Re: PPP over IPSec (without L2TP)?

Ari Huttunen <Ari.Huttunen@datafellows.com> Fri, 15 October 1999 12:46 UTC

Received: from lists.tislabs.com (portal.gw.tislabs.com [192.94.214.101]) by mail.imc.org (8.9.3/8.9.3) with ESMTP id FAA26999; Fri, 15 Oct 1999 05:46:27 -0700 (PDT)
Received: by lists.tislabs.com (8.9.1/8.9.1) id GAA03426 Fri, 15 Oct 1999 06:52:16 -0400 (EDT)
Message-ID: <38070829.4F7AC3CA@DataFellows.com>
Date: Fri, 15 Oct 1999 13:55:37 +0300
From: Ari Huttunen <Ari.Huttunen@datafellows.com>
Organization: Data Fellows Oyj
X-Mailer: Mozilla 4.51 [en] (WinNT; I)
X-Accept-Language: en
MIME-Version: 1.0
To: aboba@internaut.com
CC: 'Stephen Kent' <kent@bbn.com>, 'Jim Tiller' <tiller_j@ins.com>, ietf-ipsra@vpnc.org, ipsec@lists.tislabs.com
Subject: Re: PPP over IPSec (without L2TP)?
References: <00fe01bf16a0$f4ff1740$478939cc@internaut.com>
Content-Type: multipart/alternative; boundary="------------ABACCCAA473B289361B1F6DC"
Sender: owner-ipsec@lists.tislabs.com
Precedence: bulk

Bernard Aboba wrote:

> In L2TP it is perfectly possible to apply
> filters to achieve the same level of security. In fact, if
> anything the argument went the other way -- because L2TP
> does user authentication, when run over IPSEC its security
> is stronger than that of IPSEC tunnel mode implementations
> that only do machine authentication and therefore have no
> idea who the user is.

Excuse me? I'm not an expert on L2TP, but I believe that's not
entirely correct. Let me quote RFC-2661.

> 9.1 Tunnel Endpoint Security
>
>    The tunnel endpoints may optionally perform an authentication
>    procedure of one another during tunnel establishment.  This
>    authentication has the same security attributes as CHAP, and has
>    reasonable protection against replay and snooping during the tunnel
>    establishment process. This mechanism is not designed to provide any
>    authentication beyond tunnel establishment; it is fairly simple for a
>    malicious user who can snoop the tunnel stream to inject packets once
>    an authenticated tunnel establishment has been completed
>    successfully.
>
>    For authentication to occur, the LAC and LNS MUST share a single
>    secret.  Each side uses this same secret when acting as authenticatee
>    as well as authenticator. Since a single secret is used, the tunnel
>    authentication AVPs include differentiating values in the CHAP ID
>    fields for each message digest calculation to guard against replay
>    attacks.
>
I believe L2TP only authenticates the machines, while it's PPP that authenticates
the users.

There was also some talk about filtering of packets. As you see below, RFC-2661
wishes to put the filtering above its layer, to the PPP layer. Achieving this
should be easier in practice if you have less protocol layers between IPSec and PPP.

> 9.4 L2TP and IPsec
>
> ...snip...
>
>    IPsec also defines access control features that are  required of a
>    compliant IPsec implementation. These features allow filtering of
>    packets based upon network and transport layer characteristics such
>    as IP address, ports, etc. In the L2TP tunneling model, analogous
>    filtering is logically performed at the PPP layer or network layer
>    above L2TP.  These network layer access control features may be
>    handled at the LNS via vendor-specific authorization features based
>    upon the authenticated PPP user, or at the network layer itself by
>    using IPsec transport mode end-to-end between the communicating
>    hosts. The requirements for access control mechanisms are not a part
>    of the L2TP specification and as such are outside the scope of this
>    document.
>

As to the re-ordering of packets by IPSec.. IPSec already does sequence numbers. It shouldn't
be too difficult to define a new IPSec SA attribute negotiable by IKE that says "sequenced
delivery of packets required". The recieving IPSec implementation would perhaps try to re-order
packets during a few milliseconds or whatever, and drop packets that come after that.

--
Ari Huttunen                   phone: +358 9 859 900
Senior Software Engineer       fax  : +358 9 8599 0452

Data Fellows Corporation       http://www.DataFellows.com

F-Secure products: Integrated Solutions for Enterprise Security