Table of Contents
Advertisement
D-Link
In phase 2 you must¡ G
Choose which protocol to use (ESP or AH) for the IKE key exchange
Choose an encryption algorithm
Choose an authentication algorithm
Choose whether to enable Perfect Forward Security (PFS) using Diffie-Hellman public-key cryptography
Choose Tunnel mode or Transport mode
Set the IPSec SA lifetime. This field allows you to determine how long IPSec SA setup should proceed before it times
out. A value of 0 means IPSec SA never times out. If IPSec SA negotiation times out, then the IPSec SA must be
renegotiated (but not the IKE SA).
Negotiation Mode
The phase 1 Negotiation Mode you select determines how the Security Association (SA) will be established for each connection
through IKE negotiations.
Main Mode ensures the highest level of security when the communicating parties are negotiating authentication (phase
1). It uses 6 messages in three round trips (SA negotiation, Diffie-Hellman exchange and an exchange of nonces (a
nonce is a random number)). This mode features identity protection (your identity is not revealed in the negotiation).
Aggressive Mode is quicker than Main Mode because it eliminates several steps when the communicating parties are
negotiating authentication (phase 1). However the trade-off is that fast speed limits its negotiating power and it also does
not provide identity protection. It is useful in remote access situation where the address of the initiator is not known by
the responder and both parties want to use pre-shared key authentication.
Pre-Shared Key
A pre-shared key identifies a communicating party during a phase 1 IKE negotiation. It is called "pre-shared" because you have to
share it with another party before you can communicate with them over a secure connection.
Diffie-Hellman (DH) Key Groups
Diffie-Hellman (DH) is a public-key cryptography protocol that allows two parties to establish a shared secret over an unsecured
communications channel. Diffie-Hellman is used within IKE SA setup to establish session keys. 768-bit (Group 1 – DH1) and
1024-bit (Group 2 – DH2) Diffie-Hellman groups are supported. Upon completion of the Diffie-Hellman exchange, the two peers
have a shared secret, but the IKE SA is not authenticated. For authentication, use pre-shared keys.
Perfect Forward Secrecy (PFS)
Enabling PFS means that the key is transient. The key is thrown away and replaced by a brand new key using a new Diffie-Hellman
exchange for each new IPSec SA setup. With PFS enabled, if one key is compromised, previous and subsequent keys are not
compromised, because subsequent keys are not derived from previous keys. The (time-consuming) Diffie-Hellman exchange is the
trade-off for this extra security.
This may be unnecessary for data that does not require such security, so PFS is disabled (None) by default in the DFL-900.
Disabling PFS means new authentication and encryption keys are derived from the same root secret (which may have security
implications in the long run) but allows faster SA setup (by bypassing the Diffie-Hellman key exchange).
8.1.6 Encapsulation
Transport Mode
Transport mode is used to protect upper layer protocols and only affects the data in the IP packets. In Transport mode, the IP packets
contains the security protocol (AH or ESP) located after the original IP header and options, but before any upper layer protocols
contains in the packet (such as TCP and UDP).
With ESP, protection is applied only to the upper layer protocols contained in the packet. The IP header information and options are
not used in the authentication process. Therefore, the originating IP address cannot be verified for integrity against the data.
46
Part III
Advertisement
Table of Contents
