Security gaps identified in Internet Protocol IPsec

-

 


    In collaboration with colleagues from Opole University in Poland, researchers at Horst Gorts Institute for IT Security (HGI) at Ruhr-Universität Bochum (RUB) have demonstrated that the internet protocol IPsec is vulnerable to attacks. The internet key exchange protocol IKEv1, which is part of the protocol family, has vulnerabilities that enable potential attackers to interfere with the communication process and intercept specific information.


Secure and encrypted communication

     As an enhancement of internet protocol (IP), IPsec has been developed to ensure cryptographically secure communication via publicly accessible insecure networks, such as the internet, by using encryption and authentication mechanisms. This type of communication is often used by enterprises whose employees operate from decentralised workplaces—for example, as sales reps or from a home office—and need to access company resources. The protocol can also be used to set up virtual private network (VPNs).


    "Even though the protocol is considered obsolete and a newer version, IKEv2, has been long available on the market, we see in real-life applications that IKEv1 is still being implemented in operating systems and still enjoys great popularity, even on newer devices," explains Dennis Felsch. But this protocol has vulnerabilities, as the researchers found during their analysis.


Bleichenbacher's attack successful

     In the course of their project, the researchers attacked the encryption-based logon mode of IPsec by deploying the so-called Bleichenbacher's attack, which was invented in 1998. In this attachl, errors are deliberately incorporated into an encoded message, which is then repeatedly sent to a server.


    "Thus, the attacker approaches the target step by step until he reaches his goal," says Martin Grothe. "It is like a tunnel with two ends. It's enough if one of the two parties is vulnerable. Eventually, the vulnerability permits the attacker to interfere with the communication process, to assume the identity of one of the communication partners, and to actively commit data theft."


     Bleichenbacher's attack proved effective against the hardware of four network equipment providers. The affected parties were Clavister, Zyxel, Cisco and Huawei. All four manufacturers have been notified, and have now eliminated the security gaps.


Passwords under scrutiny

    In addition to the encryption-base logon mode, the researchers have also been looking into  password-based login. "Authentication via passwords is carried out with hash values, which are similar to a fingerprint. Accordingly, a highly complex password provides the best protection if IPsec is deployed in this mode," says Grothe. The vulnerability was also communicated to the Computer Emergency Response Team (CERT), which coordinates the response to IT security incidents. CERT provided assistance to the researchers as they notified the industry about the vulnerability.


     The identified Bleichenbacher vulnerability is not a bug per se, but rather an implementation error that can be avoided—it all depends on how manufacturers integrate the protocol in their devices. Moreover, the attacker must enter the network before in order to exploit this vulnerability






#broadcasting #gigabit #routers #firewall

#servers #ethernet #bandwidth #fiberoptics
     

     

Comments

Post a Comment

Popular posts from this blog

VPN installations skyrocket over seven times since Dec

-
Image
         Virtual Private Network (VPN) adoption jumped manifold in India in the first half of 2021 as companies moved to secure communication networks as more employees worked from home. The number of VPN installations soared to 348.7 million as at June-end 2021 against 45.24 million as at December-end 2020, according to Atlas VPN’s Global VPN Adoption Index. VPN installation penetration went up from only 3.28 per cent population in 2020 to 25.27 per cent in the first six months of 2021. The VPN download data was extracted from Google Play Store and Apple App Store using Sensor Tower service and includes the 45 biggest VPN providers globally. Though Qatar, the UAE and Singapore held the first three positions, respectively, in terms of overall penetration, India surpassed all the countries on the list by the volume of downloads. Instagram: https://www. instagram.com/ angelinashiny123/ Youtube : https://www.youtube. com/channel/UCcIS_ QkrqCWuNpV5tZFcNVw #ethernet #fiberoptics #topolog
Read more

How Does the Internet Work

-
Image
The internet delivers different types of information and media across networked devices. It operates using an Internet Protocol (IP) and a Transport Control Protocol (TCP) packet routing network. Whenever you visit a website, your computer or mobile device requests the server using such protocols. The server accesses the web page and delivers the right information to your computer whenever the request arrives. This is broadly the end-to-end user experience. Let us now look at the more technical details of how the internet works. 1. Connecting computers       The basic foundation of the internet is an interconnected network of computers. When two computers interact, they must be physically (often via an Ethernet connection) or wirelessly connected (via Wi-Fi or Bluetooth). All modern systems can support any of these connections to establish a core network. 2. Scaling computer networks        The Computer Network, as described above, is not restricted to two PCs. One can link several com
Read more