Cryptographic Algorithms in IPsec and
Their Relative Strengths
This section mentions many cryptography-related terms. Three categories
of cryptography algorithms are used in all IPsec implementations:
Encryption algorithms
Message authentication algorithms
Key establishment algorithms.
Encryption algorithms are used for enciphering clear-text messages,
turning them into cipher text and deciphering them back to normal
state using cryptographic keys. The simplest type of encryption algorithms
use symmetric encryption. In this case, messages can be
decrypted using the same key with which they were encrypted, and vice
versa. This key must be kept a secret and well protected; otherwise, anybody
can read and create encrypted messages. In addition, a general
rule is that the longer the key, the more difficult it is to “crack” an
encrypted message without knowing the key.
An example of this type of encryption is DES. It was adopted by the
U.S. government as an official standard until it was recently replaced by
Advanced Encryption Standard (AES), which provides much stronger
encryption. DES is now considered obsolete and weak because the
speed of computers has increased to the point that messages encrypted
with standard 56-bit DES can easily be cracked.
A stronger variation of DES is Triple DES (3DES). It encrypts a message
three times using DES, each time using a different 56-bit key. 3DES
is still considered a strong cipher, although in a few years will be phased
out in favor of AES. The PIX firewall supports DES and 3DES as encryption
algorithms for IPsec. The corresponding keywords for ESP configuration
are esp-des and esp-3des. When configuring IKE, the keywords
are des and 3des.
Another type of encryption is public-key cryptography. It uses complex
exponential calculations and is rather slow compared with fast symmetric-
key ciphers such as DES or 3DES. The basic advantage of
public-key cryptography is that it uses two keys: one for encryption and
a completely separate one for decryption. Only the decryption key
(known as the private key) needs to be kept secret. The encryption key
Designing & Planning…
Continued
Configuring Virtual Private Networking • Chapter 7 347
www.syngress.com
(known as the public key) can be made public. For example, if anyone
wants to send Alice an encrypted message, they can use her public key
to encrypt the message, but only Alice knows the key that allows her to
decrypt the message. One widespread algorithm based on public keys is
the Rivest, Shamir, and Adelman (RSA) algorithm.
Message authentication algorithms are used to protect the integrity
of a message. IPsec uses two types: keyed message hash algorithms and
public signature algorithms. Keyed message hashing works in the following
manner: A message is combined with a key and then reduced to
a fixed-length digest. (Adding a key gives these algorithms the name
keyed.) A hashing algorithm has a specific property, which makes it
almost impossible to create a message with the same digest as a given
one. When a receiver wants to ensure that the message was not altered
in transit, it performs the same calculation on the message and compares
the result with the received digest. If they are the same, the message
is authentic; a spoofed one would have a different digest.
The two authentication algorithms IPsec uses are MD5, which produces
128-bit output, and SHA-1, which produces 160-bit output and is
stronger than MD5. Although SHA-1 is cryptographically stronger than
MD5, it requires more processing to compute the hash than MD5. IPsec
uses modified versions of these authentication algorithms, called HMACMD5
and HMAC-SHA-1, which perform hashing twice, each time combining
in a different way the message to be digested with the key. The
PIX firewall supports both HMAC-MD5 and HMAC-SHA-1.
Finally, key establishment protocols provide means for secure
exchange of symmetric keys by both sides via an insecure medium (such
as the Internet). In IPsec, this task is accomplished using the Diffie-
Hellman (DH) algorithm. DH is based on some exponential computations,
and during the process both sides exchange a couple of numbers,
allowing both peers to derive the same key, but nobody who sees these
numbers can do the same. DH in IPsec can work with keys of two different
lengths: 768-bit (DH Group 1) and 1024-bit (DH Group 2).
Although Group 2 keys are stronger, they require much more processing
power. The PIX firewall supports both types of DH keys, with Group 1
being the default choice.