{"id":147,"date":"2018-01-07T15:57:12","date_gmt":"2018-01-07T15:57:12","guid":{"rendered":"https:\/\/www.kuncar.net\/blog\/?p=147"},"modified":"2018-01-07T16:04:26","modified_gmt":"2018-01-07T16:04:26","slug":"ipsec-overview","status":"publish","type":"post","link":"https:\/\/www.kuncar.net\/blog\/2018\/ipsec-overview\/","title":{"rendered":"IPsec overview"},"content":{"rendered":"<div class=\"topContent\">\n<p style=\"text-align: justify;\"><span style=\"font-family: arial, helvetica, sans-serif; font-size: 14px;\"><img loading=\"lazy\" decoding=\"async\" class=\"alignleft size-full wp-image-133\" src=\"https:\/\/www.kuncar.net\/blog\/wp-content\/uploads\/2018\/01\/ietflogo2f-e1515338816758.gif\" alt=\"\" width=\"150\" height=\"80\" \/>IPSec is a framework of symmetric encryption of IPv4 protocol which is good for VPN creation etc. Parts of the\u00a0<a title=\"IPSec on wikipedia\" href=\"https:\/\/web.archive.org\/web\/20100918104757\/http:\/\/en.wikipedia.org\/wiki\/IPsec\" target=\"_blank\" rel=\"noopener\">IPSec<\/a>\u00a0are\u00a0<a title=\"IKE on wikipedia\" href=\"https:\/\/web.archive.org\/web\/20100918104757\/http:\/\/en.wikipedia.org\/wiki\/Internet_key_exchange\" target=\"_blank\" rel=\"noopener\">Internet Key Exchange<\/a>\u00a0(binding all the pieces together),\u00a0<a title=\"Diffie Hellman on wikipedia\" href=\"https:\/\/web.archive.org\/web\/20100918104757\/http:\/\/en.wikipedia.org\/wiki\/Diffie_hellman\" target=\"_blank\" rel=\"noopener\">Diffie-Hellman<\/a>algorithm (for secure key exchange) and symmetric pre-shared key or certificate based authentication. This main three components make IPSec very reliable and very difficult to break into (even though some of the algorithms are weak\/vulnerable).<\/span><\/p>\n<p style=\"text-align: justify;\"><span style=\"font-family: arial, helvetica, sans-serif; font-size: 14px;\">IPSec is using IKE in two phases (imaginatively names Phase I and Phase II). IKE itself is incorporating some more interesting techniques like isakmp (for automatic SA negotiation and maintenance) which is now the synonym for IKE on most current routers (even though it is just one of 4). So lets have a look at<\/span><\/p>\n<h3><span style=\"font-family: arial, helvetica, sans-serif; font-size: 14px;\"><strong>IKE Phase I<\/strong><\/span><\/h3>\n<p style=\"text-align: justify;\"><span style=\"font-family: arial, helvetica, sans-serif; font-size: 14px;\">In Phase I you can meet with terms like HMAC authentication, IKE security association (SA) or Diffie Helman. As all of these are par of the IKE phase I you do not have to worry much about it but still you should know of these \u00a0things before proceeding to the part about modes. So just very short explanation of these three terms:<\/span><\/p>\n<ul class=\"ili-indent\">\n<li><span style=\"font-family: arial, helvetica, sans-serif; font-size: 14px;\"><a title=\"HMAC\" href=\"https:\/\/web.archive.org\/web\/20100918104757\/http:\/\/en.wikipedia.org\/wiki\/HMAC\" target=\"_blank\" rel=\"noopener\">HMAC<\/a>\u00a0is a way of authentication while using hash functions like\u00a0<a title=\"MD5\" href=\"https:\/\/web.archive.org\/web\/20100918104757\/http:\/\/en.wikipedia.org\/wiki\/Md5\" target=\"_blank\" rel=\"noopener\">MD5<\/a>\u00a0or\u00a0<a title=\"SHA-1\" href=\"https:\/\/web.archive.org\/web\/20100918104757\/http:\/\/en.wikipedia.org\/wiki\/SHA_1\" target=\"_blank\" rel=\"noopener\">SHA-1<\/a><\/span><\/li>\n<li><span style=\"font-family: arial, helvetica, sans-serif; font-size: 14px;\">Diffie-Hellman algorithm is a way of encrypting traffic in a case both parties have just their counterpart\u2019s public key<\/span><\/li>\n<li><span style=\"font-family: arial, helvetica, sans-serif; font-size: 14px;\"><a title=\"ISAKMP\" href=\"https:\/\/web.archive.org\/web\/20100918104757\/http:\/\/en.wikipedia.org\/wiki\/ISAKMP\" target=\"_blank\" rel=\"noopener\">isakmp<\/a>\u00a0\u2013 protocol within IKE for SA negotiation and re-keying<\/span><\/li>\n<li><span style=\"font-family: arial, helvetica, sans-serif; font-size: 14px;\">IKE\u00a0<a title=\"Security association\" href=\"https:\/\/web.archive.org\/web\/20100918104757\/http:\/\/en.wikipedia.org\/wiki\/Security_association\" target=\"_blank\" rel=\"noopener\">SA<\/a>\u00a0\u2013 is a list of encryption parameters negotiated and maintained by ike\/isakmp in a form of a \u201ctable\u201d called SA<\/span><\/li>\n<\/ul>\n<p style=\"text-align: justify;\"><span style=\"font-family: arial, helvetica, sans-serif; font-size: 14px;\">Now where the necessary is written we can finally proceed to the more important stuff and that is \u00a0the modes. This phase can be done in three types of modes :<\/span><\/p>\n<ul class=\"ili-indent\">\n<li><span style=\"font-family: arial, helvetica, sans-serif; font-size: 14px;\"><strong>base mode<\/strong>\u00a0(which is now not-to-be-seen anywhere except for some linux distros \/ old routers)<\/span><\/li>\n<li><span style=\"font-family: arial, helvetica, sans-serif; font-size: 14px;\"><strong>aggressive mode<\/strong>\u00a0(which uses just three UDP packets for the whole phase I and is not widely used)<\/span><\/li>\n<li><span style=\"font-family: arial, helvetica, sans-serif; font-size: 14px;\"><strong>main mode<\/strong>\u00a0(uses 6 packets in phase I and is generally most used and most recommended)<\/span><\/li>\n<\/ul>\n<p style=\"text-align: justify;\"><span style=\"font-family: arial, helvetica, sans-serif; font-size: 14px;\">As I wrote in the brackets the main mode is the most used and that is for a reason. It takes 6 packets to complete phase I and thus if it fails on some step not much of CPU power is used whereas the aggressive mode is using only 3 packets so immediately after first received packet complex calculations have to be made. The other thing is that aggressive mode has more limited options of settings so it is not very good for fine tuning etc. As the Main mode is much more common I will continue with it. I will divide the whole process into three steps and describe what is happening:<\/span><\/p>\n<blockquote>\n<pre><span style=\"font-family: arial, helvetica, sans-serif; font-size: 14px;\">Step A<\/span>\r\n<span style=\"font-family: arial, helvetica, sans-serif; font-size: 14px;\">host A\u00a0 \u2014\u2014\u2014\u2014 IKE SA proposal \u2014\u2014\u2014\u2014\u2014-&gt; \u00a0host B<\/span>\r\n<span style=\"font-family: arial, helvetica, sans-serif; font-size: 14px;\">host A &lt; \u2014\u2014\u2014\u2014 IKE SA proposal \u2014\u2014\u2014\u2014\u2014- \u00a0host B<\/span>\r\n\r\n<span style=\"font-family: arial, helvetica, sans-serif; font-size: 14px;\">Step B<\/span>\r\n<span style=\"font-family: arial, helvetica, sans-serif; font-size: 14px;\">host A\u00a0 \u2014\u2014\u2014\u2014 IKE key exchange \u2014\u2014\u2014\u2014\u2014&gt; \u00a0host B<\/span>\r\n<span style=\"font-family: arial, helvetica, sans-serif; font-size: 14px;\">host A &lt;\u2014\u2014\u2014\u2014 IKE key exchange \u2014\u2014\u2014\u2014\u2014 \u00a0host B<\/span>\r\n\r\n<span style=\"font-family: arial, helvetica, sans-serif; font-size: 14px;\">Step C<\/span>\r\n<span style=\"font-family: arial, helvetica, sans-serif; font-size: 14px;\">host A\u00a0 \u2014\u2014\u2014\u2014 authentication ID \u2014\u2014\u2014\u2014\u2014&gt; \u00a0host B<\/span>\r\n<span style=\"font-family: arial, helvetica, sans-serif; font-size: 14px;\">host A\u00a0 &lt;\u2014\u2014\u2014\u2014 authentication ID \u2014\u2014\u2014\u2014\u2014 \u00a0host B<\/span><\/pre>\n<\/blockquote>\n<p style=\"text-align: justify;\"><span style=\"font-family: arial, helvetica, sans-serif; font-size: 14px;\">In step A both host sends the SA proposals with all the necessary information \u2013 if they match exactly the process will enter step B, where the DH takes place and public keys are exchanged. If the exchange is successful the algorithm will create symmetric encryption key for the authentication of peers. Now in this encrypted environment the actual key exchange (similar to eap) will take place (step C).<\/span><\/p>\n<p style=\"text-align: justify;\"><span style=\"font-family: arial, helvetica, sans-serif; font-size: 14px;\">This is the end of phase one. There are minor differences in what is send in the packets according to the mode\/authentication method used. I you would like to see all possibilities look at this pdf (and you could be interested in the whole page)\u00a0<a title=\"IKE phases explained\" href=\"https:\/\/web.archive.org\/web\/20100918104757\/http:\/\/www.tech-invite.com\/Security\/Ti-IPSec-exchanges.pdf\" target=\"_blank\" rel=\"noopener\">with detailed IKE Phases descriptions<\/a>.<\/span><\/p>\n<p><span style=\"font-family: arial, helvetica, sans-serif; font-size: 14px;\">After the exchange ends there could be an info packet sent to the remote peer.<\/span><\/p>\n<h3><span style=\"font-family: arial, helvetica, sans-serif; font-size: 14px;\"><strong>IKE Phase II<\/strong><\/span><\/h3>\n<p style=\"text-align: justify;\"><span style=\"font-family: arial, helvetica, sans-serif; font-size: 14px;\">So now you have authenticated endpoints for you communication and a secure way for exchanging any sensitive information so that is exactly what will be done in phase II Again in the IKE Phase II you have a mode called quick mode. In fact I was unable to find any other modes for phase two and to my knowledge it is used everywhere. But important notice \u2013 there is also different modes present they are IPSec modes (tunnel\/transport) not IKE modes so do not mix these thing up!<\/span><\/p>\n<p style=\"text-align: justify;\"><span style=\"font-family: arial, helvetica, sans-serif; font-size: 14px;\">Except for the mode there is one more thing \u2013 PFS \u2013 which stands for perfect forward secrecy and it is a way of authentication (DH again). \u00a0This feature causes that the peer authentication done in Phase I is discarded and new Diffie-Hellman based authentication is executed in the already encrypted environment. This behavior is rather paranoid but PFS switch (e.g. on firewalls) can cause a lot of troubles so just be aware of this option.<\/span><\/p>\n<p style=\"text-align: justify;\"><span style=\"font-family: arial, helvetica, sans-serif; font-size: 14px;\">Within Phase II is also done the IPSec negotiation so let\u2019s have a look on the packet flow:<\/span><\/p>\n<blockquote>\n<pre><span style=\"font-family: arial, helvetica, sans-serif; font-size: 14px;\">host A\u00a0 \u2014\u2014\u2014\u2014 \u00a0IPSec SA proposal \u2014\u2014\u2014\u2014\u2014-&gt; \u00a0host B<\/span>\r\n<span style=\"font-family: arial, helvetica, sans-serif; font-size: 14px;\">host A \u00a0&lt; \u2014\u2014\u2014\u2014 IPSecSA proposal \u2014\u2014\u2014\u2014\u2014- \u00a0host B<\/span>\r\n<span style=\"font-family: arial, helvetica, sans-serif; font-size: 14px;\">host A\u00a0 \u2014\u2014\u2014\u2014\u2014\u2013 \u00a0ID HASH \u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2013&gt; \u00a0host B<\/span><\/pre>\n<\/blockquote>\n<p><span style=\"font-family: arial, helvetica, sans-serif; font-size: 14px;\">In the SA proposal the authenticated peers exchange the actual information about the type of transformation (encapsulation), integrity algorithm and encryption (in SAs) and this exchange is ended by third packet which contains some parts created by isakmp commonly just proving the peer is there.<\/span><\/p>\n<p><span style=\"font-family: arial, helvetica, sans-serif; font-size: 14px;\">That is for he IKE exchange and phases. The next chapter will be just brief overview about the IPSec modes and some side info.<\/span><\/p>\n<h3><span style=\"font-family: arial, helvetica, sans-serif; font-size: 14px;\"><strong>IPSEec Settings<\/strong><\/span><\/h3>\n<p><span style=\"font-family: arial, helvetica, sans-serif; font-size: 14px;\">In IPsec you have to know the following things:<\/span><\/p>\n<ul class=\"ili-indent\">\n<li><span style=\"font-family: arial, helvetica, sans-serif; font-size: 14px;\">transformations<\/span><\/li>\n<li><span style=\"font-family: arial, helvetica, sans-serif; font-size: 14px;\">modes<\/span><\/li>\n<li><span style=\"font-family: arial, helvetica, sans-serif; font-size: 14px;\">integrity algorithm<\/span><\/li>\n<\/ul>\n<p><span style=\"font-family: arial, helvetica, sans-serif; font-size: 14px;\">The transformations just says how the inbound packet will be handled \u2013 you have three options<\/span><\/p>\n<ul class=\"ili-indent\">\n<li><span style=\"font-family: arial, helvetica, sans-serif; font-size: 14px;\">AH \u2013 Authenticated Header -Protocol that ensures the authentication of the packet (does not encrypt it !)<\/span><\/li>\n<li><span style=\"font-family: arial, helvetica, sans-serif; font-size: 14px;\">ESP &#8211;\u00a0Encapsulating Security Payload \u2013 this protocol ensures encryption, authentication and integrity of the original packet<\/span><\/li>\n<li><span style=\"font-family: arial, helvetica, sans-serif; font-size: 14px;\">AH+ESP \u2013 combination of both of the above first the ESP is used and later the AH<\/span><\/li>\n<\/ul>\n<p><span style=\"font-family: arial, helvetica, sans-serif; font-size: 14px;\">The combinations of the above (modes and transformations) you can find in detail\u00a0<a title=\"IPSec modes and transformations\" href=\"https:\/\/web.archive.org\/web\/20100918104757\/http:\/\/www.tech-invite.com\/Security\/Ti-IPSec-modes.pdf\" target=\"_blank\" rel=\"noopener\">here<\/a>\u00a0with some nice pictures and packet fields descriptions. The two last things you have to set is the integrity check algorithm and encryption. Usually it is MD5 or SHA1 for the first and AES or 3DES for the later.<\/span><\/p>\n<p><span style=\"font-family: arial, helvetica, sans-serif; font-size: 14px;\">All these settings are in sent overt to the peer in the IPsec SA and have to match. Sometimes there is a possibility of fall backs etc. But that is not really recommended.<\/span><\/p>\n<p>&nbsp;<\/p>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>IPSec is a framework of symmetric encryption of IPv4 protocol which is good for VPN creation etc. Parts of the\u00a0IPSec\u00a0are\u00a0Internet Key Exchange\u00a0(binding all the pieces together),\u00a0Diffie-Hellmanalgorithm (for secure key exchange) and symmetric pre-shared key or certificate based authentication. This main three components make IPSec very reliable and very difficult to break into (even though some &hellip; <\/p>\n<p class=\"link-more\"><a href=\"https:\/\/www.kuncar.net\/blog\/2018\/ipsec-overview\/\" class=\"more-link\">Continue reading<span class=\"screen-reader-text\"> &#8220;IPsec overview&#8221;<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[5,13],"tags":[],"class_list":["post-147","post","type-post","status-publish","format-standard","hentry","category-networks","category-recovered"],"_links":{"self":[{"href":"https:\/\/www.kuncar.net\/blog\/wp-json\/wp\/v2\/posts\/147","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.kuncar.net\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.kuncar.net\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.kuncar.net\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.kuncar.net\/blog\/wp-json\/wp\/v2\/comments?post=147"}],"version-history":[{"count":1,"href":"https:\/\/www.kuncar.net\/blog\/wp-json\/wp\/v2\/posts\/147\/revisions"}],"predecessor-version":[{"id":148,"href":"https:\/\/www.kuncar.net\/blog\/wp-json\/wp\/v2\/posts\/147\/revisions\/148"}],"wp:attachment":[{"href":"https:\/\/www.kuncar.net\/blog\/wp-json\/wp\/v2\/media?parent=147"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.kuncar.net\/blog\/wp-json\/wp\/v2\/categories?post=147"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.kuncar.net\/blog\/wp-json\/wp\/v2\/tags?post=147"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}