All Cisco-Network Study Notes: Internet Key Exchange cisco system

Internet Key Exchange 372

The antecedent area declared how arrangement band IPsec protocols action and

which abstracts they use.These protocols use cryptographic algorithms for encryption

and authentication; appropriately some of the best important pieces of abstracts are encryption/

authentication keys. It is accessible to configure these keys manually, but there are

big disadvantages to this approach. First, it is absolute difficult to scale; second, it is

not accessible to renegotiate SAs because they are anchored until manually changed.

Thus, there is a able charge of accoutrement for managing keys and SAs. Key management

includes generation, distribution, storage, and abatement of the keys.The best challenging

phases are the antecedent affidavit of the systems to anniversary added and then

the aegis of the key exchange. Afterwards keys are exchanged, the approach is protected

with these keys and acclimated for ambience up added parameters, including SAs.

The agreement the IETF adopted for assuming these functions is called

Internet Security Association and Key Administration Agreement (ISAKMP), which

is authentic in RFC 2408 and describes the accurate key barter methods

without diving into particularities. ISAKMP has an IANA-assigned UDP port

number of 500.This is a all-encompassing agreement and is not angry to IPsec or any other

key-using protocol. It can be implemented anon over IP or any carriage layer

protocol.When it is accumulated with genitalia of added key administration protocols

called Oakley (RFC 2412) and Defended Key Barter Mechanism (SKEME),

which has no RFC, we end up with a agreement alleged the Internet Key Exchange

(IKE), which is authentic in RFC 2409. Although not carefully correct, the abbreviations

IKE and ISAKMP are generally acclimated interchangeably, alike in Cisco configuration

commands. In fact, on the PIX firewall, all IKE agreement is performed

using the isakmp command.

In IKE, there are two phases of advice exchange; anniversary of them can

operate in one or two modes. IKE Appearance 1 starts back two aeon charge to establish

a defended channel—that is, they do not accept IPsec SAs bare for communication

over IPsec.This appearance includes affidavit of systems by anniversary other,

agreement on encryption and affidavit algorithms acclimated from again on to

protect IKE traffic, assuming a Diffie-Hellman (DH) key exchange, and finally,

establishing an IKE Security Association (IKE SA). IKE SAs are bidirectional;

each IKE affiliation amid aeon has alone one IKE SA associated with it.The

second appearance is centered on negotiating one or added IPsec SAs, which will be

used for the IPsec adit amid these peers. It uses key absolute from IKE

Phase 1 to acquire keys for IPsec. One associate tells the added which cartage it wants to

protect and which encryption/authentication algorithms are supported.The

www.syngress.com

Configuring Virtual Private Networking • Chapter 7 341

second associate again agrees on a distinct aegis set for this cartage and establishes

keys bare for this aegis set.

Although implementing altered phases adds some aerial in processing,

there are advantages to this approach:

Trust amid aeon is accustomed in the aboriginal appearance and acclimated in the

second phase.

Key absolute accustomed in the aboriginal appearance can be acclimated in the additional phase.

Renegotiations of the aboriginal appearance can be assisted by the second-phase data.

Let’s accede these two phases in added detail. Appearance 1 has two modes: main

mode and advancing mode. Capital approach uses three exchanges amid peers; each

exchange consists of two messages, a appeal and a reply:

The aboriginal barter in capital approach is acclimated to accommodate the ambit for

protection of the IKE connection.The initiating ancillary sends a proposition

to its counterpart, which includes a set of accessible ambit supported

by the initiator. Anniversary set includes one encryption algorithm (DES,

3DES, etc.) and one of four affidavit algorithms: pre-shared secret,

RSA accessible key encryption with Diffie-Hellman barter accumulation 1 and

2, or accessible key RSA signature (this includes use of certificates).The

other associate again replies by accepting a distinct brace from the offered set,

which it additionally supports. If there is no bout amid the sets supported

by the peers, the IKE adit cannot be established.

The additional barter in capital approach is acclimated to accomplish DH key establishment

between peers. It additionally exchanges two ethics alleged nonces, which

are hashes that alone the added allotment can interpret.This is done in adjustment to

confirm that the bulletin is beatific by the aforementioned hosts as the previous

exchange.

The third and aftermost barter performs absolute affidavit of the peers

using the agreed-on methods: accessible keys signatures, accessible key encryption,

or a pre-shared secret.This barter is additionally adequate by an

encryption adjustment that was called in the aboriginal exchange.

RFC 2408 provides added capacity on the packet architecture and algorithms used.

At the end of the aboriginal phase, anniversary host has an IKE SA, which specifies all parameters

for this IKE tunnel: the affidavit method, the encryption and hashing

algorithm, the Diffie-Hellman accumulation used, the lifetime for this IKE SA, and the

key values.

www.syngress.com

342 Chapter 7 • Configuring Virtual Private Networking

Aggressive approach exchanges alone three packets instead of six, so it is faster but

not as secure.The cardinal of packets is decreased because the aboriginal two packets in

this barter accommodate about aggregate in one message; anniversary host sends a proposed

protection set, Diffie-Hellman ethics and affidavit values.The third

packet is beatific alone for acceptance and afterwards the IKE SA is already established.

The weakness in advancing approach is that aggregate campaign on the wire in clear

text and can be eavesdropped or spoofed. However, the alone affair the attacker

can accomplish is to DoS one of the peers, because it is not accessible to ascertain the

keys that are accustomed by the Diffie-Hellman protocol.

The best important approach of Appearance 2 is quick mode. It can be again several

times application the aforementioned IKE SA accustomed in Appearance 1. Anniversary barter in this mode

results in the enactment of two IPsec SAs by anniversary peer. One of these SAs is

used for entering protection, and the added is acclimated for outbound protection.

During the exchange, aeon accede on the IPsec SA ambit and accelerate anniversary other

a new nonce, which is acclimated for anticipation Diffie-Hellman keys from the ones established

in Appearance 1.When the IPsec SA lifetime expires, a new SA is adjourned in

the aforementioned manner. Figure 7.5 summarizes the breeze of the IKE protocol.

Another approach in Appearance 2 is new accumulation mode, which is not accompanying to the

setup of IPsec ambit and is acclimated to change ambit of the Diffie-Hellman

group acclimated in IKE Appearance 1.

www.syngress.com

Figure 7.5 IKE Phases and Modes

Start

Main mode

Aggressive

mode

Quick mode

with PFS

Quick mode

without PFS

IPsec tunnel

established

Phase 1

Negotiation

of IKE SA

Phase 2

Negotiation

of the two

IPsec SAs

New IPsec

tunnel or key

renewal

Configuring Virtual Private Networking • Chapter 7 343

NOTE

It is accessible to appeal that quick approach use Perfect Forward Secrecy

(PFS). PFS dictates that new encryption keys are not acquired from previous

ones, so alike if one key is discovered, alone the cartage adequate by

this key and annihilation abroad will be exposed. PFS is accomplished by performing

a new Diffie-Hellman key enactment in anniversary quick mode.