This preview shows page 1. Sign up to view the full content.
Unformatted text preview: nents: a generator g, the modulo p,
and a secret that in IKEv2 terminology is called i or r. During IKE_INIT, the Initiator and
Responder exchange Diffie-Hellman information in KEi and KEr. That information includes gii
and gr, as well as nonces Ni and Nr.
• The shared key, SKEYSEED, is calculated by both the Initiator and Responder from the nonces
exchanged and the Diffie-Hellman shared secret key generated, gi and gr, according to the
following formula: SKEYSEED = prf ( Ni | Nr , g ir ) 29 VPN, IPSec and TLS IKE v2 DH Key Agreement
In the security association, the
initiator and responder agreed on
the same group or pair of g and p. Initiator
g =12 p = 47
I Secret = i = 3
Nonce = Ni = 11 g i = 12 3 (mod 47) = 36 g and p do not need to
be secret 36, 11 14, 7 Responder
g = 12 p = 47
R Secret = r =5
Nonce = Nr = 7
g r = 12 5 (mod 47) = 14 g i r = 36 5 (mod 47) = 18 g i r = 14 3 (mod 47) = 18
18 18 Both ends use 11, 7, and 18, as the secret and seed to calculate SKEYSEED
SKEYSEED = prf ( Ni | Nr , g ir )
SKEYSEED = prf ( secret, seed ) VPN IPsec IKE v2 TLS M. Mogollon – 01/08 - 30 • This slide uses the same example used to describe Diffie-Hellman, the different is how the values are named
• Whenever a key exchange is established, the initiator and the responder agree on the corresponding p and g
numbers by selecting a Diffie-Hellman group.
• Then, they exchange not only their public keys, gi and gr, but also their nonces.
• The nonces are not used to calculated the agreed key, in this case 18, but to calculate the SKEYSEED using
a pseudo random function. 30 VPN, IPSec and TLS Diffie-Hellman Groups in IKE
• Three distinct group representations can be used with IKE.
— Modular Exponentiation Groups (named MODP)
— Elliptic Curve Groups over the field GF [2n] (named EC2N)
— Elliptic Curve Groups over GF [P] (named ECP). • Groups Identifiers supported in IKE
— Group 0:
Group 18 VPN No group (used as a placeholder and for non-DH exchan...
View Full Document
- Spring '10