1 / 28

ISA 662 IKE Key management for IPSEC

ISA 662 IKE Key management for IPSEC. Prof. Ravi Sandhu. ISAKMP. PHOTURIS. SKEME. SKIP. MKMP. OAKLEY. INTERNET KEY EXCHANGE (IKE). Hybrid protocol. IKE. ISAKMP. Internet security association and key management protocol separates key management from key exchanges

tiana
Télécharger la présentation

ISA 662 IKE Key management for IPSEC

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. ISA 662 IKE Key management for IPSEC Prof. Ravi Sandhu

  2. ISAKMP PHOTURIS SKEME SKIP MKMP OAKLEY INTERNET KEY EXCHANGE(IKE) • Hybrid protocol IKE

  3. ISAKMP • Internet security association and key management protocol • separates key management from key exchanges • complex general protocol used in a specific way in IKE • can apply to protocols other than IPSEC • for IPSEC uses UDP over IP

  4. IKE • ISAKMP phase 1: establishes ISAKMP SA • Main mode (DH with identity protection) • Aggressive mode (DH without identity protection) • Between phases • New group mode • ISAKMP phase 2: establishes SA for target protocol • Quick mode

  5. DIFFIE-HELLMANKEY ESTABLISHMENT yA=axA mod p public key yB=axB mod p public key A B private key xA private key xB k = yBxA mod p = yAxB mod p = axA*xB mod p system constants: p: prime number, a: integer

  6. PERFECT FORWARD SECRECY • Use a different DH key-pair on each exchange • DH public keys need to be authenticated • authentication can be done by many techniques • Loss of long-term (authentication) keys does not disclose session keys

  7. PHASE 1 AUTHENTICATION ALTERNATIVES • public-key signature • preshared-key • public-key encryption • revised public-key encryption

  8. COOKIE EXCHANGE • Phase 1 employs cookie exchange to thwart (not prevent) denial of service attacks • A -> B: Cookie_Request • A’s cookie, 64 bit random number • B -> A: Cookie_Response • includes A and B’s cookies • all further Phase 1 and Phase 2 messages include both cookies • ISAKMP SA is identified by both cookies • IPSEC protocol SA is identified by SPI

  9. COOKIE GENERATION • hash over • IP Source and Destination Address • UDP Source and Destination Ports • a locally generated random secret • timestamp

  10. IKE DEFAULT OAKLEY DH GROUPS • Group 1 • MODP, 768 bit prime p, g=2 • Group 2 • MODP, 1024 bit prime p, g=2 • Group 3 • EC2N, 155 bit field size • Group 4 • EC2N, 185 bit field size • private groups can be used

  11. IKE NOTATION

  12. IKE NOTATION

  13. SKEYS, HASH AND SIG

  14. MAIN MODE WITHDIGITAL SIGNATURES

  15. AGGRESSIVE MODE WITHDIGITAL SIGNATURES

  16. MAIN AND AGGRESSIVE MODE WITH PRE-SHARED KEY

  17. MAIN MODE WITHPUBLIC KEY ENCRYPTION

  18. AGGRESSIVE MODE WITHPUBLIC KEY ENCRYPTION

  19. AUTHENTICATION WITH PUBLIC-KEY ENCRYPTION • does not provide non-repudiation • provides additional security since attacked must break both • DH key exchange • public-key encryption • provides identity protection in aggressive mode • revised protocol reduces public-key operations

  20. MAIN MODE WITH REVISED PUBLIC KEY ENCRYPTION

  21. MAIN MODE WITH REVISED PUBLIC KEY ENCRYPTION

  22. AGGRESSIVE MODE WITH REVISED PUBLIC KEY ENCRYPTION

  23. PHASE 2 QUICK MODE

  24. PHASE 2 QUICK MODE

  25. PHASE 2 QUICK MODE

  26. PHASE 2 QUICK MODE

  27. NEW GROUP MODE • sandwiched between phase 1 and 2 • group can be negotiated in phase 1 • new group mode allows nature of group to be hidden • in phase 1 only group id is communicated in clear

  28. NEW GROUP MODE

More Related