D-Link DFL-260E User Manual page 398

9.3.2. Internet Key Exchange (IKE)
An SA is unidirectional and relates to traffic flow in one direction only. For the bidirectional traffic
that is usually found in a VPN, there is therefore a need for more than one SA per connection. In
most cases, where only one of ESP or AH is used, two SAs will be created for each connection, one
describing the incoming traffic, and the other the outgoing. In cases where ESP and AH are used in
conjunction, four SAs will be created.
IKE Negotiation
The process of negotiating session parameters consists of a number of phases and modes. These are
described in detail in the below sections.
The flow of events can be summarized as follows:
IKE Phase-1
IKE Phase-2
IKE and IPsec Lifetimes
Both the IKE and the IPsec connections have limited lifetimes, described both in terms of time
(seconds), and data (kilobytes). These lifetimes prevent a connection from being used too long,
which is desirable from a crypto-analysis perspective.
The IPsec lifetime must be shorter than the IKE lifetime. The difference between the two must be a
minimum of 5 minutes. This allows for the IPsec connection to be re-keyed simply by performing
another phase-2 negotiation. There is no need to do another phase-1 negotiation until the IKE
lifetime has expired.
IKE Algorithm Proposals
An IKE algorithm proposal list is a suggestion of how to protect IPsec data flows. The VPN device
initiating an IPsec connection will send a list of the algorithms combinations it supports for
protecting the connection and it is then up to the device at the other end of the connection to say
which proposal is acceptable.
The responding VPN device, upon receiving the list of supported algorithms, will choose the
algorithm combination that best matches its own security policies, and reply by specifying which
member of the list it has chosen. If no mutually acceptable proposal can be found, the responder will
reply by saying that nothing on the list was acceptable, and possibly also provide a textual
explanation for diagnostic purposes.
This negotiation to find a mutually acceptable algorithm combination is done not just to find the
best way to protect the IPsec connection but also to find the best way to protect the IKE negotiation
itself.
Algorithm proposal lists contain not just the acceptable algorithm combinations for encrypting and
authenticating data but also other IKE related parameters. Further details of the IKE negotiation and
the other IKE parameters are described next.
IKE Phase-1 - IKE Security Negotiation
An IKE negotiation is performed in two phases. The first phase, phase 1, is used to authenticate the
• Negotiate how IKE should be protected
• Negotiate how IPsec should be protected
• Derive some fresh keying material from the key exchange in phase-1, to
provide session keys to be used in the encryption and authentication of the
VPN data flow
398
Chapter 9. VPN