Internet Key Exchange Protocol


Published on

The Internet Key Exchange (IKE) protocol, described in RFC 2409, is a key management protocol standard which is used in conjunction with the IPsec standard. IPsec can be configured without IKE, but IKE enhances IPsec by providing additional features, flexibility, and ease of configuration for the IPsec standard.

Published in: Technology, Education

Internet Key Exchange Protocol

  2. 2. Internet Key Exchange (IKE)Described in RFC 2409Used for Key Management in IPSec NetworksAllows automatic negotiation and creation of IPSecSAs between IPSec Peers
  3. 3. IKE HistoryIKE is a hybrid protocol based on: ISAKMP (RFC 2408), the protocol for negotiated establishment of security associations Oakley (RFC 2412), the key agreement/exchange protocol SKEME, another key exchange protocol
  4. 4. ISAKMPExpands as Internet Security Association and KeyManagement ProtocolEstablishes a secure management session betweenIPSec peersNegotiates SAs between IPSec peers
  5. 5. Oakley ProtocolDefines the mechanisms for key exchange over theIKE sessionDetermines AH/ESP keying material for each IPSec SAautomaticallyBy default, it uses an authenticated Diffie-HellmanAlgorithm for key exchange
  6. 6. Diffie-Hellman AlgorithmAlgorithm for secure key exchange over unsecuredchannelsBased on the difficulty of finding discreet algorithmsUsed to establish a shared secret between parties(usually the secret keys for symmetric encryption orHMACs)
  7. 7. Diffie-Hellman Algorithm (Contd.)
  8. 8. Diffie-Hellman in ActionA Private Value, X Public Value, Y Private Value, X Public Value, Y B (Shared Secret)
  9. 9. IPSec and IKE RelationshipIPSec needs SAs to protect trafficIf no SAs are in place, IPSec will ask IKE to provideIPSec SAsIKE opens a management session with relevant peer,and negotiates all SAs and keying material for IPSecIPSec protects traffic
  10. 10. IPSec and IKE Relationship (Contd.)1. Outbound packet from A to B, no SA 4. Packet is sent from A to B protected by IPSec SA IPSec IPSec A BA’s Laptop B’s Laptop IKE IKE A IKE Session B2. A’s IKE begins negotiations with B’s 3. Negotiations complete, A and B now have complete SAs in place
  11. 11. IKE ProtocolAn IKE session runs over UDP (source and destinationport 500)IKE session establishment results in the creation of IKESAsIKE then establishes all requested IPSec SAs ondemand
  12. 12. IKE Session ProtocolIKE sessions are protected by cryptographicalgorithms/protocolsThe peers need to agree on a bundle of algorithms andprotocols, known as IKE protection suites, to protectthe IKE sessionProtection suites can be Encryption Algorithm,Hashing MAC Algorithm, Peer AuthenticationProcedure, DH group for Initial Key Exchange, SALifetime
  13. 13. IKE Phases and ModesIKE has 2 phases:• IKE Phase 1 o Uses main or aggressive mode exchange o Negotiates IKE SA• IKE Phase 2 o Uses quick mode exchange o Negotiates IPSec SAs
  14. 14. Phase 1 Attributes
  15. 15. Phase 2 AttributesGroup Description (for PFS)Encryption Algorithm (if any)• Key Length• Key RoundsGroup Description (for PFS)Life duration (seconds and/or kilobytes)Encapsulation mode (transport or tunnel)
  16. 16. Why Two-Phase Design?Expensive 1st phase creates main SACheaper 2nd phase allows to create multiple child SA(based on main SA) between same hosts
  17. 17. IKE Peer AuthenticationTo establish the IKE SA, peers have to authenticateeach other (two way)3 defined mechanisms:• Pre-shared keys• RSA encrypted nonce• RSA signatures
  18. 18. IKE Session EncryptionIKE session is encrypted either by DES or 3DESKeying material is generally derived from the initial DHchangeIn main mode, peer identity is also encrypted
  19. 19. IKE Session IntegrityIKE uses HMAC functions to guarantee sessionintegrityChoice between keyed SHA-1 and MD5Keying material is generally derived from the initial DHexchange
  20. 20. Other Aspects of IKEInteraction with other network protocolsError handlingProtocol managementLegacy authentication
  21. 21. THANK YOU !!! QUERIES???