IKEv2

From Wikipedia, the free encyclopedia

IKEv2 is the next version of the Internet Key Exchange protocol which is used to negotiate a Security Association at the outset of an IPsec session.

Contents 1 Overview 1.1 Motivation for IKEv2 1.1.1 Fewer RFCs please 1.1.2 SCTP support 1.1.3 Simpler message exchange 1.1.4 Fewer cryptographic mechanisms 1.1.5 Reliability and State management 1.1.6 DoS attack resilience 2 Implementation Status 3 See also 4 External links

[edit] Overview

IKEv2 is described in RFC 4306 - although there are other related RFCs that are important. RFC 4301 (Security Architecture for the Internet Protocol) through RFC 4310 (DNS Security Extensions Mapping for the EPP) and more are being added all the time as the need arises to add new security features and protocols.

[edit] Motivation for IKEv2

The need and intent of an overhaul of the IKE protocol is described in Appendix A of RFC 4306 and paraphrased in part here for convenience.

[edit] Fewer RFCs please

The specifications for IKE were covered in at least three RFCs, more if one takes into account NAT traversal and other extensions that are in common use. IKEv2 combines these in one RFC as well as making improvements to support for NAT traversal and firewall traversal in general.

[edit] SCTP support

IKEv2 allows for the SCTP protocol as used in Internet Telephony VoIP.

[edit] Simpler message exchange

IKE provides eight distinctly different initial exchange mechanisms, each one of which has slight advantages and disadvantages when compared to the others giving rise to fierce debates amongst security folk. IKEv2 has one single four-message exchange.

[edit] Fewer cryptographic mechanisms

IKEv2 uses very similar mechanisms to protect its own packets cryptographically to what is used to ultimately protect the IP payloads in the IPsec stack (Encapsulating Security Payload - ESP). Leading to simpler implementations and also probably easier certifications (Common Criteria, FIPS 140-2) which require each cryptographic implementation to be separately validated.

[edit] Reliability and State management

IKEv2 uses sequence numbers and acknowledgments to provide reliability and mandates some error processing logistics and shared state management. IKE could end up in a dead state due to the lack of such reliability measures, where both parties were expecting the other to initiate an action - which never eventuated. Dead-Peer-Detection was a work-around implemented in IKE for this particular condition - but there are and were others, which implementors tended to get around via means that were not always compatible with everybody else.

[edit] DoS attack resilience

IKEv2 tries to not do much processing until it can determine the requester actually exists, which should address some of the Denial of Service problems suffered by IKE which can be tricked into doing a lot of cryptographic (expensive) processing from bogus locations (spoofing).

[edit] Implementation Status

As of May-2006 there are a number of implementations of IKEv2 and some of the companies dealing in IPsec certification and interoperability testing are starting to hold work-shops for testing as well as updated certification requirements to deal with IKEv2 testing.

The following Open Source implementations of IKEv2 are currently available: OpenIKEv2, strongSwan 4.0 (one of the successors of the FreeS/WAN project), IKEv2, and Racoon2 from the KAME project.

[edit] See also

• Internet key exchange
• IPsec

[edit] External links

• RFC 4306
• OpenIKEv2 project
• strongSwan 4.0 IKEv2 project
• IKEv2 project