IKEv2 authentication data generation process

Source: Internet
Author: User
Tags ikev2

In the third and fourth messages of IKEv2, both parties will send an auth payload to each other to prove their identity. This process is implemented by signing the first message sent by each other. For example, if a responder wants to prove its identity, it needs to cache the entire message when it sends an ike_sa_init message. Then, before sending ike_sa_auth, connect the cached ike_sa_init message with nonce_ I and the MAC value of its own ID, and use the PRF algorithm to calculate a result, that is, the auth value.

As follows:

1. Calculate your own ID Mac

Macedidforr = PRF (sk_pr, idtype | reserved | respiddata)

2. Calculate the auth Value

Auth_data = PRF (sk_pr, realmessage2 | nonceidata | macedidforr)

Realmessage2 indicates the ike_sa_init message sent by responder. It is called realmessage2 because it is the second message in all message sequences. Nonceidata is the nonce value sent by initiator.

 

Similarly, the process for initiator to calculate auth data is as follows:

3. Calculate your own ID Mac

Macedidfori = PRF (sk_pi, idtype | reserved | initiddata)

4. Calculate the auth Value

Auth_data = PRF (sk_pi, realmessage1 | noncerdata | macedidfori)

Realmessage1 indicates the ike_sa_init message sent by the initiator. noncerdata is the nonce value sent by the responder.

 

However, if the authentication method selected by both parties is shared key, there will be a difference in auth Data calculation:

For the initiator:

Auth = PRF (shared secret, "key pad forikev2 "),

<Initiatorsignedoctets>)

For the responder:

Auth = PRF (shared secret, "key pad forikev2 "),

<Respondersignedoctets>)

 

When calculating the final auth data, if the authentication method is pre-shared key, the first parameter of the PRF algorithm will not use sk_pi/sk_pr, but PRF (shared secret, "key pad for IKEv2") as the PRF key.

 

The last point is about EAP. If both parties negotiate to use EAP authentication, the two parties will send AUTH Messages after the EAP process ends. If the EAP method is key-generation, you must replace the shared key with the key of the master shared key when calculating auth data. If it is a non-key-generating method, use sk_pi and sk_pr to replace the shared key.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.