IKEv2, ESP PFS. Which packets includes the configuration?
up vote
0
down vote
favorite
i am investigating currently the IKEv2 protocol with ESP payload encryption. For ESP i want to use PFS with DH Group 5 (which works).
However, i am not able to figure out in which packet this settings is sent to the partner.
In the first two packets (IKE_SA_INIT) i am able to find the DH group for the IKE SA. I assume that the setting is sent in the 3rd/4th message (IKE AUTH) _since all the CHILD_SA relevant stuff is in it (ENC/AUTH algorithm). But i can't find it (i decrypted the packet using wireshark isakmp decryption).
Where is this setting hidden?
Thanks
networking encryption wireshark
add a comment |
up vote
0
down vote
favorite
i am investigating currently the IKEv2 protocol with ESP payload encryption. For ESP i want to use PFS with DH Group 5 (which works).
However, i am not able to figure out in which packet this settings is sent to the partner.
In the first two packets (IKE_SA_INIT) i am able to find the DH group for the IKE SA. I assume that the setting is sent in the 3rd/4th message (IKE AUTH) _since all the CHILD_SA relevant stuff is in it (ENC/AUTH algorithm). But i can't find it (i decrypted the packet using wireshark isakmp decryption).
Where is this setting hidden?
Thanks
networking encryption wireshark
If you're using PFS, then how did Wireshark decrypt it?
– grawity
Nov 12 '15 at 14:27
doesn't answer my question. however, as far as i know for the first 4 packets (2x IKE_SA_INIT, 2x IKE_AUTH) PFS is not relevant since PFS is only used for the next CHILD_SA rekeying. To decrypt IKE_AUTH packets i used the computed SK_Ei, SK_Er
– user1816723
Nov 13 '15 at 17:49
1
The comment wasn't meant to answer the question, it was meant to ask one...
– grawity
Nov 13 '15 at 17:52
add a comment |
up vote
0
down vote
favorite
up vote
0
down vote
favorite
i am investigating currently the IKEv2 protocol with ESP payload encryption. For ESP i want to use PFS with DH Group 5 (which works).
However, i am not able to figure out in which packet this settings is sent to the partner.
In the first two packets (IKE_SA_INIT) i am able to find the DH group for the IKE SA. I assume that the setting is sent in the 3rd/4th message (IKE AUTH) _since all the CHILD_SA relevant stuff is in it (ENC/AUTH algorithm). But i can't find it (i decrypted the packet using wireshark isakmp decryption).
Where is this setting hidden?
Thanks
networking encryption wireshark
i am investigating currently the IKEv2 protocol with ESP payload encryption. For ESP i want to use PFS with DH Group 5 (which works).
However, i am not able to figure out in which packet this settings is sent to the partner.
In the first two packets (IKE_SA_INIT) i am able to find the DH group for the IKE SA. I assume that the setting is sent in the 3rd/4th message (IKE AUTH) _since all the CHILD_SA relevant stuff is in it (ENC/AUTH algorithm). But i can't find it (i decrypted the packet using wireshark isakmp decryption).
Where is this setting hidden?
Thanks
networking encryption wireshark
networking encryption wireshark
asked Nov 11 '15 at 16:49
user1816723
133
133
If you're using PFS, then how did Wireshark decrypt it?
– grawity
Nov 12 '15 at 14:27
doesn't answer my question. however, as far as i know for the first 4 packets (2x IKE_SA_INIT, 2x IKE_AUTH) PFS is not relevant since PFS is only used for the next CHILD_SA rekeying. To decrypt IKE_AUTH packets i used the computed SK_Ei, SK_Er
– user1816723
Nov 13 '15 at 17:49
1
The comment wasn't meant to answer the question, it was meant to ask one...
– grawity
Nov 13 '15 at 17:52
add a comment |
If you're using PFS, then how did Wireshark decrypt it?
– grawity
Nov 12 '15 at 14:27
doesn't answer my question. however, as far as i know for the first 4 packets (2x IKE_SA_INIT, 2x IKE_AUTH) PFS is not relevant since PFS is only used for the next CHILD_SA rekeying. To decrypt IKE_AUTH packets i used the computed SK_Ei, SK_Er
– user1816723
Nov 13 '15 at 17:49
1
The comment wasn't meant to answer the question, it was meant to ask one...
– grawity
Nov 13 '15 at 17:52
If you're using PFS, then how did Wireshark decrypt it?
– grawity
Nov 12 '15 at 14:27
If you're using PFS, then how did Wireshark decrypt it?
– grawity
Nov 12 '15 at 14:27
doesn't answer my question. however, as far as i know for the first 4 packets (2x IKE_SA_INIT, 2x IKE_AUTH) PFS is not relevant since PFS is only used for the next CHILD_SA rekeying. To decrypt IKE_AUTH packets i used the computed SK_Ei, SK_Er
– user1816723
Nov 13 '15 at 17:49
doesn't answer my question. however, as far as i know for the first 4 packets (2x IKE_SA_INIT, 2x IKE_AUTH) PFS is not relevant since PFS is only used for the next CHILD_SA rekeying. To decrypt IKE_AUTH packets i used the computed SK_Ei, SK_Er
– user1816723
Nov 13 '15 at 17:49
1
1
The comment wasn't meant to answer the question, it was meant to ask one...
– grawity
Nov 13 '15 at 17:52
The comment wasn't meant to answer the question, it was meant to ask one...
– grawity
Nov 13 '15 at 17:52
add a comment |
1 Answer
1
active
oldest
votes
up vote
0
down vote
The first Child SA is negotiated within the IKE_AUTH Payload. It's called SA[i|r]2 https://tools.ietf.org/html/rfc7296#section-1.2 . It's an extra SA Payload within the IKE_AUTH Payload.
The RFC states:
Note that IKE_AUTH messages do not contain KEi/KEr or Ni/Nr payloads.
Thus, the SA payloads in the IKE_AUTH exchange cannot contain
Transform Type 4 (Diffie-Hellman group) with any value other than
NONE. Implementations SHOULD omit the whole transform substructure
instead of sending value NONE.
To precisely answer your question: There is no PFS for the first CHILD_SA that is part of the IKE_AUTH exchanges. Any setting regarding PFS for CHILD_SAs only apply to CHILD_SA exchanges to create new CHILD_SAs after the initial exchanges.
add a comment |
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
up vote
0
down vote
The first Child SA is negotiated within the IKE_AUTH Payload. It's called SA[i|r]2 https://tools.ietf.org/html/rfc7296#section-1.2 . It's an extra SA Payload within the IKE_AUTH Payload.
The RFC states:
Note that IKE_AUTH messages do not contain KEi/KEr or Ni/Nr payloads.
Thus, the SA payloads in the IKE_AUTH exchange cannot contain
Transform Type 4 (Diffie-Hellman group) with any value other than
NONE. Implementations SHOULD omit the whole transform substructure
instead of sending value NONE.
To precisely answer your question: There is no PFS for the first CHILD_SA that is part of the IKE_AUTH exchanges. Any setting regarding PFS for CHILD_SAs only apply to CHILD_SA exchanges to create new CHILD_SAs after the initial exchanges.
add a comment |
up vote
0
down vote
The first Child SA is negotiated within the IKE_AUTH Payload. It's called SA[i|r]2 https://tools.ietf.org/html/rfc7296#section-1.2 . It's an extra SA Payload within the IKE_AUTH Payload.
The RFC states:
Note that IKE_AUTH messages do not contain KEi/KEr or Ni/Nr payloads.
Thus, the SA payloads in the IKE_AUTH exchange cannot contain
Transform Type 4 (Diffie-Hellman group) with any value other than
NONE. Implementations SHOULD omit the whole transform substructure
instead of sending value NONE.
To precisely answer your question: There is no PFS for the first CHILD_SA that is part of the IKE_AUTH exchanges. Any setting regarding PFS for CHILD_SAs only apply to CHILD_SA exchanges to create new CHILD_SAs after the initial exchanges.
add a comment |
up vote
0
down vote
up vote
0
down vote
The first Child SA is negotiated within the IKE_AUTH Payload. It's called SA[i|r]2 https://tools.ietf.org/html/rfc7296#section-1.2 . It's an extra SA Payload within the IKE_AUTH Payload.
The RFC states:
Note that IKE_AUTH messages do not contain KEi/KEr or Ni/Nr payloads.
Thus, the SA payloads in the IKE_AUTH exchange cannot contain
Transform Type 4 (Diffie-Hellman group) with any value other than
NONE. Implementations SHOULD omit the whole transform substructure
instead of sending value NONE.
To precisely answer your question: There is no PFS for the first CHILD_SA that is part of the IKE_AUTH exchanges. Any setting regarding PFS for CHILD_SAs only apply to CHILD_SA exchanges to create new CHILD_SAs after the initial exchanges.
The first Child SA is negotiated within the IKE_AUTH Payload. It's called SA[i|r]2 https://tools.ietf.org/html/rfc7296#section-1.2 . It's an extra SA Payload within the IKE_AUTH Payload.
The RFC states:
Note that IKE_AUTH messages do not contain KEi/KEr or Ni/Nr payloads.
Thus, the SA payloads in the IKE_AUTH exchange cannot contain
Transform Type 4 (Diffie-Hellman group) with any value other than
NONE. Implementations SHOULD omit the whole transform substructure
instead of sending value NONE.
To precisely answer your question: There is no PFS for the first CHILD_SA that is part of the IKE_AUTH exchanges. Any setting regarding PFS for CHILD_SAs only apply to CHILD_SA exchanges to create new CHILD_SAs after the initial exchanges.
answered Nov 29 at 13:31
Bezalel_DE
1
1
add a comment |
add a comment |
Thanks for contributing an answer to Super User!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Some of your past answers have not been well-received, and you're in danger of being blocked from answering.
Please pay close attention to the following guidance:
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f999150%2fikev2-esp-pfs-which-packets-includes-the-configuration%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
If you're using PFS, then how did Wireshark decrypt it?
– grawity
Nov 12 '15 at 14:27
doesn't answer my question. however, as far as i know for the first 4 packets (2x IKE_SA_INIT, 2x IKE_AUTH) PFS is not relevant since PFS is only used for the next CHILD_SA rekeying. To decrypt IKE_AUTH packets i used the computed SK_Ei, SK_Er
– user1816723
Nov 13 '15 at 17:49
1
The comment wasn't meant to answer the question, it was meant to ask one...
– grawity
Nov 13 '15 at 17:52