session_09_vpn__ipsec__and_tls_101908

Also after the diffie hellman key exchange each party

Info iconThis preview shows page 1. Sign up to view the full content.

View Full Document Right Arrow Icon
This is the end of the preview. Sign up to access the rest of the document.

Unformatted text preview: cryptographic suite by mixing-and-matching the initiator’s offered suites and expresses that choice to the Initiator in SAr1. The Responder also completes the Diffie-Hellman exchange with the KEr, gr and sends its nonce in Nr, and may optionally request a specific type of certificate, for example, X.509, by sending the request in [CERTREQ]. No identities are disclosed in the IKE_SA_INIT exchange, other than the IP addresses in the IP headers. • At this point, Initiator and Responder have negotiated a shared but unauthenticated IKE_SA (SAr1). Also, after the Diffie-Hellman key exchange, each party generates a shared but unauthenticated key, SKEYSEED, from which all keys are derived for that IKE_SA. The keys generated from SKEYSEED are known as the following: SK_e (encryption), and SK_a (message authentication, integrity); SK_d for deriving keys for child SAs; and SK_p for creating AUTH payload in the second request/response exchange. Note that separate SK_e and SK_a keys are generated for each direction. 26 VPN, IPSec and TLS IKE Second Message Exchange I would like to generate a new Child_SA or rekey IKE SA and/or a previous Child_SA. Initiator Responder Networking Device with IPsec Networking Device with IPsec End -system or Gateway environment End -system or Gateway environment SK{ [N+], SA, Ni, [KEi], TSi, TSr} HDR 5 6 HDR SK{ [N+], SA, Nr, [KEr], TSi, TSr} HDR – IKE Header i, r – Initiator, Responder [KE] – Optional Key Exchange [N+] – Optional Notify Ni, Nr – Nonce SA - Security Association TSi, TSr – Traffic Selector SK{….} – Payload is encrypted and integrity protected using SK_e and SK_a. VPN IPsec IKE v2 TLS M. Mogollon – 01/08 - 27 • The second message exchange consists of a single request/response, which may be initiated by either end, so, in this section, the term Initiator, refers to the end point initiating this exchange. The CREATE_CHILD_SA exchange is used to create new CHILD_SAs and to rekey IKE_SAs and CHILD_SAs. All messages are cryptographically protected using the encryption algori...
View Full Document

This note was uploaded on 05/26/2010 for the course TECH 6350 taught by Professor Mogollon during the Spring '10 term at University of Arkansas for Medical Sciences.

Ask a homework question - tutors are online