290 likes | 632 Views
ISAKMP. RFC 2408 Internet Security Association & Key Management Protocol Protocol Establish, modify, and delete SAs Negotiate crypto keys Procedures Authentication of peers Threat mitigation. ISAKMP. Defines procedures and packet formats to deal with SAs and keys
E N D
ISAKMP • RFC 2408 • Internet Security Association & Key Management Protocol • Protocol • Establish, modify, and delete SAs • Negotiate crypto keys • Procedures • Authentication of peers • Threat mitigation
ISAKMP • Defines procedures and packet formats to deal with SAs and keys • Provides a framework for secure communication on the Internet • Does not specify algorithms, formats, or protocols • ISAKMP is a framework in which a specific secure communication definition can be implemented
ISAKMP • Security Associations • Authentication • Public Key Cryptography • Protection • DoS – Anti-Clogging • Hijacking a connection • Man in the middle attacks
ISAKMP Terminology • DOI – Domain Of Interpretation: defines payload formats, exchange types, naming conventions
IISAKMP – Phases • Phase 1: Two entities agree on how to protect further negotiation traffic. They negotiate an ISAKMP SA for an authenticated and secure channel • Phase 2:The phase 1 secure channel is used to negotiate security services for IPSec.
ISAKMP Header Initiator Cookie Responder Cookie Major Version Minor Version Exchange Type Flags Next Payload Message ID Length
Header Fields • Initiator Cookie (8 octets) – Cookie of entity that initiated SA establishment, notification or deletion. • Responder Cookie (8 octets) – Cookie of the responder • Next Payload (1 octet) – Type of first payload • Major/Minor Version (4 bits each) – Version of ISAKMP in use • Exchange Type (1 octet) – Type of exchange being used • Flags (1 octet) – More stinking flags, encrypt, commit authentication only • Message ID (4 octets) – Unique ID to identify things in Phase 2 • Length (4 octets) – Length of total message (headers + payloads)
Next Payload Types Next Payload Type Value Hash 8 Signature 9 Nonce 10 Notification 11 Delete 12 Vendor ID 13 Reserved 14 – 127 Private Use 128 - 255 Next Payload Type Value NONE 0 SA 1 Proposal 2 Transform 3 Key Exchange 4 Identification 5 Certificate 6 Cert Request 7
Exchange Types Exchange Type Value ISAKMP Future Use 6 - 31 DOI Specific Use 32 – 127 Private Use 128 - 255 Exchange Type Value NONE 0 Base 1 Id Protection 2 Auth Only 3 Aggressive 4 Informational 5
Generic Payload Header Payload Length Reserved Next Payload Payload Data
SA Payload Payload Length Reserved Next Payload Domain of Interpretation (DOI) ~ Situation DOI (4 octets) – Identifies the DOI under which this negotiation is taking place. A value of 0 (zero) during Phase 1 specifies a Generic ISAKMP SA which can be used for any protocol during Phase 2. Situation - A DOI-specific field that identifies the situation under which this negotiation is taking place.
Proposal Payload Payload Length Reserved Next Payload Proposal No. Proposal ID SPI Size No. of Transforms SPI (variable)
Proposal Payload • Payload Length (2 octets) – Length is octets of the entire Proposal payload including the generic payload header, the Proposal payload, and all Transform payloads associated with this proposal. • Proposal No. - Identifies the Proposal number for the current payload. • Proposal ID – Specifies the protocol identifier such as IPSEC ESP, IPSEC AH, OSPF, TLS, etc. • SPI Size – Length in octets of the SPI as defined by the Protocol ID. • No. of Transforms – Specifies the number of transforms for the proposal. • SPI (variable) – The sending entity's SPI.
Transform Payload Payload Length Reserved Next Payload Transform No. Transform ID Reserved2 ~ SA Attributes
Transform Payload • Payload Length (2 octets) – Length is octets of the current payload, including the generic payload header, Transform values, and all SA attributes • Transform No. - Identifies the Transform number for the current payload. • Transform ID – Specifies the Transform identifier fmor the protocol within the current proposal. • Reserved 2 (2 octets) – Set to zero. • SA Attributes (Variable length) – SA attributes should be represented using the Data Attributes format.
Key Exchange Payload Payload Length Reserved Next Payload ~ Key Exchange Data Key Exchange Data (variable length) – Data required to generate a session key. This data is specified by the DOI and the associated Key Exchange algorithm.
Certificate Payload Payload Length Reserved Next Payload Cert Encoding Key Exchange Data ~ Cert Encoding (1 octet) – Indicates the type of certificate contained in the Certificate field.
Certificate Types Certificate Type Value Kerberos Token 6 Cert Revoc List 7 Authority Revoc List 8 SPKI Cert. 9 X.509 Cert – Attribute 10 Reserved 11 - 255 Certificate Type Value NONE 0 PKCS #7 1 PGP Certificate 2 DNS Signed Key 3 X.509 Cert - Signature 4 X.509 Cert – Key Exchange 5
Other Payloads Payload Length Reserved Next Payload ~ Hash Data Payload Length Reserved Next Payload ~ Signature Data Payload Length Reserved Next Payload ~ Nonce Data
Notification Payload Payload Length Reserved Next Payload DOI Protocol ID SPI Size Notify Message Type ~ SPI ~ Notification Data
Notify Messages Errors Value INVALID-PAYLOAD-TYPE 1 DOI-NOT-SUPPORTED 2 SITUATION-NOT-SUPPORTED 3 INVALID-COOKIE 4 INVALID-MAJOR-VERSION 5 INVALID-MINOR-VERSION 6 INVALID-EXCHANGE-TYPE 7 INVALID-FLAGS 8 INVALID-MESSAGE-ID 9 INVALID-PROTOCOL-ID 10 INVALID-SPI 11 INVALID-TRANSFORM-ID 12 ATTRIBUTES-NOT-SUPPORTED 13 NO-PROPOSAL-CHOSEN 14 BAD-PROPOSAL-SYNTAX 15 Errors Value PAYLOAD-MALFORMED 16 INVALID-KEY-INFORMATION 17 INVALID-ID-INFORMATION 18 INVALID-CERT-ENCODING 19 INVALID-CERTIFICATE 20 CERT-TYPE-UNSUPPORTED 21 INVALID-CERT-AUTHORITY 22 INVALID-HASH-INFORMATION 23 AUTHENTICATION-FAILED 24 INVALID-SIGNATURE 25 ADDRESS-NOTIFICATION 26 NOTIFY-SA-LIFETIME 27 CERTIFICATE-UNAVAILABLE 28 UNSUPPORTED-EXCHANGE-TYPE 29 UNEQUAL-PAYLOAD-LENGTHS 30 RESERVED (Future Use) 31 - 8191 Private Use 8192 – 16383
ISAKMP Message Construction Initiator Cookie Responder Cookie Major Version Minor Version Exchange Type Flags NP = KE Message ID Total Message Length KE Payload Length Reserved NP = Nonce Key Exchange Data Nonce Payload Length Reserved NP = 0 Nonce Data
Proposal Syntax Proposal # Transform # Transform # Proposal # Transform # Proposals with the same Proposal number are taken as a logical AND. Proposals with different numbers are taken as a logical OR. Different Transform within a proposal are taken as a logical OR.
Proposal Example Proposal 1: AH Transform 1: HMAC-SHA Transform 2: HMAC-MD5 Proposal 2: ESP Transform 1: 3DES with HMAC-SHA Transform 2: 3DES with HMAC-MD5 Transform 3: AES with HMAC-SHA-256 Proposal 3: ESP Transform 1: 3DES with HMAC-SHA Proposal 4: PCP Transform 1: LZS
Exchange Types Exchange Type Value ISAKMP Future Use 6 - 31 DOI Specific Use 32 – 127 Private Use 128 - 255 Exchange Type Value NONE 0 Base 1 Id Protection 2 Auth Only 3 Aggressive 4 Informational 5
Base Exchange Initiator Direction Responder Note Header, SA, Nonce => Begin ISAKMP-SA negotiation <= HDR, SA, Nonce Basic SA agreed upon Header, KE, Idii, Auth => Key generated by responder Initiator Ident verified <= HDR, KE, Idir, Auth Responder Ident verified Initiator key generated, SA est.