internet key exchange protocol
DESCRIPTION
The Internet Key Exchange (IKE) protocol, described in RFC 2409, is a key management protocol standard which is used in conjunction with the IPsec standard. IPsec can be configured without IKE, but IKE enhances IPsec by providing additional features, flexibility, and ease of configuration for the IPsec standard.TRANSCRIPT
![Page 1: Internet Key Exchange Protocol](https://reader033.vdocuments.site/reader033/viewer/2022061221/54be0e714a7959fb5b8b45fd/html5/thumbnails/1.jpg)
INTERNET KEY
EXCHANGE PROTOCOL
PRESENTED BYPRATEEK SINGH BAPNA
![Page 2: Internet Key Exchange Protocol](https://reader033.vdocuments.site/reader033/viewer/2022061221/54be0e714a7959fb5b8b45fd/html5/thumbnails/2.jpg)
Described in RFC 2409 Used for Key Management in IPSec Networks Allows automatic negotiation and creation of
IPSec SAs between IPSec Peers
Internet Key Exchange (IKE)
![Page 3: Internet Key Exchange Protocol](https://reader033.vdocuments.site/reader033/viewer/2022061221/54be0e714a7959fb5b8b45fd/html5/thumbnails/3.jpg)
IKE is a hybrid protocol based on: ISAKMP (RFC 2408), the protocol for
negotiated establishment of security associations
Oakley (RFC 2412), the key agreement/exchange protocol
SKEME, another key exchange protocol
IKE History
![Page 4: Internet Key Exchange Protocol](https://reader033.vdocuments.site/reader033/viewer/2022061221/54be0e714a7959fb5b8b45fd/html5/thumbnails/4.jpg)
Expands as Internet Security Association and Key Management Protocol
Establishes a secure management session between IPSec peers
Negotiates SAs between IPSec peers
ISAKMP
![Page 5: Internet Key Exchange Protocol](https://reader033.vdocuments.site/reader033/viewer/2022061221/54be0e714a7959fb5b8b45fd/html5/thumbnails/5.jpg)
Defines the mechanisms for key exchange over the IKE session
Determines AH/ESP keying material for each IPSec SA automatically
By default, it uses an authenticated Diffie-Hellman Algorithm for key exchange
Oakley Protocol
![Page 6: Internet Key Exchange Protocol](https://reader033.vdocuments.site/reader033/viewer/2022061221/54be0e714a7959fb5b8b45fd/html5/thumbnails/6.jpg)
Algorithm for secure key exchange over unsecured channels
Based on the difficulty of finding discreet algorithms
Used to establish a shared secret between parties (usually the secret keys for symmetric encryption or HMACs)
Diffie-Hellman Algorithm
![Page 7: Internet Key Exchange Protocol](https://reader033.vdocuments.site/reader033/viewer/2022061221/54be0e714a7959fb5b8b45fd/html5/thumbnails/7.jpg)
The parties agree on two non-secret numbers, g (generator), and p (modulus), where g is small and p is very large
Each party generates a random secret X Based on g, p, and X, each party generates a
public value Y= mod p
Peers then exchange public values
Diffie-Hellman Algorithm (Contd.)
![Page 8: Internet Key Exchange Protocol](https://reader033.vdocuments.site/reader033/viewer/2022061221/54be0e714a7959fb5b8b45fd/html5/thumbnails/8.jpg)
Diffie-Hellman in Action
APrivate Value, XPublic Value, Y
Private Value, XPublic Value, YB = mod p
= mod p𝒀 𝑨
𝒀 𝑩
𝒀 𝑩=𝒀 𝑨=𝒈𝑿 (𝑩)𝑿 (𝑨)𝒎𝒐𝒅𝒑
(Shared Secret)
![Page 9: Internet Key Exchange Protocol](https://reader033.vdocuments.site/reader033/viewer/2022061221/54be0e714a7959fb5b8b45fd/html5/thumbnails/9.jpg)
IPSec needs SAs to protect traffic If no SAs are in place, IPSec will ask IKE to
provide IPSec SAs IKE opens a management session with
relevant peer, and negotiates all SAs and keying material for IPSec
IPSec protects traffic
IPSec and IKE Relationship
![Page 10: Internet Key Exchange Protocol](https://reader033.vdocuments.site/reader033/viewer/2022061221/54be0e714a7959fb5b8b45fd/html5/thumbnails/10.jpg)
IPSec and IKE Relationship (Contd.)
A’s Laptop B’s Laptop
IPSecA IPSec
B
IKEA
IKEBIKE Session
1. Outbound packet from A to B, no SA
2. A’s IKE begins negotiations with B’s3. Negotiations complete, A and B now have complete SAs in place
4. Packet is sent from A to B protected by IPSec SA
![Page 11: Internet Key Exchange Protocol](https://reader033.vdocuments.site/reader033/viewer/2022061221/54be0e714a7959fb5b8b45fd/html5/thumbnails/11.jpg)
An IKE session runs over UDP (source and destination port 500)
IKE session establishment results in the creation of IKE SAs
IKE then establishes all requested IPSec SAs on demand
IKE Protocol
![Page 12: Internet Key Exchange Protocol](https://reader033.vdocuments.site/reader033/viewer/2022061221/54be0e714a7959fb5b8b45fd/html5/thumbnails/12.jpg)
IKE sessions are protected by cryptographic algorithms/protocols
The peers need to agree on a bundle of algorithms and protocols, known as IKE protection suites, to protect the IKE session
Protection suites can be Encryption Algorithm, Hashing MAC Algorithm, Peer Authentication Procedure, DH group for Initial Key Exchange, SA Lifetime
IKE Session Protocol
![Page 13: Internet Key Exchange Protocol](https://reader033.vdocuments.site/reader033/viewer/2022061221/54be0e714a7959fb5b8b45fd/html5/thumbnails/13.jpg)
IKE has 2 phases:• IKE Phase 1oUses main or aggressive mode exchangeoNegotiates IKE SA
• IKE Phase 2oUses quick mode exchangeoNegotiates IPSec SAs
IKE Phases and Modes
![Page 14: Internet Key Exchange Protocol](https://reader033.vdocuments.site/reader033/viewer/2022061221/54be0e714a7959fb5b8b45fd/html5/thumbnails/14.jpg)
Authentication Method• Pre-shared key• Digital signatures (DSS or RSA)• Public key encryption (RSA or El-Gamal)
Group Description (pre-defined) Group Type (negotiated)• MODP (modular exponentiation group)• ECP (elliptic curve group over GF[P])• EC2N (elliptic curve group over GF[])
Phase 1 Attributes
![Page 15: Internet Key Exchange Protocol](https://reader033.vdocuments.site/reader033/viewer/2022061221/54be0e714a7959fb5b8b45fd/html5/thumbnails/15.jpg)
Group Description (for PFS) Encryption Algorithm (if any)• Key Length• Key Rounds
Group Description (for PFS) Life duration (seconds and/or kilobytes) Encapsulation mode (transport or tunnel)
Phase 2 Attributes
![Page 16: Internet Key Exchange Protocol](https://reader033.vdocuments.site/reader033/viewer/2022061221/54be0e714a7959fb5b8b45fd/html5/thumbnails/16.jpg)
Expensive 1st phase creates main SA Cheaper 2nd phase allows to create multiple
child SA (based on main SA) between same hosts
Why Two-Phase Design?
![Page 17: Internet Key Exchange Protocol](https://reader033.vdocuments.site/reader033/viewer/2022061221/54be0e714a7959fb5b8b45fd/html5/thumbnails/17.jpg)
To establish the IKE SA, peers have to authenticate each other (two way)
3 defined mechanisms:• Pre-shared keys• RSA encrypted nonce• RSA signatures
IKE Peer Authentication
![Page 18: Internet Key Exchange Protocol](https://reader033.vdocuments.site/reader033/viewer/2022061221/54be0e714a7959fb5b8b45fd/html5/thumbnails/18.jpg)
IKE session is encrypted either by DES or 3DES
Keying material is generally derived from the initial DH change
In main mode, peer identity is also encrypted
IKE Session Encryption
![Page 19: Internet Key Exchange Protocol](https://reader033.vdocuments.site/reader033/viewer/2022061221/54be0e714a7959fb5b8b45fd/html5/thumbnails/19.jpg)
IKE uses HMAC functions to guarantee session integrity
Choice between keyed SHA-1 and MD5 Keying material is generally derived from the
initial DH exchange
IKE Session Integrity
![Page 20: Internet Key Exchange Protocol](https://reader033.vdocuments.site/reader033/viewer/2022061221/54be0e714a7959fb5b8b45fd/html5/thumbnails/20.jpg)
Interaction with other network protocols Error handling Protocol management Legacy authentication
Other Aspects of IKE
![Page 21: Internet Key Exchange Protocol](https://reader033.vdocuments.site/reader033/viewer/2022061221/54be0e714a7959fb5b8b45fd/html5/thumbnails/21.jpg)
THANK YOU !!!
QUERIES???