34]Confuse主页.http://sv.nongnu.ore/projects/confuse
[35]Openssl主页.http://www.openssl.org.
[36]W.Richard Stevens,Bill Fenner,Andrew M.Rudoff著.杨继张译.UNIX网络编程 第1卷:套接口API.清华大学出版社.2006页581-590
[37]刘骥宇.IKEv2协议在Linux环境下的实现[学位论文].河南大学.2007.页37-39
[38]张朝伟.无线应用场景下IPsec的研究与实现[学位论文].北京交通大学.2007.页25-26
[39]周莉.Linux2.6 IPsec分析与VPN网关的研究与实现[学位论文].兰州大学.2005.页40-41
[40]FreeRadius主页http://www.freeradius.org
[2]S.Kent,R.Atkinson.IP Encapsulating Security Payload(ESP).RFC2406.November 1998.Page(s):3-4
[3]S.Kent,R.Atkinson.IP Authentication Header.RFC2402.November 1998.Page(s):7
[4]D.Harkins,D.Carrel,The lnternet Key Exchange(IKE).RFC2409.Nov 1998.Page(s):16
[5]C.Kaufman,Ed.Internet Key Exchange(IKEv2)Protocol.RFC 4306.December 2005Page(s):2,27-29,36,40-42
[6]B.Aboba,L.Blunk,J.Vollbrecht,J.Carlson,H.Levkowetz,Ed.Extensible Authentication Protocol(EAP).RFC 3748.June 2004.Page(s):36-37
[7]W.Aiello,S.M.Bellovin,M.Blaze,R.Canetti,J.Ioannidis,A.D.Keromytis,0.Reingold.Just fast keying(JFK).draft-ietf-ipsec-jfk-04.2002.Page(s):3
[8]陈熊贵.基于Linux的IPSec的研究与实现[学位论文].上海交通大学.2006.页27-29
[9]Faigl,Lindskog,Brunstrom.Analyzing IKEv2 Performance when Protecting Mobile IPv6Signaling.Wireless Communication Systems,2007.ISWCS 2007.4th International Symposium on 17-19 Oct.2007 Page(s):390-395
[10]马士.IPSec协议实现及其现状分析.计算机工程.2006第7期.页33
[11]孙仁洲.IPv6安全机制(IPSec)研究[学位论文].电子科技大学.2006.页45-46
[12]VijayBollapragada,Mohamed Khalid,ScottWainner著.袁国忠译.IPsec VPN设计.第一版.北京.人民邮电出版社.2006.页66-67
[13]J.Schiller.Cryptographic Algorithms for Use in the Internet Key Exchange Version 2(IKEv2).RFC 4307.December 2005.Page(s):19,33
[14]Y.Nir.Repeated Authentication in lnternet Key Exchange(IKEv2)Protocol.RFC 4478.April 2006.Page(s):26-29
[15]Haddad,Mirmohamadi.Comparative evaluation of successor protocols to lntemet key exchange(IKE).Industrial Informatics,2005.INDIN '05.2005 3rd IEEE International Conference on 10-12 Aug.2005 Page(s):692-696
[16]Hussain,M,Hajjeh.Extending IKEv2 for multi-vendor home network environment.Advanced Communication Technology,2005,ICACT 2005.The 7th International Conference onVolume 1,21-23 Feb.2005 Page(s):63-68
[17]戚文峰.IPSec系统中IKEv2的实现技术[学位论文].解放军信息工程大学,2005.页40-41
[18]Iso-Anttila,Lari,Ylinen,Jorma,Loula,Pekka.A Proposal to Improve IKEv2 negotiation.Emerging Security Information Systems and Technologies,2007.The International Conference on 14-20 Oct.2007.Page(s):169-174
[19]曹宇,祝跃飞,李勤等.IKEv2实现方案研究.计算机应用研究.2005 2.页74-76
[20]张朝东,徐明伟.密钥交换协IKEv2的分析与改进.清华大学学报.2006.Vol 46.No.7页1274-1277
[21]范红.互联网密钥交换协议及其安全性分析.软件学报.2003.14(3):600-605
[22]IEEE Standard for Local and metropolitan area networks - Port-Based Network Access Control.IEEE 802.1x.December 13,2004
[23]H.Tschofenig,D.Kroeselberg,A.Pashalidis,Y.Ohba,F.Bersani.The Extensible Authentication Protocol-Internet Key Exchange Protocol version 2(EAP-IKEv2)Method.RFC 5106.February 2008 Page(s):23-25
[24]Bhakti,A.Catur,Abdullah.EAP-based Authentication with EAP Method Selection Mechanism:Simulation Design.Research and Development,2007.SCORED 2007.5th Student Conference on 12-11 Dec.2007 Page(s):1-4
[25]冯雯.基于802.1x的校园网身份认证系统的设计与实施.四川大学学报(自然科学版).2006/06页13-14
[26]周贤伟.IEEE 802.1x协议的认证机制及其改进.计算机应用.2006/12页24-25
[27]于承斌.对基于802.1x协议的认证机制及缺陷的研究.信息技术.2006/11页31-33
[28]S.Kelly,S.Ramamoorthi.Requirements for IPsec Remote Access Scenarios.RFC 3457.January 2003 Page(s):22-24
[29]C.Rigney,S.Willens,A.Rubens,W.Simpson.Remote Authentication Dial In User Service (RADIUS).RFC 2865 June 2000 Page(s):40-42
[30]B.Aboba,P.Calhoun.RADIUS Support For Extensible Authentication Protocol(EAP).RFC 3579.September 2003 Page(s):27-29
[31]P.Eronen,P.Hoffman.IKEv2 Clarifications and Implementation Guidelines.RFC 4718.October 2006 Page(s):49-51
[32]J.Salim,H.Khosravi,A.Kleen,A.Kuznetsov.Linux Netlink as an IP Services Protocol.RFC3549.July 2003 Page(s):23o25,34-39
[33]章晓明.IPsec VPN中Netlink消息通信机制的研究和设计.计算机工程与应用.2006/34页34-35
[34]Confuse主页.http://sv.nongnu.ore/projects/confuse
[35]Openssl主页.http://www.openssl.org.
[36]W.Richard Stevens,Bill Fenner,Andrew M.Rudoff著.杨继张译.UNIX网络编程 第1卷:套接口API.清华大学出版社.2006页581-590
[37]刘骥宇.IKEv2协议在Linux环境下的实现[学位论文].河南大学.2007.页37-39
[38]张朝伟.无线应用场景下IPsec的研究与实现[学位论文].北京交通大学.2007.页25-26
[39]周莉.Linux2.6 IPsec分析与VPN网关的研究与实现[学位论文].兰州大学.2005.页40-41
[40]FreeRadius主页http://www.freeradius.org