Nokia IPSO 4.0 Reference Manual page 331

way communication. To secure bidirectional communication between two hosts or two security
gateways, two SAs (one in each direction) are required.
Processing the IPSec traffic is largely a question of local implementation on the IPSec system
and is not a standardization subject. However, some guidelines are defined to ensure
interoperability between multivendor IPSec systems.
"Security Architecture for IP", RFC 240 defines a model with the following two databases:
The security policy database that contains the security rules and security services to offer to
every IP packet going through a secure gateway
The SA database that contains parameters associated with each active SA. Examples are the
authentication algorithms, encryption algorithms, keys, lifetimes for each SA (by seconds
and bytes), and modes to use.
To offer a secure and automated IPSec SA negotiation, IETF added a new protocol. The Internet
Key Exchange, (IKE, RFC 2409), based on ISAKMP (RFC 2408), is a more extended
framework for SA authentication and key exchange. IKE is implemented on top of UDP, port
500. IKE provides authenticated secure key exchange with perfect forward secrecy (based on the
Diffie- Hellman protocol) and mutual peer authentication using public keys or shared secrets.
The IKE protocol defines two phases:
Phase 1
In order to safely set an IPSec SA, the two peers first establish a secure channel, which is an
encrypted and authenticated connection. The two peers agree on authentication and encryption
methods, exchange keys, and verify each other's identities. The secure channel is called
ISAKMP Security Association. Unlike IPSec SAs, ISAKMP SAs are bi-directional and the
same keys and algorithms protect inbound and outbound communications. IKE parameters are
negotiated as a unit and are termed a protection suite. Mandatory IKE parameters are:
a. Symmetric Encryption algorithm
b. Hash function
c. Authentication method: pre-shared key and X.509 certificates. See the following section
d. Group for Diffie-Hellman
Other optional parameters such as SA lifetime can also be part of the protection suite.
Phase 2
IPSec SAs are negotiated once the secure ISAKMP channel is established. Every packet
exchanged in phase 2 is authenticated and encrypted according to keys and algorithms selected
in the previous phase.
The one method to complete phase 1 is Main Mode.
The Main Mode negotiation uses six messages, in a three two-way exchange. The messages
containing the identity information are not authenticated nor encrypted.
One mode is defined for phase 2. This mode is called Quick Mode. Quick Mode uses three
messages, two for proposal parameters and a third one to acquit the choice. With "perfect
forward secrecy" enabled, the default value in Nokia's configuration, a new Diffie-Hellman
Nokia Network Voyager for IPSO 4.0 Reference Guide
on "Using PKI".
331