Regarding VPN SAs

Unanswered Question
Dec 30th, 2008

Hi Team,

As We know that their are 6 steps in Main mode and 3 Steps in Aggressive mode for IKE SA.In Main Mode the steps are:-

In Steps 1 & 2 the Initiating peer will send the required Encryption algorithms,Hash algorithm etc over internet to the peer gateway.Now Peer gateway as well as any hacker's gateway can also reply to this request.How to avoid that some fake gateway should not reply to this request.May be we cannot avoid in this step.Please correct me if I am wrong.

In Steps 3 & 4,both the peers exchange DH public keys.Here also any Hacker can fake the actual peer's public key and reply back to initiator.

In steps 5 & 6, both the initiator and the actual peer will generate a besic session key(using Pre shared Key, Hash algorithm,other peer's DH Public key,its own private key) and using this Basic session key the message 5 & 6 gets encrypted and sent to peer.Here the initiator will get the reply from correct peer because the basic session key is generated using Pre shared key which is only known to Initiator and actual peer and at this stage the initiator will reject all the fake replies which it has received and will accept reply from actual Peer only.Am I right? OR it is some other way.

2.And in Aggressive mode we are having only 3 steps and in the very first step, we will send all the information to peer.In aggressive mode how we will avoid that tunnel should not gets established with some Fake gateway.Because in Aggressive mode in First message itself we will send everything--i.e. Encryption algorithm, public keys, IP addresses..Then how we will ensure that the correct peer will only give reply--whether here also the whole Message 1 is encrypted using basic session key.

I have gone through various documents on above topic but i could not find answers to these very basic questions.

Can you pls reply to these quesries.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
sushilmenon Wed, 12/31/2008 - 22:41

Hi in first phase of message 1 and 2 where both the peers exchange the ike policies with each other hacker gateway cannot actually do this cause there can any number of proposals and the ip address is matched with that gateway.

in message 3 and 4 the hacker can intercept the public key for sure but he canot generate the shared secret because he doesn;t the peer;s private key which is never send over the wire.

in message 5 and 6 both the peers have each others public key which they run into a algorithm using the other peer;s public key and their own private key and get the shared secret value which is same on both the ends.

now from this shared secret more symmetrical keys are generated like skeid-a this key is used by ur hashing algorithms speciifed in the ike policy and other skeid-e which is used by ur encryption algorithms and skeid-d which is to be used for generating further keys in the phase 2.

now in message 5 and 6 ur pre-shared keys are hashed using the skeid-a and then the hash is encrypted using skeid-e and this encrypted hash is send over the wire which is ir-reversible.

the other peer decryptes this encrypted hash with his skeid-e and get the hash. now from the hash u cannot reproduce the data again. so since the pre-shared keys are same on both the ends the peer makes a hash of his own pre-shared key using the skeid-a which he generated from the shared material and compares his with the has he received from his peer. this is how the pre-shared is never send over the wire and this is how the peers are authenticated.

i hope this solves ur query regarding the main mode functions.

rate it if this helps and solves ur query.



palsukh2002 Thu, 01/01/2009 - 19:01

Thanks Sushil

I agree with you

1. When the initiating peer will send proposals in Message 1 & 2,it will send those proposals to the Peer gateways public IP address,which even the hecker can see and the hacker can spoof the Peer Gateways public IP address and then hacker can reply with his public key and in that case the shared secret generated in initiating and hacker gateway will be same and later on in Message 5 & 6 the hacker can guess the Preshared key.

2. As we know that in Message 5 & 6,the initiating gateway will send its identity(IP address etc) to the Peer and this message is encrypted.My first question is will this encryption use the Shared secret key for encryption and whether the Preshared key(hashed & encrypted) you mentioned is sent separately during message 5 & 6.

My second question here is why we are encrypting the IP address details of Initiator gateway since everyone is already aware of the initiator's IP address when the initiator sent proposals in message 1 & 2 .why we are sending the Initiator IP as encrpted now.

3. An in Aggressive mode we are using only 3 messages.the Initiator is sending all the required details(proposals,public key) in message 1.How all the steps(shared secret,preshared key) as compared to Main mode are completed.Because the procedure for setting up VPN SA should be same whether we use Main mode or Aggressive mode--right?


This Discussion