diff --git a/en_US.ISO8859-1/articles/ipsec-must/Makefile b/en_US.ISO8859-1/articles/ipsec-must/Makefile index 0647dfada3..5a348e95df 100644 --- a/en_US.ISO8859-1/articles/ipsec-must/Makefile +++ b/en_US.ISO8859-1/articles/ipsec-must/Makefile @@ -1,16 +1,14 @@ -# $FreeBSD$ +# $FreeBSD: doc/en_US.ISO8859-1/articles/ipsec-must/Makefile,v 1.1 2000/06/26 09:10:24 nik Exp $ DOC?= article -DOCFORMAT= html - FORMATS?= html INSTALL_COMPRESSED?=gz INSTALL_ONLY_COMPRESSED?= SRCS= article.sgml DOC_PREFIX?= ${.CURDIR}/../../.. .include "${DOC_PREFIX}/share/mk/doc.project.mk" diff --git a/en_US.ISO8859-1/articles/ipsec-must/article.sgml b/en_US.ISO8859-1/articles/ipsec-must/article.sgml index 349a53119d..69fea7065d 100644 --- a/en_US.ISO8859-1/articles/ipsec-must/article.sgml +++ b/en_US.ISO8859-1/articles/ipsec-must/article.sgml @@ -1,283 +1,345 @@ - - - - - Independent Verification of IPsec Functionality in FreeBSD - - - - -

Independent Verification of IPsec Functionality in FreeBSD

- -

You installed IPsec and it seems to be working.  - How do you know? I describe a method for experimentally verifying - that IPsec is working

- -

The Problem

- -

First, let's assume you have installed - IPsec. How do you know its working? - Sure, your connection won't work if its misconfigured, and it will work - when you finally get it right. Netstat will list it. But can you - independently confirm it?

- -

The Solution

- -

First, some crypto-relevent info theory:

- -
    -
  1. -

    encrypted data is uniformly distributed, i.e., has maximal entropy - per symbol;

    -
  2. - -
  3. -

    raw, uncompressed data is typically redundant, i.e., has - sub-maximal entropy.

    -
  4. -
- -

Suppose you could measure the entropy of the data to- and from- your - network interface. Then you could see the difference between unencrypted - data and encrypted data. This would be true even if some of the data - in "encrypted mode" was not encrypted---as the outermost IP header must - be, if the packet is to be routable.

- -

MUST

- -

Ueli Maurer's "Universal Statistical Test for Random Bit Generators" - (MUST) - quickly measures the entropy of a sample. It uses a - compression-like algorithm. The code is given below for a variant which measures successive - (~quarter megabyte) chunks of a file.

- -

Tcpdump

- -

We also need a way to capture the raw network data. A program called - "tcpdump" lets you do this, if you have enabled the Berkeley - Packet Filter interface in your kernel's config file.

- -

The command

- -
tcpdump -c 4000 -s 10000 -w - dumpfile.bin
- -

will capture 4000 raw packets to dumpfile.bin. Up to 10,000 - bytes per packet will be captured in this example.

- -

The Experiment

- -

Here's the experiment. Open a window to an IPsec host and another - window to an insecure host.

- -

Now start capturing packets.

- -

In the "secure" window, run the unix command "yes", which will stream - the "y" character. After a while, stop this. Switch to the insecure - window, and repeat. After a while, stop.

- -

Now run MUST on the - captured packets. You should see something like the following. - The important thing to note is that the secure connection has 93% (6.7) - of the expected value (7.18), and the "normal" connection has 29% (2.1) - of the expected value.

- - -
% tcpdump -c 4000 -s 10000 -w ipsecdemo.bin
-% uliscan ipsecdemo.bin
+
+
+
+%man;
+]>
+
+
+ + Independent Verification of IPSec Functionality in FreeBSD + + + David + Honig + + +
honig@sprynet.com
+
+
+ + 3 May 1999 + + + You installed IPsec and it seems to be working. How do you + know? I describe a method for experimentally verifying that IPsec is + working. + +
+ + + The Problem + + First, let's assume you have + installed IPsec. How do you know + it's working? Sure, your + connection won't work if its misconfigured, and it will work + when you finally get it right. &man.netstat.1; will list it. + But can you independently confirm it? + + + + The Solution + + First, some crypto-relevant info theory: + + + + encrypted data is uniformly distributed, i.e., has maximal + entropy per symbol; + + + + raw, uncompressed data is typically redundant, i.e., has + sub-maximal entropy. + + + + Suppose you could measure the entropy of the data to- and + from- your network interface. Then you could see the difference + between unencrypted data and encrypted data. This would be true + even if some of the data in encrypted mode was + not encrypted---as the outermost IP header must be, if the + packet is to be routable. + + + MUST + + Ueli Maurer's Universal Statistical Test for Random + Bit Generators( + MUST) quickly measures the entropy + of a sample. It uses a compression-like algorithm. The code is given below for a variant + which measures successive (~quarter megabyte) chunks of a + file. + + + + Tcpdump + + We also need a way to capture the raw network data. A + program called &man.tcpdump.1; lets you do this, if you have + enabled the Berkeley Packet Filter + interface in your kernel's config + file. + + The command + + + tcpdump -c 4000 -s 10000 -w dumpfile.bin + + + will capture 4000 raw packets to + dumpfile.bin. Up to 10,000 bytes per + packet will be captured in this example. + + + + The Experiment + + Here's the experiment. + + + + Open a window to an IPsec host and another window to an + insecure host. + + + + Now start capturing + packets. + + + + In the secure window, run the UNIX + command &man.yes.1;, which will stream the y + character. After a while, stop this. Switch to the + insecure window, and repeat. After a while, stop. + + + + Now run MUST on the + captured packets. You should see something like the + following. The important thing to note is that the secure + connection has 93% (6.7) of the expected value (7.18), and + the normal connection has 29% (2.1) of the + expected value. + + +&prompt.user; tcpdump -c 4000 -s 10000 -w ipsecdemo.bin +&prompt.user; uliscan ipsecdemo.bin Uliscan 21 Dec 98 L=8 256 258560 Measuring file ipsecdemo.bin Init done Expected value for L=8 is 7.1836656 6.9396 -------------------------------------------------------- 6.6177 ----------------------------------------------------- 6.4100 --------------------------------------------------- 2.1101 ----------------- 2.0838 ----------------- -2.0983 -----------------
- -

Caveat

- -

This experiment shows that IPsec does seem to be distributing the - payload data uniformly, as encryption should. However, the - experiment described here cannotdetect many possible flaws in a - system (none of which do I have any evidence for). These include poor - key generation or exchange, data or keys being visible to others, use of - weak algorithms, kernel subversion, etc. Study the source; know the - code.

- -

IPsec---Definition

- -

Internet Protocol security extensions to IPv4; required for IPv6. A - protocol for negotiating encryption and authentication at the IP - (host-to-host) level. SSL secures only one application socket; SSH - secures only a login; PGP secures only a specified file or - message. IPsec encrypts everything between two hosts.

- -

Installing IPsec

- -

Most of the modern versions of FreeBSD have IPsec support - in their base source. So you'll probably will need to - include IPSEC option in your kernel config - and, after kernel rebuild and reinstall, configure IPsec - connections using setkey command.

- - -

A comprehensive guide on running IPsec on FreeBSD is - provided in FreeBSD - Handbook. - -

usr/src/sys/i386/conf/KERNELNAME

- -

This needs to be present in the kernel config file in order to be able - to capture network data with tcpdump. - Be sure to run config after adding this, and rebuild and - reinstall.

- -
device	bpf
-
- -

Maurer's Universal Statistical Test (for block - size=8 bits)

- -

You can find the same code at - this link.

- -

+      
+    
+  
+
+    
+      Caveat
+
+    This experiment shows that IPsec does
+      seem to be distributing the payload data
+      uniformly, as encryption should.  However,
+      the experiment described here cannot
+      detect many possible flaws in a system (none of which do I have
+      any evidence for).  These include poor key generation or
+      exchange, data or keys being visible to others, use of weak
+      algorithms, kernel subversion, etc.  Study the source; know the
+      code.
+  
+
+  
+    IPsec---Definition
+
+    Internet Protocol security extensions to IPv4; required for
+      IPv6.  A protocol for negotiating encryption and authentication
+      at the IP (host-to-host) level.  SSL secures only one application
+      socket; SSH secures only a login;
+      PGP secures only a specified file or
+      message.  IPsec encrypts everything between two hosts.
+  
+
+  
+    Installing IPsec
+
+    Most of the modern versions of FreeBSD have IPsec support
+      in their base source.  So you'll probably will need to include
+       option in your kernel config and, after
+      kernel rebuild and reinstall, configure IPsec connections using
+      &man.setkey.8; command.
+
+    A comprehensive guide on running IPsec on FreeBSD is
+      provided in FreeBSD
+      Handbook.
+  
+
+  
+    usr/src/sys/i386/conf/KERNELNAME
+
+    This needs to be present in the kernel config file in order
+      to be able to capture network data with &man.tcpdump.1;.  Be sure
+      to run &man.config.8; after adding this, and rebuild and
+      reinstall.
+
+
+device	bpf
+
+  
+
+    
+      Maurer's Universal Statistical Test (for block size=8
+        bits)
+
+        You can find the same code at 
+          this link.
+
+
+/*
   ULISCAN.c   ---blocksize of 8
 
   1 Oct 98
   1 Dec 98
   21 Dec 98       uliscan.c derived from ueli8.c
 
   This version has // comments removed for Sun cc
 
   This implements Ueli M Maurer's "Universal Statistical Test for Random
   Bit Generators" using L=8
 
   Accepts a filename on the command line; writes its results, with other
   info, to stdout.
 
   Handles input file exhaustion gracefully.
 
   Ref: J. Cryptology v 5 no 2, 1992 pp 89-105
   also on the web somewhere, which is where I found it.
 
   -David Honig
   honig@sprynet.com
 
   Usage:
   ULISCAN filename
   outputs to stdout
 */
 
 #define L 8
-#define V (1<
-#include 
+#include <stdio.h>
+#include <math.h>
 
 int main(argc, argv)
 int argc;
 char **argv;
 {
   FILE *fptr;
   int i,j;
   int b, c;
   int table[V];
   double sum = 0.0;
   int iproduct = 1;
   int run;
 
   extern double   log(/* double x */);
 
   printf("Uliscan 21 Dec 98 \nL=%d %d %d \n", L, V, MAXSAMP);
 
-  if (argc < 2) {
+  if (argc < 2) {
     printf("Usage: Uliscan filename\n");
     exit(-1);
   } else {
     printf("Measuring file %s\n", argv[1]);
   }
 
   fptr = fopen(argv[1],"rb");
 
   if (fptr == NULL) {
     printf("Can't find %s\n", argv[1]);
     exit(-1);
   }
 
-  for (i = 0; i < V; i++) {
+  for (i = 0; i < V; i++) {
     table[i] = 0;
   }
 
-  for (i = 0; i < Q; i++) {
+  for (i = 0; i < Q; i++) {
     b = fgetc(fptr);
     table[b] = i;
   }
 
   printf("Init done\n");
 
   printf("Expected value for L=8 is 7.1836656\n");
 
   run = 1;
 
   while (run) {
     sum = 0.0;
     iproduct = 1;
 
     if (run)
-      for (i = Q; run && i < Q + K; i++) {
+      for (i = Q; run && i < Q + K; i++) {
         j = i;
         b = fgetc(fptr);
 
-        if (b < 0)
+        if (b < 0)
           run = 0;
 
         if (run) {
-          if (table[b] > j)
+          if (table[b] > j)
             j += K;
 
           sum += log((double)(j-table[b]));
 
           table[b] = i;
         }
       }
 
     if (!run)
       printf("Premature end of file; read %d blocks.\n", i - Q);
 
     sum = (sum/((double)(i - Q))) /  log(2.0);
     printf("%4.4f ", sum);
 
-    for (i = 0; i < (int)(sum*8.0 + 0.50); i++)
+    for (i = 0; i < (int)(sum*8.0 + 0.50); i++)
       printf("-");
 
     printf("\n");
 
     /* refill initial table */
     if (0) {
-      for (i = 0; i < Q; i++) {
+      for (i = 0; i < Q; i++) {
         b = fgetc(fptr);
-        if (b < 0) {
+        if (b < 0) {
           run = 0;
         } else {
           table[b] = i;
         }
       }
     }
   }
-}]]>
- - - - +} + + +