IPSec and IKE
IPSec uses CBC mode block symmetric cipher for encryption and HMAC for authentication. IKE is basically an authenticated Diffie-Hellman exchange.
IPSec has two protocols: ESP and AH, and two modes: Transport mode and Tunnel mode. ESP provides both authentication (with HMAC) and confidentiality (with CBC mode symmetric ciphers) for the data payload, and AH only provides authentication (with HMAC) for both data payload and IP header.
An IPSec Security Association (SA) associates the security services and keys for the traffic to be protected and the remote peer with whom the IPSec traffic is being exchanged.
SAs reside in SADB (Security Association Database), and is identified by SPI (Security Parameter Index).
IPSec policy is maintained in the SPD (Security Policy Database). An SPD entry defines one of the three actions: 1. discard 2. bypass 3. protect. SPD entries that define an action of "protect" will point to an SA to apply to the packet. If there is no existing SA in the SADB for an outbound packet, IPSec will dynamically create the SA using IKE.
IP traffic is mapped to IPSec policy by selectors. A selector is like the "match address" statement in the cryptomap definition.
IKE also uses the concept of SA. An IKE SA can be used to produce any number of IPSec SAs.
IKE has two phases: Phase 1 is to create an IKE SA, and Phase 2 is to create IPSec SAs. In phase 1, IKE uses Dieffie-Hellman to establish a shared secret, which will be used to negotiate IPSec SAs in phase 2.
IKE cookies are used to identify the peer that it's negotiating with.
Upon completion of the Dieffie-Hellman exchange, IKE needs to authenticate the shared secret. There are five authentication methods defined in IKE:
* Preshared keys
* DSS signatures
* RSA signatures
* An encrypted nonce exchange using RSA
* A revised method with encrypted nonce
<< Home
