08-08-2012 03:29 AM
Hi,
In site to site vpn phase-1, we use SA proposals and it includes encryption, authentication, hashing, DH, lifetimes etc... Can anyone tell me, which parameter would be exchanged first ??
rgds
sec-IT Team
08-08-2012 05:14 AM
All parameters of an P1-Proposal are exchanges together so there really is no "first".
You can see it at a packet-capture of an exchange: http://www.cloudshark.org/captures/d863cff39171
--
Don't stop after you've improved your network! Improve the world by lending money to the working poor:
http://www.kiva.org/invitedby/karsteni
08-08-2012 05:27 AM
Thanks for the reply.
I would assume the phase01 is as below...pls correct if im wrong.
1. All the parameters are exchanged between both the peers
2. authentication (pkey) is matched by both the peers, these keys are exchanged in an encrypted format, using phase-1 encryption key, hash algo.
3. session would be created and secured using a session key by DH algo..
This is correct right !!
08-08-2012 05:35 AM
Not completely correct. In the first two packets the peers negotiate the P1-policies. After that they do their DH-exchange and come to a shared secret. The PSK is never sent over the wire for that, not even in an encrypted way. But they still don't know if there is a MitM or not. So as the last step of the P1-exchange the mutual authentication is done, which is quite similar to an PPP-CHAP-authentication it you use PSKs. After that the Quick-Mode starts to create the IPSec-SAs.
--
Don't stop after you've improved your network! Improve the world by lending money to the working poor:
http://www.kiva.org/invitedby/karsteni
08-08-2012 05:56 AM
Hi Karsten,
There should be a way, where both the parties confirm that the authentication-PSKEY "xxxx" is same on both the sides...I would like to know if the key is not shared, how this is working and what is the need of the key... DH session key is sufficient ?
Thanks John, i shall read it and update you..
08-08-2012 06:04 AM
As I wrote: The authentication is similar to what is done with PPP-CHAP (PSK=password). There the actual password is also never sent through the wire. The DH-session-key is not sufficient as DH is vulnarable to MitM-attacks.
--
Don't stop after you've improved your network! Improve the world by lending money to the working poor:
http://www.kiva.org/invitedby/karsteni
08-12-2012 12:20 AM
Hi Karsten,
I have gone thru ppp-chap auth article. Thanks..
In site-2-site vpn, as you said, the shared secret key is not sent over the wire., will this use the hash value output of the command "shared secret key" or something which the other peer can validate with its database??? Im still stuck up.
Im sure, you will give some more hint...
08-28-2012 06:50 AM
Hi Karsten,
http://datatracker.ietf.org/doc/rfc6617/?include_text=1
as per this url, some function value will be passed to the remote peer to get authenticated. can you please check this.
08-28-2012 07:08 AM
I completely forgot about this thread ...
The referenced RFC6617 is so new, probably it's not implemented anywhere in the wild. When talking about IKEv1, then the best source is still RFC2409: http://www.ietf.org/rfc/rfc2409.txt
On section 5.4, page 15 the PSK based exchange is shown. On message three and four the Key-exchange is done where the DH-public keys are exchanged. After that exchange both peers have the shared secret so they start protecting the rest of the communication. Because DH is not MitM-safe, in packets 5 and 6 the authentication is done. For that the hases are exchanged. These hases use the PSK as input, but the PSK is not transfered over the wire. So an attacker that can only listen to the conversation is not able to do any harm.
--
Don't stop after you've improved your network! Improve the world by lending money to the working poor:
http://www.kiva.org/invitedby/karsteni
08-12-2012 04:21 AM
Or.., is that the shared key is playing a role in generating the session keys along with DH-groups... ??? As both the side have same shared secret keys, producing an output with DH in any multpliplication/division with same variables will equalize the authentication hash values...something like that..once im clear in this point., i will be thru in l2l vpn...pls help.
08-08-2012 05:33 AM
Hi,
I've encountered this article a few weeks back during my CCNA Security studies. It details IKE SA and message exchanges with debug samples. Hope you'll find it useful as I did.
http://www.informit.com/library/content.aspx?b=Troubleshooting_VPNs&seqNum=70a
Sent from Cisco Technical Support iPhone App
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: