Using AES-256/SHA instead of 3DES/MD5

Unanswered Question
Feb 17th, 2008
User Badges:

Hi, sorry this is newish to me and a little unclear, so I hope you can help me understand rather than a link :)


I have a few VPN's connected to my Cisco Concentrator, these remote sites use Cisco 877's on DSL lines. They all use this config example (below) for it's VPN, but I believe moving from 3DES/MD5 to AES-256/SHA is better as it's more secure and sometimes quicker?


crypto isakmp policy 1

encr 3des

hash md5

authentication pre-share

group 2

crypto isakmp key jgC:Gds&85h%1a address 1.2.3.4

!

!

crypto ipsec transform-set MY_T_Set esp-3des esp-md5-hmac

!

crypto map MY_Crypto_Map 10 ipsec-isakmp

set peer 1.2.3.4

set transform-set MY_T_Set

match address 101


So the questions I have are:


1.) What parts of the above config do I need to change to make it more secure using the AES-256/SHA?


2.) Which part is the encryption and which part is the authentication? I take this is phase 1 and 2?


I'm trying to relate it to the concentrators settings as it uses 3 parts relating to the above config:


Authentication = ESP/MD5/HMAC-128

Encryption = 3DES-168

IKE Proposal = IKE-3DES-MD5


Thanks in advance for clearing this up for me.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Jon Marshall Sun, 02/17/2008 - 13:34
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

Hi James


1) The following lines in your config need changing


crypto isakmp policy 1

encr aes 256

hash sha


crypto ipsec transform-set MY_T_Set esp-aes 256 esp-sha-hmac


2) Not really.


Phase 1 is concerned with setting up a secure channel between the 2 peers so they can communicate.


Phase 1 are your "crypto isakmp policy 1" settings.


Phase 2 is concerned with setting up 2 secure tunnels (IPSEC SA's) for actually transferring the data.


Your crypto map and crypto ipsec transform-set settings are for Phase 2.



AES is used for encryption.

SHA-HMAC is used for the authentication.


HTH


Jon


Jon Marshall Sun, 02/17/2008 - 13:57
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

AES is a newer and more secure encryption algorithm than 3DES.


Of course not all devices currently support AES whereas 3DES is fairly common.


Jon

Edison Ortiz Sun, 02/17/2008 - 13:37
User Badges:
  • Super Bronze, 10000 points or more
  • Hall of Fame,

    Founding Member

Your config:


crypto isakmp policy 1

encr 3des

hash md5

authentication pre-share

group 2

crypto isakmp key jgC:Gds&85h%1a address 1.2.3.4

!

!

crypto ipsec transform-set MY_T_Set esp-3des esp-md5-hma


Proposed config:


crypto isakmp policy 1

encr aes

authentication pre-share

group 2

crypto isakmp key jgC:Gds&85h%1a address 1.2.3.4

!

!

crypto ipsec transform-set MY_T_Set esp-aes 256 esp-sha-hmac


____________


More information at:


http://www.cisco.com/en/US/tech/tk583/tk372/technologies_configuration_example09186a0080194650.shtml


HTH,


__


Edison.

jamesgonzo Sun, 02/17/2008 - 14:05
User Badges:

Thanks, yours looks different to Jon's he has:


crypto isakmp policy 1

encr aes 256

hash sha


You have


crypto isakmp policy 1

encr aes 256



Which is correct?

jamesgonzo Sun, 02/17/2008 - 15:01
User Badges:

Thanks, I need to change my configs on my routers then. Problem is they are all online, what is the best method to remotely change them to AES-256/sha?


While I make the change on the router will the VPN go down?


Or can I somehow create a 2nd crypto policy then delete the 3DES/MD5 one after?


And example would be great.

Danilo Dy Sun, 02/17/2008 - 16:12
User Badges:
  • Blue, 1500 points or more

Hi,


1. Remotely acccess the router by not using VPN

2. Save and backup the current config

3. Schedule "reload". The timing depends on how long you can make the changes with a time to spare for testing. This is to make sure that if you screw up and not able to access the router, it will reload with the original config.

4. Remove the Crypto from the interface before applying the change

5. Apply the change

6. Apply the crypto to the interface

7. Test the VPN

8. Cancel the reload

9. save the configuration


Regards,

Dandy

Richard Burts Sun, 02/17/2008 - 16:18
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

I would like to start by commenting on something in the original post. It suggests that:

AES-256/SHA is better as it's more secure and sometimes quicker?

I would observe that AES is probably more secure. But since it is computationally more challenging it is likely to be slower rather than quicker.


If you take out the existing statements and then put in the new statements then the VPN will certainly go down. And that presents quite a challenge in making changes on the remote routers.


One approach to consider would be to configure the new isakmp policy for AES while the existing policy is still in place. Since the isakmp policies have a sequencing number (you used 1 - as many people do) it is easy to have both policies in the config at the same time. Then you can remove the policy for 3DES and leave the policy for AES. Assuming that everything in the new policy is correct on both sides this would change over quickly and with only a minimum disruption.


HTH


Rick

whiteford Mon, 02/18/2008 - 05:52
User Badges:

Is it better to use DH5 than DH2 when using AES-256/SHA as well? I am having similar requirements to this post.

Danilo Dy Mon, 02/18/2008 - 08:43
User Badges:
  • Blue, 1500 points or more

Late last year I change my Firewall S2S and Remote VPN encryption from 3DES/MD5-HMAC to AES-256/SHA-HMAC and saw almost twice speed improvement.


My decision to change is after doing a thorough research for which combination is more secure and will be supported in the future. Although 3DES is unbreakable (unlike DES), MD5 and HSA1 is breakable. HSA2 has not been exploited but IPSec uses HSA1. HSA-HMAC addresses the problem of SHA1 alone.


During this research I read some documents that some implementation of AES is up to 6x faster than 3DES. I think this is because 3DES has to encrypt a single data 3x which can be a burden to the CPU.


Here is some of the links that explains the difference between AES and 3DES

http://www.networkworld.com/research/2001/0730feat2.html


Regards,

Dandy



jamesgonzo Mon, 02/18/2008 - 10:50
User Badges:

Can a Cisco 837 do AES-256/SHA or am I asking too much, most of my remote sites have 877's accept a couple.

Actions

This Discussion