Internet key exchange (IKE) is the protocol used to set up a security association (SA) in the IPsec protocol suite. In IPsec a security association (SA) describes an unidirectional secured flow of data between two gateways. ... IPsec (IP security) is a suite of protocols for securing Internet Protocol (IP) communications by encrypting and/or authenticating each IP packet in a data stream. ...

Overview

IKE is defined in RFC 2407, RFC 2408 and RFC 2409. IKEv2 is defined in RFC 4306. IKE uses a Diffie-Hellman key exchange to set up a shared session secret, from which cryptographic keys are derived. Public key techniques or, alternatively, a pre-shared key, are used to mutually authenticate the communicating parties. Diffie-Hellman (D-H) key exchange is a cryptographic protocol that allows two parties that have no prior knowledge of each other to jointly establish a shared secret key over an insecure communications channel. ... A key is a piece of information that controls the operation of a cryptography algorithm. ... Public key cryptography is a form of cryptography which generally allows users to communicate securely without having prior access to a shared secret key. ... It has been suggested that this article or section be merged with password. ...

IKE builds upon the Oakley protocol. This article needs to be wikified. ...

Architecture

Most IPsec implementations consist of an IKE daemon that runs in user space and an IPsec stack in the kernel that processes the actual IP packets. In Unix and other computer multitasking operating systems, a daemon is a computer program that runs in the background, rather than under the direct control of a user; they are usually instantiated as processes. ... An operating system usually segregates the available system memory into kernel space and user space. ... A kernel connects the software and hardware of a computer. ... The Internet Protocol (IP) is a data-oriented protocol used for communicating data across a packet-switched internetwork. ...

User space daemons have easy access to mass storage which contains configuration information such as the IPsec endpoint addresses, keys and certificates as required. Kernel modules on the other hand can process packets efficiently and with minimum overhead - which is important for performance reasons.

The IKE protocol uses UDP packets, usually on port 500 and generally requires 4-6 packets with 2-3 turn-around times to create an SA on both sides. The negotiated key material - say an AES key and endpoint information (which IP endpoints and ports we are protecting) as well as what type of IPsec tunnel has been created - is then given to the IPsec stack. It in turn intercepts the relevant IP packets if and where appropriate and performs encryption/decryption as required. Implementations vary on how the interception of the packets is done. Some use virtual devices, others take a slice out of the firewall - it varies. The User Datagram Protocol (UDP) is one of the core protocols of the Internet protocol suite. ... In cryptography, the Advanced Encryption Standard (AES), also known as Rijndael, is a block cipher adopted as an encryption standard by the U.S. government. ...

Interoperability matters

IKE has a lot of configuration options. There is no general facility for automatic negotiation of a well known, reasonably safe default case that everybody implements. That is, both sides of an IKE must pretty much exactly agree on which kind of SA they want to create - option by option - or things will just not work. Usually the debug output is difficult for the un-initiated to interpret, if there is any at all.

The IKE specifications (there are a lot of RFCs involved) are open to a not insignificant degree of interpretation - bordering on design faults (Dead-Peer-Detection being a case in point). This gives rise to different IKE implementations not being able to create (agree upon) an SA at all for many combinations of options - however correctly configured they might appear at either end.

Confusion ensues as nobody can tell whether they are looking at an implementation, configuration or bad-debug-interpretation problem, or a combination thereof. This problem has given rise to commercial organizations that provide interoperability testing services for IPsec. Really, it is for IKE testing, because the rest of IPsec is straightforward by comparison. IPsec interoperability problems are almost certainly also a major if not the major reason why SSL-VPN's are becoming popular. A Virtual Private Network, or VPN, is a private communications network usually used within a company, or by several different companies or organizations, communicating over a public network. ...

Implementations

There are several Open Source implementations of IPsec with associated IKE capabilities. On Linux, the Frees/wan, and now Openswan and strongSwan, implementations provide an IKE daemon called pluto which can configure (ie, establish SA's) to the KLIPS or NETKEY kernel based IPsec stacks. NETKEY is the Linux 2.6 kernel's native IPsec implementation. The BSDs also have an IPsec implementation and IKE daemon, and most importantly a cryptographic framework (OpenBSD Cryptographic Framework - OCF) which makes supporting cryptographic accelerators much easier. OCF has recently been ported to Linux. Linux (also known as GNU/Linux) is a Unix-like computer operating system. ... Openswan is a complete IPsec implementation for Linux 2. ... strongSwan is a complete IPsec implementation for Linux 2. ... The Linux kernel is a Unix-like operating system kernel that was begun by Linus Torvalds in 1991 and subsequently developed with the assistance of developers worldwide. ... Berkeley Software Distribution (BSD, sometimes called Berkeley Unix) is the Unix derivative distributed by the University of California, Berkeley, starting in the 1970s. ...

A significant number of network equipment vendors have created their own IKE daemons (and IPsec implementations) - or license a stack from one another.

IKE V2

IKE Version 2 has been proposed to address a number of concerns, including Denial of Service protection from spoofed packets. IKEv2 is the next version of the Internet Key Exchange protocol which is used to negotiate a Security Association at the outset of an IPsec session. ...

See also: Key-agreement protocol

In cryptography, a key-agreement protocol is a protocol whereby two or more parties can agree on a key in such a way that both influence the outcome. ...

External links

• IKE VPN server discovery and fingerprinting

RFC 2409

Internet Key Exchange