Nokia IPSO 4.0 manual Nokia Network Voyager for Ipso 4.0 Reference Guide 331

way communication. To secure bidirectional communication between two hosts or two security gateways, two SAs (one in each direction) are required.

Processing the IPSec traffic is largely a question of local implementation on the IPSec system and is not a standardization subject. However, some guidelines are defined to ensure interoperability between multivendor IPSec systems.

“Security Architecture for IP”, RFC 240 defines a model with the following two databases:

„The security policy database that contains the security rules and security services to offer to every IP packet going through a secure gateway

„The SA database that contains parameters associated with each active SA. Examples are the authentication algorithms, encryption algorithms, keys, lifetimes for each SA (by seconds and bytes), and modes to use.

To offer a secure and automated IPSec SA negotiation, IETF added a new protocol. The Internet Key Exchange, (IKE, RFC 2409), based on ISAKMP (RFC 2408), is a more extended framework for SA authentication and key exchange. IKE is implemented on top of UDP, port

500.IKE provides authenticated secure key exchange with perfect forward secrecy (based on the Diffie- Hellman protocol) and mutual peer authentication using public keys or shared secrets. The IKE protocol defines two phases:

„Phase 1

In order to safely set an IPSec SA, the two peers first establish a secure channel, which is an encrypted and authenticated connection. The two peers agree on authentication and encryption methods, exchange keys, and verify each other’s identities. The secure channel is called ISAKMP Security Association. Unlike IPSec SAs, ISAKMP SAs are bi-directional and the same keys and algorithms protect inbound and outbound communications. IKE parameters are negotiated as a unit and are termed a protection suite. Mandatory IKE parameters are:

a.Symmetric Encryption algorithm

b.Hash function

c.Authentication method: pre-shared key and X.509 certificates. See the following section on “Using PKI”.

d.Group for Diffie-Hellman

Other optional parameters such as SA lifetime can also be part of the protection suite.

„Phase 2

IPSec SAs are negotiated once the secure ISAKMP channel is established. Every packet exchanged in phase 2 is authenticated and encrypted according to keys and algorithms selected in the previous phase.

The one method to complete phase 1 is Main Mode.

The Main Mode negotiation uses six messages, in a three two-way exchange. The messages containing the identity information are not authenticated nor encrypted.

One mode is defined for phase 2. This mode is called Quick Mode. Quick Mode uses three messages, two for proposal parameters and a third one to acquit the choice. With “perfect forward secrecy” enabled, the default value in Nokia’s configuration, a new Diffie-Hellman