Abstract
IPsec, while widely implemented, is rarely used for end-to-end protection of application protocols. Instead, it is mainly used today as an “all or nothing” protection for VPNs. In this paper we discuss the structure and shortcomings of the IPsec security policy mechanisms as partial reasons for this situation. We describe our experiences in using IPsec in a number of situations, including IPv6 control protocols, mobility protocols, network management, and multimedia protocols. We conclude that more often than not, the existing policy mechanisms are inadequate. While IPsec is quite effective in authenticating the peer and establishing assurance about its identity, the lack of attention to authorization questions is a root cause of the existing inadequacies. We also claim that the problems are more fundamental than the lack of suitable APIs and management tools. Finally, we present some potential architectural modifications which could improve the situation, and discuss the practical challenges in achieving these modifications.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Aboba, B., Tseng, J., Walker, J., Rangan, V., Travostino, F.: Securing Block Storage Protocols over IP. Internet Draft draft-ietf-ips-security-19.txt (Work In Progress), IETF (January 2003)
Arkko, J.: Effects of ICMPv6 on IKE and IPsec Policies. Internet Draft draft-arkko-icmpv6-ike-effects-01.txt (Work in Progress), IETF (June 2002)
Arkko, J.: SEcure Neighbor Discovery (SEND). Internet Draft draft-arkko-send-ndopt-00.txt (Work in Progress), IETF (June 2003)
Arkko, J., Nikander, P., Kivinen, T., Rossi, M.: Manual SA Configuration for IPv6 Link Local Messages. Internet Draft draft-arkko-manual-icmpv6-sas-01 (Work in Progress), IETF (June 2002)
Arkko, J., Aura, T., Kempf, J., Mantyla, V.-M., Nikander, P., Roe, M.: Securing IPv6 Neighbor Discovery. In: Wireless Security Workshop (September 2002)
Arkko, J., Kempf, J., Sommerfeld, B., Zill, B.: SEcure Neighbor Discovery (SEND). Internet Draft draft-ietf-send-ipsec-01.txt (Work in Progress), IETF (June 2003)
Arkko, J., Devarapalli, V., Dupont, F.: Using IPsec to Protect Mobile IPv6 Signaling between Mobile Nodes and Home Agents. Internet Draft draft-ietf-mobileip-mipv6-ha-ipsec-06.txt (Work in Progress), IETF (June 2003)
Bellovin, S.: Guidelines for mandating the use of IPsec. Internet Draft draft-bellovin-useipsec-00.txt (Work in Progress), IETF (October 2002)
Blaze, M., et al.: The KeyNote Trust-Management System Version 2. RFC 2704, IETF (September 1999)
Dierks, T., Allen, C.: The TLS Protocol Version 1.0. RFC 2246, IETF (January 1999)
Droms, R., Bound, J., Volz, B., Lemon, T., Perkins, C., Carney, M.: Dynamic Host Configuration Protocol for IPv6 (DHCPv6). Internet Draft draft-ietf-dhc-dhcpv6-28.txt (Work in Progress), IETF (November 2002)
Harkins, D., Carrel, D.: The Internet Key Exchange (IKE). RFC 2409, IETF (November 1998)
Ionnadis, J.: Why don’t we still have IPsec., dammit. NDSS 2003 (February 2003)
Johnson, D., Perkins, C., Arkko, J.: Mobility Support in IPv6. Internet Draft draft-ietf-mobileip-ipv6-24.txt (Work in Progress), IETF (June 2003)
Kent, S., Atkinson, R.: IP Authentication Header. RFC 2402, IETF (November 1998)
Kent, S., Atkinson, R.: Security Architecture for the Internet Protocol. RFC 2401, IETF (November 1998)
Moskowitz, R., Nikander, P., Jokela, P.: Host Identity Payload and Protocol. Internet Draft draft-moskowitz-hip-07.txt (Work in Progress), IETF (June 2003)
Nikander, P.: Secure Neighbor Discovery using separate CGA extension header. Internet Draft (Work in Progress), IETF (June 2003)
Patel, B., Aboba, B., Dixon, W., Zorn, G., Booth, S.: Securing L2TP using IPsec. RFC 3193, IETF (November 2001)
Narten, T., Draves, R.: Privacy Extensions for Stateless Address Autoconfiguration in IPv6. RFC 3041, IETF (January 2001)
Narten, T., Nordmark, E., Simpson, W.: Neighbor Discovery for IP Version 6 (IPv6). RFC 2461, IETF (December 1998)
O’Shea, G., Roe, M.: Child-proof authentication for MIPv6 (CAM). Computer Communications Review (April 2001)
Rescorla, E.: Guidelines for Writing RFC Text on Security Considerations. Internet Draft draft-iab-sec-cons-03.txt (Work in Progress), IETF (January 2003)
Schulzrinne, H., Casner, S., Frederick, R., Jacobson, V.: RTP: A Transport Protocol for Real-time Applications. RFC 1889, IETF (January 1996)
Thomson, S., Narten, T.: IPv6 Stateless Address Autoconfiguration. RFC 2462, IETF (December 1998)
Ylonen, T., Kivinen, T., Saarinen, M., Rinne, T., Lehtinen, S.: SSH protocol architecture. Internet Draft draft-ietf-secsh-architecture-12.txt (Work in Progress), IETF (January 2002)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2005 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Arkko, J., Nikander, P. (2005). Limitations of IPsec Policy Mechanisms. In: Christianson, B., Crispo, B., Malcolm, J.A., Roe, M. (eds) Security Protocols. Security Protocols 2003. Lecture Notes in Computer Science, vol 3364. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11542322_29
Download citation
DOI: https://doi.org/10.1007/11542322_29
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-28389-8
Online ISBN: 978-3-540-31836-1
eBook Packages: Computer ScienceComputer Science (R0)