3. Security Analysis
The implementation of the IKE protocol does not show any known security weaknesses. No known security weaknesses of the OpenBSD-Isakmpd daemon were found. Additionally, the system incorporates a VPN bridge to transport non- IP-packets through the IPsec-tunnel Broadcast and multicast packets can be transported and also ISO-protocols. The key length of 1024 bit for the DH group 2 key exchange offers sufficient protection for the next three to five years.
Using the default configuration a VPN tunnel is only established if required. To set up a VPN the security modules first exchange the necessary information about their protected nodes. If unencrypted IP communication between internal and external network is allowed, which is not the default setting, then the security module that is in the role of the client sends the first packet in plain text. The security module on the receiving side recognizes that the communication should be protected by a secure tunnel and initializes the establishing of tunnel
The use of DES as encryption algorithm is critical. In particular, in combination with the key life span of 31 years in phase 1 it is possible to break the DES key with a brute force attack (already 1999, DES was broken in a challenge in less than a day). Since the configuration tool does not set perfect-forward-secrecy (PFS) as default, the key for the ESP-protocol can then also be determined. This configuration is not recommended under security relevant aspects. The long life cycle was chosen due to the reliability of the automation network. PFS is switched off for the reason of robustness and performance. DES and MD5 as encryption and hash algorithm, respectively, were included to conform to RFC 2409, which defines IKE. After the update of RFC 2409 to RFC 4109 in May 2005, the support of DES and MD5 is no longer necessary.
3.1.2 Firewall
The security module incorporates two packet filters. The packet filter e2f that filters Ethernet packets was especially developed for the security module. The pf packet filter was adopted from OpenBSD for filtering IP packets. Here, the stateful- inspection-technology is used. The stateful-inspection-technology recognizes IP- connections and allows the filtering of these connections instead of individual packets. Packets are prioritized with Class-Based-queuing (CBQ) to ensure that there is always enough bandwidth available for administration protocols such that a denial-of-service attack is not possible. In order to avoid identification of the systems behind the security-module, the packet filter carries out a so called scrubbing of the packets.
