Questions tagged [ike]
IKE (Internet Key Exchange) is the protocol used to set up a security association in IPsec.
43
questions
1
vote
1
answer
160
views
Do IKEv2 ESP proposals really require a unquie SPI per proposal?
When one peer is trying to negotiate an ESP SA, it sends a security association (SA) payload to the other peer. This SA payload must contain at least one proposal, suggesting at least one encryption ...
0
votes
1
answer
705
views
Where should private key(s) reside in IPsec VPN tunnel
I setup an IKE VPN server for road warriors. I actually have this working (YAY!) but took some shortcuts that are leaving me with a working yet not-right/secure setup. My setup is as follows:
My ...
1
vote
1
answer
222
views
What is the role of a CA server in a PKI?
I'm confused how the CA server helps with the digital signature and the PKI workflow. Here's an example topology:
A and B are the 2 devices using PKI to authenticate each other for VPN, and then there ...
2
votes
1
answer
560
views
Why does IKE have two phases?
Why does have IKE have two phases, two levels of security associations, two sets of authentication and encryption algorithms, two sets of options around lifetimes and renogiations?
It seems ...
0
votes
2
answers
382
views
What does it mean that Ikev1 (IPSec) protects peer identities in main mode?
Does it mean that the source IP is replaced with something else (like if in IP spoofing) so intermediate routers don't know who is sending the packet?
1
vote
1
answer
2k
views
Windows 10 IPSec VPN not respecting configured parameters (notably: encryption method)
I am currently trying to establish a VPN connection from my Windows 10 Enterprise 1909 to a remote VPN gateway, using the built-in Windows VPN / IPSec client. Since the UI does not provide all options ...
2
votes
1
answer
442
views
How does IKEv2 work on Android without raw sockets
I was exploring the IKEv2 StrongSwan client implementation for Android. What I fail to understand is that Android and Java do not support raw sockets, whilst the IKEv2/IPSec works below the transport ...
0
votes
1
answer
841
views
Why is the Diffie-Hellman exchange not enough to authenticate the communication partners in IKE_SA_INIT?
The IKE_SA_INIT does create a key seed SKEYSEED from the Diffie-Hellman values and nonces. Since the exchange does sharing the secret between the communication partners, I do not understand why it is ...
2
votes
1
answer
404
views
IKEv2 Using Different PSKs
We're setting up some new tunnels and have been told to use IKEv2. I understand that IKEv2 allows different authentication methods, e.g. one side using PSK and the other using a certificate. We don't ...
1
vote
1
answer
2k
views
How hard is it to retrieve IKEv2 Server Certificate from the server?
I got access to a VPN via IPsec and IKEv2. The provider gave me a username, a shared secret and a server certificate. Since the certificate was self-signed, the manual came with specific instructions ...
0
votes
1
answer
351
views
IKE Phase 1 /w PSK resource?
I can't seem to find a sufficiently detailed resource that describes the IKE phase 1 PSK identity authentication process. They seem to focus on differences between aggressive and main mode while ...
0
votes
1
answer
23k
views
Which PFS Group is recommended for IPSec configuration?
I can't find much information on PFS (Perfect Forward Secrecy) Groups so I'm unsure what to suggest for a secure IPSec configuration.
Any suggestions on PFS groups that aren't recommended?
What is ...
1
vote
1
answer
1k
views
Why doesn't IKEv2 use L2TP?
My guess is that with IPSec/IKEv1, since it doesn't support NAT, you either have to manually configure routes from your machine, or use a layer 2 tunnel (such as l2tp) to talk with devices on the ...
1
vote
0
answers
577
views
What is the Identification Payload of RFC2407 used for in IPsec?
RFC2407 outlines the Identification Payload in section 4.6.2, which appears in the fifth and sixth packets of the Main Mode's SA negotiation when using IKEv1. What is this information used for?
From ...
1
vote
0
answers
1k
views
How does IKE with PSK really work and how secure is it?
There is many articles that describe some exploitation techniques on a VPN with IPSec - IKE-PSK.
However, I can't understand how the flaws may exist. Thus, I have some question relating to that:
1) ...
1
vote
1
answer
1k
views
What's the point of the second SA exchange in the Create_Child_SA exchange in IPsec
I have problems understanding why you would negotiate crypto-algorithms in the Create_Child_SA request in a IKEv2.
During IKE_SA_INIT you negotiate cryptographic algorithms which I assume (correct me ...
0
votes
2
answers
1k
views
Is IKE aggressive mode really less secure than main mode?
This guy argues it is not: https://www.youtube.com/watch?v=DuowFgNKAIg
I really confused about this. According to him, the only purpose of main mode is to make the peers anonymous, but in order to ...
1
vote
1
answer
2k
views
Key exchange during IKE_AUTH phase of IKEv2
This is what a casual IKEv2 handshake looks like :
Initiator Responder
| ...
1
vote
1
answer
5k
views
IKEv2 and Dead Peer Detection
Some articles and Websites (Wikipedia and Cisco for instance) claim that unlike IKEv1, IKEv2 provides a support for Dead Peer Detection. However, unlike NAT traversal or DoS attacks for example, the ...
1
vote
0
answers
255
views
What is a KEA certificate and how it is used?
I'm currently studying IKE and IPsec in the context of VPN applications and I know that a X.509 certificate is used to provide server's public key to the client (and vice-versa in case of mutual ...
4
votes
1
answer
1k
views
What does OAKLEY stand for?
IPsec uses ISAKMP + OAKLEY + SKEME right? This is strange but even after checking the RFC of OAKLEY, i couldnt find what it basically stands for? Can someone please point me to the right direction or ...
1
vote
1
answer
287
views
Does a leaked pre-shared key make the initial IKE phase 1 negotiation of Diffie Hellman vulnerable?
A pre-shared key is used for authenticating the peers and also used in protecting the DH key exchange because it's possible to man in the middle the DH exchange.
Does this mean that if an attacker ...
1
vote
1
answer
156
views
IKE/IPsec connection attempt -Is this legal? [closed]
I manage IT for a small school. We have an IPSec tunnel up between two sites.
This morning I saw alerts that showed some unknown IP was attempting to negotiate an IPSec/IKE session with my firewall. ...
1
vote
1
answer
307
views
Is it possible to use custom DH parameters for IKEv1 / IKEv2 /IPSEC?
While researching how to deploy TLS for web servers most securely, I have learned that using custom DH parameters is one of the key aspects.
Now I am in the process of deploying IKE / IPSEC. As far ...
0
votes
1
answer
329
views
content of Informational packets in ipsec between phase1 & phase2
I want to know about Informational packets in IKE negotiation between main mode & quick mode. what are the contents those packets will contain?
here i am uploading the screen shot of ike ...
7
votes
1
answer
2k
views
Is PSK-protected IKEv2 secure against MITMs?
I've set up an IKEv2 VPN connection as an alternative to an HTTP proxy (since HTTP proxies' credentials fly in plaintext and iOS still can't correctly remember proxy credentials) and I'd like to know ...
1
vote
0
answers
327
views
how IKE (Internet Key Exchange) protocol reacts to the replay attack?
I mean how IKE in any mode (quick,aggressive, main) responds to an attacker that tries to replay one or more messages?
2
votes
1
answer
522
views
open source IKE for Windows 7/8 [closed]
Is there an open source implementation of Internet Key Exchange protocol for windows?
I found only openiked for linux platforms. (http://www.openiked.org/)
2
votes
2
answers
2k
views
Real-world risk of a Cisco ASA 5505 running IKEv1 aggressive mode with PSK
We have a vendor configured Cisco ASA 5505 running on our network to provide VPN connectivity into their networks. The ASA 5505 was purchased by us but configured by the vendor and we have no ...
6
votes
1
answer
3k
views
IKEv2 Authentication - why/how does it work?
I am currently trying to understand the IKEv2 protocol which is used for IPsec and am wondering why/how the authentication process works.
From my understanding, in the prior IKE_SA_INIT exchange, the ...
2
votes
0
answers
607
views
IKE Main Mode - cookie vs. Nonce
Does replacing the values of the nonces in messages 3 and 4 with the cookie values in the headers of these messages, give an attacker any advantage?
The nonce should be randomly chosen while the ...
10
votes
2
answers
21k
views
What are the practical risks of using IKE Aggressive mode with a pre-shared key?
Our scanning vendor is marking us down because we are using IKEv1 in Aggressive Mode with a pre-shared key. We are using Sonicwall's Global VPN Client to connect to the VPN device in question.
I ...
2
votes
2
answers
2k
views
How does IPsec turn KEYMAT into Encryption and Authentication Keys?
IPsec is a framework protocol that consists of the sub-protocols ESP and AH. IPsec, inately, doesn't include a Key Exchange mechanism, and is therefore dependent on manually setting Keys (archaic), ...
1
vote
2
answers
2k
views
ISAKMP and OSI layer
I'm trying to find out on which OSI layer the ISAKMP protocol resides on?
It isn't listed under the wiki's list of network protocols, and the internet says it's either on the transport, network or ...
12
votes
2
answers
16k
views
which diffie-hellman group is needed for secure ike/ipsec
We're deploying ipsec on embedded devices and getting catastrophic performance from the diffie hellman 2048 group in ike.. afterwards the shared securet is used for 3des, sha1. ipsec negiation is ...
0
votes
1
answer
4k
views
In IKE protocol; what is the PRF? [duplicate]
In IKE protocol; what is the PRF ?
What is "the generation of a key based on modeled random oracle hash functions"?
9
votes
1
answer
12k
views
PRF, IKE and hash function
The term PRF is mentioned in the documentation of the IKE (Internet Key Exchange) protocol.
What is a PRF?
What is the difference between a PRF and a hash function?
What PRFs are used in the IKE ...
2
votes
1
answer
798
views
IKEv2: Why is it important "that each side sign the other side's nonce"
I am currently diging deep into the IKEv2 protocol. In the description of the Authentication (RFC5996, p. 48), the following statement is given:
"It is critical to the security of the exchange that ...
9
votes
1
answer
50k
views
Understanding the details of SPI in IKE and IPsec
I'm currently learning IKE and IPsec for an exam. I have a lot of information on how Security Parameter Indexes (SPI) are used in both protocols, but I'm having some problems figuring out the ...
3
votes
1
answer
1k
views
PFS incentive during IKE Phase 2
I'm trying to see the actual point in implementing Perfect Forward Secrecy during Internet Key Exchange Phase 2, if it had already been used during Phase 1.
Quoting the IKEv2 RFC:
RFC 5596
3.3.2. ...
13
votes
5
answers
23k
views
Does IPSec use IKE or ISAKMP?
Does the IPSec protocol suite use IKE or ISAKMP?
RFC 2828 states ISAKMP is the protocol used in IPSec to handle SAs, key management and system authentication. Other sources say IKE is the protocol ...
4
votes
1
answer
2k
views
Why should an IKE responder change the cookie secret 'frequently'?
IKEv2 has the concept of a COOKIE mode, to attempt to prevent state exhaustion from floods of initiation requests from non-existent IP addresses:
Two expected attacks against IKE are state and CPU ...
2
votes
3
answers
5k
views
IPSec VPNs and symmetric keys
When dealing with IPSec based VPNs, I understand that there is a slight "problem" with symmetric key exchange. Obviously, you can't send the keys over the VPN, since they are used to guarantee the ...