[pptp-server] PPTP vs IPsec

Toktar, Emir EMIR.TOKTAR at bra.xerox.com
Thu Jul 29 08:26:34 CDT 1999


Neither network layer-based (L2TP, PPTP,...)nor application layer-based
(IPSec,SSL,SSH) 
security techniques are the best choice for all situations. There will be
trade-offs. 
Net work layer security protects the information created by  upper layer
protocols, 
but it requires that IPSec be implemented in the communications stack. 

With network layer security, there is no need to modify existing upper layer

applications. On the other hand, if security features are already imbedded
within a 
given application, then the data for that specific application will be
protected 
while it is in transit, even in the absence of network layer security. 
Therefore security functions must be imbedded on a per-application basis.

There are still other considerations:

. Authentication is provided only for the identity of tunnel endpoints , but
not
for each individual packet that flows inside the tunnel. This can expose the
tunnel to man-in-the-middle and spoofing attacks.

· Network layer security gives ²blanket protection², but this may not be as
fine-grained as would be desired for a given application. It protects all
traffic
and is transparent to users and applications.

· Network layer security does not provide protection once the datagram has
arrived at its destination host. That is, it is vulnerable to attack within
the
upper layers of the protocol stack at the destination machine.

· Application layer security can protect the information that has been
generated within the upper layers of the stack, but it offers no protection
against several common network layer attacks while the datagram is in
transit. For example, a datagram in transit would be vulnerable to spoofing
attacks against its source or destination address.

· Application layer security is more intelligent (as it knows the
application) but
also more complex and slower.

. IPSec provides for tunnel authentication, while PPTP does not. 

. <User Authentication> Layer 2 tunneling protocols inherit the user
authentication 
schemes of PPP, including the EAP methods discussed below. Many Layer 3
tunneling 
schemes assume that the endpoints were well known (and authenticated) before
the 
tunnel was established. An exception to this is IPSec ISAKMP negotiation,
which 
provides mutual authentication of the tunnel endpoints. (Note that most
IPSec 
implementations support machine-based certificates only, rather than user
certificates. 
As a result, any user with access to one of the endpoint machines can use
the tunnel. 
This potential security weakness can be eliminated when IPSec is paired with

a Layer 2 protocol such as L2TP.) 

. <Token card support> Using the Extensible Authentication Protocol (EAP),
Layer 2 
tunneling protocols can support a wide variety of authentication methods,
including 
one-time passwords, cryptographic calculators, and smart cards. 
Layer 3 tunneling protocols (IPSec) can use similar methods; for example,
IPSec 
defines public key certificate authentication in its ISAKMP/Oakley
negotiation. 

. <Dynamic address assignment> Layer 2 tunneling supports dynamic assignment
of client 
addresses based on the Network Control Protocol (NCP) negotiation mechanism.

Generally, Layer 3 tunneling schemes assume that an address has already been
assigned 
prior to initiation of the tunnel. Schemes for assignment of addresses in
IPSec tunnel 
mode are currently under development and are not yet available.

 <Data Compression> Layer 2 tunneling protocols support PPP-based
compression schemes. 
For example, the Microsoft implementations of both PPTP and L2TP use
Microsoft 
Point-to-Point Compression (MPPC). The IETF is investigating similar
mechanisms 
(such as IP Compression) for the Layer 3 tunneling protocols. 

. <Data Encryption> Layer 2 tunneling protocols support PPP-based data
encryption 
mechanisms. Microsoft's implementation of PPTP supports optional use of
Microsoft 
Point-to-Point Encryption (MPPE), based on the RSA/RC4 algorithm. Layer 3
tunneling 
protocols can use similar methods; for example, IPSec defines several
optional data 
encryption methods which are negotiated during the ISAKMP/Oakley exchange. 

. <Key Management> MPPE, a Layer 2 protocol, relies on the initial key
generated during 
user authentication, and then refreshes it periodically. IPSec, explicitly
negotiates 
a common key during the ISAKMP exchange, and also refreshes it periodically.

. <Multi-protocol support> Layer 2 tunneling supports multiple payload
protocols, 
which makes it easy for tunneling clients to access their corporate networks
using IP, 
IPX, NetBEUI, and so forth. In contrast, Layer 3 tunneling protocols, such
as IPSec 
tunnel mode, typically support only target networks that use the IP
protocol.
IPSec is not multi-protocol. 



IPSec will be suported by windows 2000, or W2K   :)

Many cases can occur, each of which needs to be examined on its own merit.
It
may be desirable to employ a mix of both network layer security techniques
and
application layer techniques to achieve the desired overall level of
protection.
For example, you could use an upper layer mechanism such as Secure Sockets
Layer (SSL) to encrypt upper layer data. SSL could then be supplemented with
IPSec¢ s AH protocol at the network layer to provide per-packet data origin
authentication and protection against spoofing attacks.



Regards,

Emir Toktar

Tel : +55 **41 340-7157
emir.toktar at bra.xerox.com 
toktar at per.com.br
toktar at ppgia.pucpr.br

A Comprehensive Guide to Virtual Private Networks, IBM
Virtual Private Networking: An Overview White Paper - DRAFT, 3/18/98
Microsoft.
Others...


-----Original Message-----
From: Matthew Ramsay [mailto:matthewr at moreton.com.au]
Sent: Wednesday, July 28, 1999 8:51 PM
To: bens at saber.net
Cc: pptp-server at lists.schulte.org
Subject: Re: [pptp-server] PPTP vs IPsec


Ben,

The difference between PoPToP and IPsec is that PoPToP is ready NOW..
and requires *no* third party software on the Windows client end
(Windows comes with a free PPTP client).

PoPToP is a completely *free* solution.

PoPToP can be integrated with the latest PPPD patches that take
advantage of MSCHAPv2 and MPPE (Microsoft encryption using RC4 - 40/128
bits).

Anyone else have anything to add?

Cheers,
Matt.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: Emir Toktar.vcf
Type: application/octet-stream
Size: 420 bytes
Desc: not available
URL: <http://lists.schulte.org/mailman/private/pptp-server/attachments/19990729/feea97a2/attachment.obj>


More information about the pptp-server mailing list