IPSec IPSec VPN Concepts
Generate the secret key for encryption
A secret key is necessary for the established ISAKMP Security Association to work with the determined encryption and
authentication protocols. Therefore, except the negotiations of IKE proposals, a secret key must be determined and
shared between the two entities during IKE Phase 1 negotiations. However, it is insecure to send a secret key directly
to the opposite endpoint over the public network (no SA protection is offered during Phase 1 negotiations). Diffie-
Hellman key exchange, which is a method used to securely exchange cryptographic keys over a public channel, is
introduced to IKE to generate the secret key. The two entities running a Diffie-Hellman key exchange will start by
exchanging key materials, which are public to third-party, via the public network. With the key materials, calculation of
Diffie-Hellman key exchange performed on each of the endpoints derives a common value, which is a seed to
generate the secret key we need. With the private and common seed, the two endpoints further calculate the common
secret key, and so that the secret key is securely shared. Actually, the pre-shared key used for identity authentication is
involved in the final calculations generating the secret key.
Authentication
Identity protection
The two endpoints running the Phase 1 processes declare its identity to each other. A pre-shared key between the two
entities is used to verify the declared identity and thus prevent malicious attacks from counterfeit identity. With
cryptographic method and the pre-shared key, one can prove its identity to the opposite end. Although it looks like a
password, the pre-shared key, also known as a shared secret, is never sent by either gateway. Actually, it is involved in
the generation of encryption secret key.
Message integrity
A message authentication code (MAC) not only verifies identity but also provides integrity and authenticity assurances
on the exchanged messages. The MAC value protects both a message's data integrity as well as its authenticity
against man-in-the-middle attacks or tampering.
Main mode and Aggressive mode
Phase 1 parameters are exchanged in either Main mode or Aggressive mode:
In Main mode, the processes of IKE Phase 1 consists of six message exchanges. An IKE Phase 1 session begins with
IKE proposals negotiations between initiator and responder (as the previous description). In the next two message
exchanges, the necessary keying materials are exchanged to calculate the common secret key at both ends. For the
last two exchanges, encrypted authentication information is exchanged to verify the identity and message integrity on
each end.
In Aggressive mode, the processes of IKE Phase 1 is squeezed into three message exchanges. All data required for
IKE proposal negotiation and Diffie-Hellman key exchange passed by the initiator and responder in the first two
message exchanges. Unencrypted authentication information for sessions passed in the second and third message
exchanges. Comparing with main mode, aggressive mode might not be such secure (weak identity protection and risk
of pre-shared key crack), the advantage to aggressive mode is that it is faster than Main mode however. FortiWAN's
IPSec, however, does not support IKE Phase 1 in Aggressive mode, only Main mode is available.
The successful outcome of Phase 1 negotiations (either aggressive mode or main mode) establishes the ISAKMP
Security Association, and the Phase 2 negotiation begins immediately. Phase 2 negotiations will be protected
(encryption) within the ISAKMP Security Association.
176 FortiWAN Handbook
Fortinet Technologies Inc.
To Next Page
Loading...
