Title: ISA 662
1ISA 662 IKE Key management for IPSEC
Prof. Ravi Sandhu
2INTERNET KEY EXCHANGE(IKE)
IKE
3ISAKMP
- Internet security association and key management
protocol - separates key management from key exchanges
- complex general protocol used in a specific way
in IKE - can apply to protocols other than IPSEC
- for IPSEC uses UDP over IP
4IKE
- ISAKMP phase 1 establishes ISAKMP SA
- Main mode (DH with identity protection)
- Aggressive mode (DH without identity protection)
- Between phases
- New group mode
- ISAKMP phase 2 establishes SA for target
protocol - Quick mode
5DIFFIE-HELLMANKEY ESTABLISHMENT
yAaxA mod p public key
yBaxB mod p public key
A
B
private key xA
private key xB
k yBxA mod p yAxB mod p axAxB mod p
system constants p prime number, a integer
6PERFECT FORWARD SECRECY
- Use a different DH key-pair on each exchange
- DH public keys need to be authenticated
- authentication can be done by many techniques
- Loss of long-term (authentication) keys does not
disclose session keys
7PHASE 1 AUTHENTICATION ALTERNATIVES
- public-key signature
- preshared-key
- public-key encryption
- revised public-key encryption
8COOKIE EXCHANGE
- Phase 1 employs cookie exchange to thwart (not
prevent) denial of service attacks - A -gt B Cookie_Request
- As cookie, 64 bit random number
- B -gt A Cookie_Response
- includes A and Bs cookies
- all further Phase 1 and Phase 2 messages include
both cookies - ISAKMP SA is identified by both cookies
- IPSEC protocol SA is identified by SPI
9COOKIE GENERATION
- hash over
- IP Source and Destination Address
- UDP Source and Destination Ports
- a locally generated random secret
- timestamp
10IKE DEFAULT OAKLEY DH GROUPS
- Group 1
- MODP, 768 bit prime p, g2
- Group 2
- MODP, 1024 bit prime p, g2
- Group 3
- EC2N, 155 bit field size
- Group 4
- EC2N, 185 bit field size
- private groups can be used
11IKE NOTATION
12IKE NOTATION
13SKEYS, HASH AND SIG
14MAIN MODE WITHDIGITAL SIGNATURES
15AGGRESSIVE MODE WITHDIGITAL SIGNATURES
16MAIN AND AGGRESSIVE MODE WITH PRE-SHARED KEY
17MAIN MODE WITHPUBLIC KEY ENCRYPTION
18AGGRESSIVE MODE WITHPUBLIC KEY ENCRYPTION
19AUTHENTICATION WITH PUBLIC-KEY ENCRYPTION
- does not provide non-repudiation
- provides additional security since attacked must
break both - DH key exchange
- public-key encryption
- provides identity protection in aggressive mode
- revised protocol reduces public-key operations
20MAIN MODE WITH REVISED PUBLIC KEY ENCRYPTION
21MAIN MODE WITH REVISED PUBLIC KEY ENCRYPTION
22AGGRESSIVE MODE WITH REVISED PUBLIC KEY ENCRYPTION
23PHASE 2 QUICK MODE
24PHASE 2 QUICK MODE
25PHASE 2 QUICK MODE
26PHASE 2 QUICK MODE
27NEW GROUP MODE
- sandwiched between phase 1 and 2
- group can be negotiated in phase 1
- new group mode allows nature of group to be
hidden - in phase 1 only group id is communicated in clear
28NEW GROUP MODE