Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Community Member

Aggressive mode PSK hash attack

Hello All,

I am wondering if Aggressive Mode PSK hash attack can be applied to Main Mode negotiation while using wildacrd crypto IKE  like:

crypto isakmp key xxxxx address 0.0.0.0 0.0.0.0?

I know that using ike-scan tool there is a possibility of obtaining hashed PSK from remote peer while using aggressive mode for IKE, so wondering if the same applies for wildcard PSK, but using Main Mode.

Thanks!

3 REPLIES
Cisco Employee

Re: Aggressive mode PSK hash attack

I'm not sure I get the question, but in MM the identity is prtected using SKEYID, which takes as a factor PSK.

You need to know the PSK to decode the identity, so it's not a matter of "simple hashing".

     For pre-shared keys:       SKEYID = prf(pre-shared-key, Ni_b |
   Nr_b)

http://www.ietf.org/rfc/rfc2409.txt

section 5.

Community Member

Re: Aggressive mode PSK hash attack

Thanks Marcin,

My question is while using wildcard PSK for DMVPN peers over internet along with main mode, can this key be somehow compromised by remote party since anybody is able to send IKE requests to the HUB routers, because of a wildcard PSK use.

I know there is a vulnerability but only in aggressive mode  ( I disbaled AM)- obtaining  PSK hash and then crack it

Cisco Employee

Re: Aggressive mode PSK hash attack

To exchange Identities (i.e. perform authnetication) you would need to have already SKEYID calculated, which requires PSK, and DH exchange.

Thus you cannot properly protect MM5 or MM6, if you had wrong PSK. Those are the only moments AFAIR where PSK is being used in exchange.

The weakness of using one wildcard PSK is that once it's compromised entire domain is at risk.

I don't see any practical means of getting PSK from MM exchange.

286
Views
0
Helpful
3
Replies
CreatePlease to create content