VPN for Experts: Details on the TechnologySince the introduction of ISDN and GSM, data communication between computers and networks in different locations has become quite common. Both variants are often associated with considerable investments and running expenses. In particular, long-distance connections or dialing in from cellular networks, which are often used for remote access, run up expensive charges in no time at all.
Through the Internet there is now a globally accessible network available to use as a more economical alternative. Because all computers logged on to the Internet are connected with each other, data can be exchanged between and among any computers. File sharing networks and instant messengers take advantage of this fact. In the same way, telecommuters and branch offices can communicate with company headquarters via the Internet. All that is needed is an Internet connection on both ends. Data traffic then takes place, as in the local network, over IP.
Figure 1: Connection between two networks over the Internet
However, another thing that is possible over the Internet is the undesired monitoring of data transmissions. For this reason sensitive data should not be transmitted via the Internet without security measures in place. In a VPN the connection is protected by what is called a "tunnel", which makes the secure exchange of confidential data possible.
Figure 2: Secure connection between two networks over the Internet
A tunnel can be opened and closed between any two terminals in the Internet. A terminal can be an individual computer or and entire network. All that is required is that both ends be equipped with the corresponding tunnel protocols. A VPN is a dynamic network that is completely independent of the physical connection via the Internet. This is the origin of the name VPN: Virtual Private Network. The network is virtual because the tunnel represents only a logical connection. It is private because confidential data can be exchanged. The network is transparent for its users. They work in a VPN just as they would via a "normal" LAN.
The security requirements and associated tunnel technology play a significant role in a VPN. The following sections will discuss these aspects in greater detail.
Security through a VPN
When the Internet was founded around 30 years ago, it linked a small number of research institutions and governmental bodies. There was no such thing as hackers or viruses, and thus no need to worry about data security. Therefore the Internet and the IP Internet protocol are not equipped with any integrated security functions. Data sent via the Internet are subjected to many potential attacks. These include sniffing, spoofing and replay attacks, as well as "man in the middle" and hijacking. All of these attacks have the goal of stealing or changing confidential data.
Because there are so many ways to attack data transmission, the Internet is not a suitable medium for exchanging sensitive data. For secure communication a VPN must offer various security measures. At the heart of such measures is the authentication of users' identity and the protection of the data.
In a nutshell there are three conditions that a VPN solution absolutely must fulfill:
Authenticity ensures that no unauthorized users can access your network via VPN. It also makes sure that incoming data come from the registered party and not from another source.
Privacy concerns above all the nondisclosure of data. Data must be encrypted to prevent them from falling into the hands of outside parties.
Integrity, finally, is what ensures that the data are not changed over the course of transmission through the Internet. This is a way of detecting the manipulation of data and attempts to record or divert the data stream.
The VPN tunnel meets these requirements. There are various tunnel protocols distinguished by the different ways in which they realize authentication and encryption. These differences are decisive, as weak encryption can be cracked and insufficient authentication techniques can be bypassed.
The Tunnel Technology
The principle of tunnel technology is simple. The user data and their headers are packed into a new packet. Various authentication and encryption procedures can be applied in order to secure the data.
Figure 3: The IP tunnel
The new IP header contains the IP addresses of the two VPN parties in the Internet. It constitutes the "wall" of the tunnel, and is the only part of the packet external users can see in the Internet in plain text. The user data and the IP addresses of the local networks remain concealed in the interior of the tunnel. In addition to security, the tunnel is thus what makes it possible to connect networks with private IP addresses via the Internet.
The most common tunnel protocols are PPTP (Point-to-Point Tunneling Protocol), L2TP (Layer-2 Tunneling Protocol) and the IP Security Protocol IPSec. PPTP and L2TP are older protocols based on PPP (Point-to-Point Protocol), the standard protocol for dial-up connections. For some time now, the encryption of PPTP has been considered insufficiently secure. L2TP can be combined with various encryption procedures, but generates greater overhead and thus reduces net throughput.
IPSec is the latest tunnel protocol. It offers state-of-the-art encryption procedures and can be integrated seamlessly into existing IP networks. Thus it has emerged as the de facto standard for IP-based VPN connections. The following section offers more detail about the features and operating mode of IPSec.
Tunneling with IPSec
The IP Security Protocol was developed as part of the new IPv6 standard, which is to be implemented in the Internet in coming years. In IPSec the new standard offers integrated services for secure communication in IP networks. Today it is already possible to integrate IPSec into existing IP networks.
IPSec fulfills the demand for authenticity, confidentiality and integrity using two data security methods: Authentication Header (AH) and Encapsulated Security Payload (ESP).
Authentication Header provides for the authentication of IP packets. The sender generates a checksum from the original packet and a secret key known only to the sender and recipient. The recipient also generates a checksum and compares the two values.
Figure 4: The Authentication Header
Any change to the packet during the course of transmission over the Internet would lead to a different result, and thus rejection of the packet. In this way the recipient can make sure that the packet originates from the denoted sender and was not changed.
Encapsulated Security Payload
With ESP the packets are encrypted in order to prevent them from falling into the hands of outside parties. Only the recipient, who has the same key as the sender at his disposal, can decrypt the data. At the same time the packet is authenticated via ESP.
Figure 5: Encapsulated Security Payload
AH and ESP can be used individually or in combination in order to provide for maximum security.
Both methods are independent of the cryptographic technique used, which define how the checksum is generated and how the data are encrypted. This independence makes IPSec extremely flexible and future-proof. Any newer, more powerful procedures for authentication or encryption can be integrated as they become available.
To ensure interoperability between VPN solutions, today's IPSec standard prescribes a minimum rate for supported techniques. For AH these are the hash algorithms MD5 and SHA; for ESP the encryption standards DES and 3DES.
Configuring the Tunnel
IPSec offers various operating modes and encryption procedures, which must be defined for a VPN connection. Moreover, the VPN participants must perform mutual authentication when the tunnel is set up, and generate and exchange the secret key for the subsequent data exchange.
In IPSec-based VPNs, all of these tasks are fulfilled by two components: Security Associations and Key Management.
Security Associations (SAs) describe the precise configuration of the IPSec protocols. They include specifications as to whether AH and/or ESP are used, which encryption algorithms are applied, and how long the keys are valid. A valid SA is a prerequisite for every IPSec connection.
Key Management is responsible for the generation and administration of the keys. The Internet Key Exchange Protocol (IKE) used for this purpose authenticates the parties with each other, exchanges the security policies defined in the SAs, and takes care of the key exchange for data encryption.
IKE negotiation takes place in two phases. The first phase serves to establish an encrypted connection; in the second phase the actual VPN tunnel is established - already encrypted. Special authentication procedures ensure that no password or key is transmitted in plain text during the negotiation. A hacker tracing the establishment of the VPN connection using IPSec cannot procure any security-sensitive information.
Security of the Encryption Techniques
IPSec and IKE offer all possibilities to design and keep a VPN secure. But how the details are implemented is decisive. Besides authentication, the security of a VPN hinges on the data encryption used. The IPSec standard prescribes DES and 3DES at a minimum. The main difference between these is the length of the key. A key that is too short, just like a weak password, can be discovered by simply trying out possible combinations. As computing power increases, less and less time is needed for this approach.
The Data Encryption Standard (DES) with 56-bit keys is the oldest technique, and has been considered insufficiently secure for some time already. Back in early 1998 a DES key was cracked within 40 days; by late 1998 the time was down to 24 hours.
With Triple DES (3DES), DES is applied three times to achieve improved security. The theoretical length of the key is three times higher than that of the DES key, or 168 bits. But because the key is applied three times, the effective length is only 128 bits. 3DES certainly offers significantly more security than DES, but is still subject to critique, especially since the highly developed crack algorithms for DES can be ported to 3DES.
The Advanced Encryption Standard (AES) introduced a new encryption standard offering the highest security, with keys ranging from 128 up to 256 bits in length. Assuming that a DES key can be cracked in 1 second, it would take around 149,000 billion years for a 128-bit AES key. By comparison: The age of the universe is estimated at around 20 billion years. What is more, the algorithm is significantly more efficient than triple application of DES, yielding considerably higher throughput rates.
VPN with AVM
With the rapid propagation of DSL, today it makes more sense than ever to use the fast Internet for VPN connections. Until recently many solutions were complicated and expensive, but now the FRITZ!Box is opening up new vistas.
The product is especially tailored to the needs of small and medium-sized businesses and for single workplaces, presenting a complete, simple and powerful solution for everything involved with DSL, VoIP and VPN.
The entire VPN configuration is performed with the assistance of a Wizard that guides the user through the configuration step by step. During this process all VPN parameters like encryption algorithms and access rules are set automatically. A VPN connection is set up with a minimum of effort.
As a result, the Wizard provides configuration files that can be imported into the FRITZ!Box or "FRITZ!VPN". The VPN parameters in these files can be adjusted manually to connect to products by other manufacturers.
By default, VPN connections are secured with AES, the strongest encryption algorithm currently available. Yet even the most secure VPN is of no use if the Internet connection upon which it is based is not protected as well. In the FRITZ!Box this is taken care of automatically by a preconfigured firewall that provides for maximum security. So the Internet connection and VPN are always well protected from attacks.
A powerful DSL modem, intelligent mechanisms like traffic shaping and the compression of user data within the VPN tunnel always provide for optimum use of bandwidth.