Openvpn is realized by SSL technology. Because it mainly works in the application layer, the efficiency is very low. If the unit flow is relatively large, it is best not to use this. The other uses SSL technology, which is not what we usually call SSL VPN.
At present, the more popular hardware VPN in the market adopts ipsec technology. So choosing the first one will help you replace the hardware later.
Basically, hardware VPN products on the market rarely adopt such technology as openvpn.
The working principle of IPSEC
-
Virtual private network refers to the establishment of a private network in the public network, and data is spread in the public network through a secure "pipeline". Using VPN has the advantages of cost saving, remote access, strong expansibility, easy management and complete control, and it is the key project of network service at present and in the future. Therefore, we must fully understand the technical characteristics of virtual private network and establish a perfect service system. Working principle of virtual private network
At present, the international standards for constructing virtual private networks are IPSec (RFC/KOOC-0/825-/KOOC-0/829) and L2TP (Draft-IETF-PPP ext-L2TP-/KOOC-0/0). L2TP (Virtual Private Dial-up Network Protocol) is a virtual private dial-up network protocol, which was drafted by IETF according to the agreements of various vendors (including PPTP of Microsoft and L2F of Cisco), and it is still in the draft stage. IPSEC is a series of open IP security standards based on IP networks, including intranet, extranet and Internet, which are officially customized by IETF. It is the foundation of virtual private network, which is quite mature and reliable. The draft L2TP protocol stipulates that it (L2TP standard) must be based on IPSEC (see draft-IETF-PPP ext-L2TP-security-01). Therefore, this paper expounds the working principle of VPN, and mainly analyzes the working principle of IPSEC.
IPSEC provides three different forms to protect private numbers transmitted over public or private IP networks.
Authentication-the function is to ensure that the received data is consistent with the sent data, and at the same time ensure that the sender of the application is actually the real sender, not a disguise.
Data integrity-the function is to ensure that there is no imperceptible data loss and change in the process of data transmission from the original location to the destination.
Confidentiality-the function is to enable the corresponding receiver to obtain the real content of the transmission, while the receiver who has no intention of obtaining the data cannot know the real content of the data.
In IPSEC, three basic elements provide the above three forms of protection: Authentication Protocol Header (AH), Secure Load Encapsulation (ESP) and Internet Key Management Protocol (IKMP). Authentication protocol headers and secure load encapsulation can be used separately or in combination to achieve the required level of protection.
Authentication Protocol Header (AH) is to add a password to all packet headers. As the name implies, AH authenticates users through a "digital signature" that only the key holder knows. This signature is the only result obtained by a special algorithm. AH can also maintain the integrity of data, because the digital signature of the packet header can be detected even if it is loaded with a small change during transmission. However, because AH cannot encrypt the contents loaded in the data packet, it does not guarantee any confidentiality. The two most common AH standards are MD5 and SHA- 1. MD5 uses a key with a maximum value of 128, while SHA- 1 uses a key with a maximum value of 160 to provide stronger protection.
Secure Load Encapsulation (ESP) strictly ensures the confidentiality of the transmitted information by completely encrypting all the data and the loaded contents of the data packet, and can prevent other users from opening the contents of the information exchange by listening, because only trusted users have keys to open the contents. ESP can also provide authentication and maintain data integrity. The most important ESP standard is Data Encryption Standard (DES). DES supports a key with a maximum of 56 bits, while 3DES uses three sets of keys for encryption, which is equivalent to using a key with a maximum of 168 bits. Because ESP actually encrypts all data, it needs more processing time than AH, which leads to performance degradation.
Key management includes two aspects: key determination and key distribution, and at most four keys are needed: AH and ESP for sending and receiving keys. The key itself is a binary string, usually expressed in hexadecimal. For example, a 56-bit key can be expressed as 5F39DA752E0C25B4. Note that the total length * * * is 64 bits, including the parity of 8 bits. A 56-bit key (DES) is sufficient for most business applications. Key management includes manual and automatic methods. Manual management system can work well in limited safety requirements, while automatic management system can meet all other application requirements.
With the manual management system, the key is determined by the management site and then distributed to all remote users. Real keys can be calculated by random number generator or simple random patchwork, and each key can be modified according to the security policy of the group. Using the automatic management system, you can dynamically determine and distribute keys, which is obviously as automatic as the name. The automatic management system has a central control point, and the centralized key manager can make itself more secure and maximize the effectiveness of IPSEC.
Implementation of IPSEC
One of the most basic advantages of IPSEC is that it can be completely implemented on * * * network access devices, even all hosts and servers, which largely avoids the upgrading of any network-related resources. On the client side, IPSEC architecture allows remote access to PCs and workstations involved in routers, or ordinary modems based on pure software. ESP provides more flexibility in application through two modes: transmission mode and tunnel mode.
IPSEC packets can be used to compress the original IP address and data in tunnel mode.
When ESP is implemented on a host (client or server), the transport mode is usually used. The transmission mode uses the original plaintext IP header and only encrypts the data, including its TCP and UDP headers.
When ESP is implemented in network access intervention devices associated with multiple hosts, tunnel mode is usually used. Tunnel mode processes the whole IP packet, including all TCP/IP or UDP/IP headers and data, and it uses its own address as the source address to add to the new IP header. When tunnel mode is used in user terminal settings, it is more convenient to hide the addresses of internal server hosts and clients.
Interpretation of encryption algorithm of virtual private network
-
I. IPSec authentication
IPSec Authentication Header (AH) is a mechanism to provide IP datagram integrity and authentication. Integrity ensures that datagrams will not be changed unintentionally or maliciously, while authentication verifies the source of data (host, user, network, etc.). ). AH itself does not support any form of encryption and cannot protect the credibility of data sent through the internet. Only when the export, import or use of encryption is restricted by the local government can AH improve the security of the global Internet. When all the functions are realized, it will reduce the attack probability based on IP spoofing by authenticating IP packets, thus providing better security services. The packet header used by AH is placed between the standard IPv4 and IPv6 packet headers and the next high-level protocol frame (such as TCP, UDP, I CMP, etc.). ).
AH protocol provides integrity and authentication services by implementing message digest calculation in the whole IP datagram. Message digest is a special one-way data function, which can create a unique digital fingerprint of datagram. The output of the message digest algorithm is placed in the Authentication_Data area of the AH header. Message Digest 5 algorithm (MD5) is a one-way mathematical function. When applied to packet data, it divides the whole data into several information packets with 128 bits. The information in the 128 bit group is a compressed or abstract representation of large packet data. When used in this way, MD5 only provides digital integrity services. The message digest can be calculated from a set of data before sending and after receiving. If the digest values calculated twice are the same, the packet data has not been changed during transmission. This can prevent unintentional or malicious tampering. In the data exchange of HMAC-MD5 authentication, the sender uses the previously exchanged keys to calculate the MD5 digest of 64-bit datagram for the first time. The digest values calculated from a series of 16 bits are accumulated into one value, and then put into the authentication data area of the AH header, and then the datagram is sent to the receiver. The receiver must also know the key value in order to calculate the correct message digest and adapt it to the received authentication message digest. If the calculated digest value is equal to the received digest value, then the datagram has not been changed in the sending process and can be considered as being sent by another party who only knows the key.
Second, IPSec encryption.
The Packet Security Protocol (ESP) header provides the integrity and reliability services of IP datagrams. ESP protocol is designed to work in two modes: tunnel mode and transmission mode. The difference between them lies in the content of ESP load part of IP datagram. In tunnel mode, the entire IP datagram is encapsulated and encrypted in the ESP payload. When doing so, the real IP source address and destination address can hide the ordinary data sent for the Internet. The typical usage of this mode is to hide the host or topology when connecting the firewall to the firewall through the virtual private network. In the transmission mode, there are only higher layer protocol frames (TCP, UDP, ICMP, etc. ) is placed in the ESP payload part of the encrypted IP datagram. In this mode, the source and destination IP addresses and all IP header fields are sent unencrypted.
IPSec requires a common default algorithm DES-CBC algorithm to be used in all ESP implementations. American Data Encryption Standard (DES) is a very popular encryption algorithm. It was first released by the US government and was originally used for commercial applications. So far, the protection period of all DES patents has expired, so it is free all over the world. The IPSec ESP standard requires all ESP implementations to support the DES of CBC as the default algorithm. DES-CBC works by adding a data function to an 8-bit data packet to form a complete IP packet (tunnel mode) or the next higher layer protocol frame (transmission mode). DES-CBC uses 8-bit encrypted data (ciphertext) instead of 8-bit unencrypted data (plaintext). A random 8-bit initialization vector (IV) is used to encrypt the first plaintext packet, so as to ensure the randomness of the encrypted information even if the plaintext information has the same beginning. DES-CBC mainly uses the same key shared by all communication parties. Therefore, it is considered as a symmetric encryption algorithm. The receiver can only decrypt the encrypted data by using the key used by the sender to encrypt the data. Therefore, the effectiveness of DES-CBC algorithm depends on the security of the key, and the key length of DES-CBC used by ESP is 56 bits.
Principle and implementation of VPN technology based on IPSec
This paper first expounds the basic principle of VPN technology and IPSec specification, and then introduces the implementation method and several typical application schemes of VPN technology. Finally, the author puts forward his own views on the popularization and application of VPN technology.
1. Introduction
1998 is called "e-commerce year", and 1999 will be "government online year". In fact, as the "fourth media" connecting the whole world, the Internet has become a place with unlimited business opportunities. How to use the Internet to carry out business activities is a hot topic discussed by enterprises at present. However, when the Internet is actually applied to business, there are still some problems to be solved, among which the two most important ones are service quality and security. The problem of service quality is gradually being solved with the efforts of relevant manufacturers and ISP, and the emergence of VPN technology provides an effective way to solve security problems.
The so-called VPN(VirtualPrivate Network) refers to the logical virtual subnet formed by connecting the physically distributed networks in different places through the public backbone network, and the public network here mainly refers to the Interet. In order to ensure the security of information transmission on the Internet, VPN technology adopts authentication, access control, confidentiality, data integrity and other measures to ensure that information will not be peeked at, tampered with or copied during transmission. Because the cost of using the Internet for transmission is much lower than that of renting a private line, the emergence of VPN makes it possible for enterprises to transmit private confidential information safely and economically through the Internet.
In addition to saving money, VPN technology has other characteristics:
● Scalability can be flexibly expanded with the expansion of the network. When adding a new user or subnet, the new VPN can only work if the existing network software configuration is modified, the corresponding software is installed on the newly added client or gateway and connected to the Internet.
● Flexibility: In addition to easily extending the new subnet to the enterprise network, VPN enables enterprises to securely access the information of global business partners and customers at any time due to the global connectivity of the Internet.
● Easy to manage When connecting enterprise subnets with dedicated lines, with the increase of the number of subnets, the number of dedicated lines required will increase geometrically. When using VPN, the Internet is just like a HUB, which only needs to connect each subnet to the Internet, and does not need to manage every line.
VPN can be used to build enterprise intranet and extranet. With the rise of global e-commerce, the application of VPN will be more and more extensive. According to the forecast of Infonetics Reseach, the market share of VPN will increase from $200 million today to11900 million in 2006, among which the sales revenue of VPN products will account for one tenth.
2. VPN technology based on IPSec specification.
1) introduction of IPSec protocol
IPSec( 1P Security) came into being in the formulation of IPv6, which is used to provide the security of IP layer. Since all hosts supporting TCP/IP protocol must pass through the IP layer when communicating, providing the security of the IP layer is equivalent to providing the basis for secure communication for the whole network. In view of the wide application of IPv4, support for IPv4 is added in the formulation of IPSec.
The first set of IPSec standards was formulated by IETF in 1995, but due to some unresolved problems, IETF started a new round of IPSec formulation from 1997, and by the end of 1998+0 1 the main protocols had been basically completed. However, there are still some problems in this new protocol, and IETF is expected to carry out the next round of IPSec revision in the near future.
2) The basic working principle of 2)IPSec
The working principle of IPSec (as shown in Figure L) is similar to that of packet filtering firewall, which can be regarded as an extension of packet filtering firewall. When receiving an IP packet, the packet filtering firewall uses its header to match in the rule table. When a matching rule is found, the packet filtering firewall processes the received IP packet according to the method formulated by the rule. There are only two kinds of processing work here: discarding or forwarding.
Figure 1 IPSec working principle diagram
IPSec determines the processing of received IP packets by querying SPD (Security p 0 1 Policy Database Security Policy Database). However, IPSec is different from packet filtering firewall. In addition to directly discarding and forwarding IP packets, there is another method, which is IPSec processing. It is this newly added processing method that provides further network security than packet filtering firewall.
Performing IPSec processing means encrypting and authenticating IP packets. Packet filtering firewall can only control the passage of IP packets from or to a certain site, and can deny IP packets from external sites access to some internal sites, and can also deny internal sites access to some external websites. However, the packet filtering firewall cannot guarantee that the packets going out from the intranet will not be intercepted, nor can it guarantee that the packets entering the intranet will not be tampered with. Only by encrypting and authenticating IP packets can the confidentiality, authenticity and integrity of the packets transmitted in the external network be guaranteed, and it is possible to enter new secure communication through the Internet.
IPSec can encrypt only IP packets, authenticate only, or both. However, whether it is encryption or authentication, IPSec has two working modes, one is tunnel mode similar to the protocol mentioned in the previous section, and the other is transmission mode.
As shown in Figure 2, the transport mode only encrypts or verifies the payload of IP packets. At this time, continue to use the previous IP header, only modify some fields of the IP header, and insert the IPSec protocol header between the IP header and the transport layer header.
Fig. 2 schematic diagram of transmission mode
As shown in fig. 3, the tunnel mode encrypts or authenticates the entire IP data color. At this time, a new IP header needs to be generated, and the IPSec header is placed between the newly generated IP header and the previous IP packet, thus forming a new IP header.
Fig. 3 Schematic diagram of tunnel mode
3) Three main protocols in 3)IPSec.
As mentioned earlier, the main functions of IPSec are encryption and authentication. For encryption and authentication, IPSec also needs the function of key management and exchange, so as to provide the keys needed for encryption and authentication and manage the use of keys. The above three aspects are stipulated by three protocols: AH, ESP and IKE. In order to introduce these three protocols, it is necessary to introduce a very important term-security association SA. The so-called security association refers to a kind of "connection" between the security service and the operators it serves. Both AH and ESP need to use SA, and the main function of IKE is the establishment and maintenance of SA. As long as AH and ESP are realized, SA must be supported.
If both parties want to establish a secure transmission path with IPSec, they need to negotiate the security policies to be adopted in advance, including encryption algorithm, key, key lifetime and so on. When both parties agree on the security strategy to be used, we say that both parties have established an SA. SA is a simple connection, which can provide some IPSec security for data transmission on it, and can be provided by AH or ESP. When the SA is given, the processing performed by IPSec, such as encryption, authentication, etc., is determined. SA can be combined in two ways, namely, transmitting adjacent and nested tunnels.
1)ESP (encapsulated security payload)
ESP protocol is mainly used to encrypt IP packets, and also provides some support for authentication. ESP is independent of specific encryption algorithms and can support almost all kinds of symmetric key encryption algorithms, such as DES, TripleDES, RC5, etc. In order to ensure interoperability among various IPSec implementations, ESP must provide support for 56-bit DES algorithm at present.
The data unit format of ESP protocol consists of three parts, except the header and encrypted data part, which also includes an optional tail when realizing authentication. The header has two fields: security policy index (SPl) and Sequencenumber (SEQUENCE NUMBER). Before using ESP for secure communication, both parties need to negotiate a set of encryption strategies to be adopted, including the algorithm used, the key and the validity period of the key. The Security Policy Index is used to determine which encryption policy the sender uses to process IP packets. When the receiver sees this serial number, it will know how to handle the received IP packet. Serial numbers are used to distinguish different packets that use the same set of encryption policies. In addition to the payload of the original IP packet, the encrypted data part and the padding field (used to ensure that the encrypted data part meets the length requirement of block encryption) are encrypted during transmission. The "next header" is used to indicate the protocol used by the payload part, which can be the transport layer protocol (TCP or UDP) or IPSec protocol (ESP or AH).
Generally, ESP can be transmitted as the payload of IP, and the UKB header of jip indicates that the next protocol is ESP, not TCP and UDP. Due to this encapsulation, ESP can use the old network for transmission.
As mentioned earlier, IPSec encryption has two working modes, that is to say, ESP protocol has two working modes: transmission mode and tunnel mode. When ESP works in transmission mode, the current IP header is adopted. In tunnel mode, the whole IP packet is encrypted as the payload of ESP, and a new IP header with gateway address as the source address is added before the ESP header, which can play the role of NAT.
2)AH (authentication header)
AH only involves authentication, not encryption. Although AH has some duplication with ESP in function, AH can authenticate IP header and IP payload. It mainly deals with data pairs and can authenticate IP headers, while the authentication function of ESP is mainly oriented to IP payloads. In order to provide the most basic functions and ensure interoperability, AH must include support for HMAC? /FONT & gt; Shahe/font > MD5(HMAC is a symmetric authentication system supported by SHA and MD5).
AH can be used alone, in tunnel mode or in combination with ESP.
3)IKE (Internet Key Exchange)
IKE protocol mainly manages key exchange, which mainly includes three functions:
● Protocol, encryption algorithm and key used in negotiation.
Convenient key exchange mechanism (this may need to be performed regularly).
Track the implementation of these agreements.
3.3 design. Virtual private network system
As shown in Figure 4, the implementation of VPN consists of management module, key distribution and generation module, identity authentication module, data encryption/decryption module, data packet encapsulation/decomposition module and encryption function library.
The management module is responsible for the configuration and management of the whole system. The management module decides which transmission mode to adopt and which IP packets to encrypt/decrypt. Because encrypting IP packets will consume system resources and increase network delay, it is unrealistic to provide VPN services for all IP packets between two security gateways. The network administrator can specify which IP packets are encrypted through the management module. Intranet users can also specify VPN system to provide encryption service for their IP packets through special commands transmitted by Telnet protocol.
The key management module is responsible for the key generation and distribution required for identity authentication and data encryption. The key is randomly generated. The distribution of keys between security gateways adopts manual distribution, and the transmission of keys between security gateways is completed by other secure communication methods other than network transmission. The key of each security gateway is stored in a secret database, which supports fast query and acquisition with IP address as the key.
The identity authentication module completes the digital signature operation of IP packets. The whole process of digital signature is shown in Figure 5:
Figure 5 Digital signature
At first, the sender hashes the data H = H (m), and then encrypts H with the communication key K to get the Signature={ h} key. The sender attaches the signature to the plaintext and sends it to the receiver together. After receiving the data, the receiver first decrypts the signature with the key K to get H, and compares it with H(m). If they are consistent, the data is complete. Digital signature not only ensures the integrity of data, but also plays the role of identity authentication, because only with the key can the data be signed correctly.
The data encryption/decryption module completes the encryption and decryption of IP packets. Optional encryption algorithms are IDEA algorithm and DES algorithm. The former can achieve faster encryption speed by software implementation. In order to further improve the efficiency of the system, we can use special hardware to encrypt and decrypt data, and then DES algorithm can get faster encryption speed. With the improvement of computer computing power, the security of DES algorithm is challenged. For network data with high security requirements, the data encryption/decryption module can provide triple DES encryption service.
The packet encapsulation/decomposition module realizes the secure encapsulation or decomposition of IP packets. When an IP data packet is sent from the security gateway, the data packet encapsulation/decomposition module attaches an identity to the IP data packet.
Authentication header AH and security data encapsulation header ESP. When the security gateway receives the IP packet, the packet encapsulation/decomposition module parses the protocol of AH and ESP, and performs identity authentication and data decryption according to the packet header information.
The encryption function library provides unified encryption services for the above modules. A basic principle of the design of encryption function library is to communicate with the above modules through a unified function interface. This can be based on actual needs.
To be sure, there is no need to change other modules when connecting function libraries with different encryption algorithms and encryption strengths.
4. Several typical VPN application schemes
There are two basic types of VPN applications: dial-up VPN and private VPN.
Dial-up VPN provides remote intranet access for mobile users and telecommuters, which is the most popular form at present. Dial-up VPN service is also called "company dial-up outsourcing". According to the location where the tunnel is established, dial-up VPN can be divided into two types: on the user's PC or on the service provider's network access server (NAS).
There are many forms of private VPN, and the same element is to provide IP services for users. Usually, the router of the security device or client is used to complete the service on the IP network. IP services can also be provided by installing IP interfaces on Frame Relay or ATM networks. Private service applications connect remote offices with intranet and external networks through WAN. These services are characterized by multi-users and high-speed connections. In order to provide complete VPN service, enterprises and service providers often combine private VPN with remote access scheme.
At present, VPN-aware network has just emerged, and service providers will soon launch a series of new products, which are specially designed to meet the needs of providers for scalability and flexibility when providing special value-added services to enterprises.
5. Concluding remarks
In a word, VPN is a comprehensive new network technology, even in the United States, where the network is highly developed, it has shown great vitality. Cisco, 3Com, Ascend and other companies have all launched their own products. However, whether VPN products can be widely accepted mainly depends on the following two points: first, whether VPN scheme can be encrypted at line speed, otherwise it will produce bottlenecks; The second is whether VPN data flow can be scheduled and directed to different management domains on the network.
At home, because the network infrastructure is still relatively backward and the computer application level is not high, the demand for VPN technology is not high at present, and most manufacturers are still in the wait-and-see stage. However, with the acceleration of national economic informatization, especially the promotion of government internet access and e-commerce, VPN technology will be of great use.