IKEv2, ESP PFS. Which packets includes the configuration?











up vote
0
down vote

favorite












i am investigating currently the IKEv2 protocol with ESP payload encryption. For ESP i want to use PFS with DH Group 5 (which works).
However, i am not able to figure out in which packet this settings is sent to the partner.



In the first two packets (IKE_SA_INIT) i am able to find the DH group for the IKE SA. I assume that the setting is sent in the 3rd/4th message (IKE AUTH) _since all the CHILD_SA relevant stuff is in it (ENC/AUTH algorithm). But i can't find it (i decrypted the packet using wireshark isakmp decryption).



Where is this setting hidden?
Thanks






networking encryption wireshark







share|improve this question






















  • If you're using PFS, then how did Wireshark decrypt it?
    – grawity
    Nov 12 '15 at 14:27










  • doesn't answer my question. however, as far as i know for the first 4 packets (2x IKE_SA_INIT, 2x IKE_AUTH) PFS is not relevant since PFS is only used for the next CHILD_SA rekeying. To decrypt IKE_AUTH packets i used the computed SK_Ei, SK_Er
    – user1816723
    Nov 13 '15 at 17:49






  • 1




    The comment wasn't meant to answer the question, it was meant to ask one...
    – grawity
    Nov 13 '15 at 17:52















up vote
0
down vote

favorite












i am investigating currently the IKEv2 protocol with ESP payload encryption. For ESP i want to use PFS with DH Group 5 (which works).
However, i am not able to figure out in which packet this settings is sent to the partner.



In the first two packets (IKE_SA_INIT) i am able to find the DH group for the IKE SA. I assume that the setting is sent in the 3rd/4th message (IKE AUTH) _since all the CHILD_SA relevant stuff is in it (ENC/AUTH algorithm). But i can't find it (i decrypted the packet using wireshark isakmp decryption).



Where is this setting hidden?
Thanks






networking encryption wireshark







share|improve this question






















  • If you're using PFS, then how did Wireshark decrypt it?
    – grawity
    Nov 12 '15 at 14:27










  • doesn't answer my question. however, as far as i know for the first 4 packets (2x IKE_SA_INIT, 2x IKE_AUTH) PFS is not relevant since PFS is only used for the next CHILD_SA rekeying. To decrypt IKE_AUTH packets i used the computed SK_Ei, SK_Er
    – user1816723
    Nov 13 '15 at 17:49






  • 1




    The comment wasn't meant to answer the question, it was meant to ask one...
    – grawity
    Nov 13 '15 at 17:52













up vote
0
down vote

favorite









up vote
0
down vote

favorite











i am investigating currently the IKEv2 protocol with ESP payload encryption. For ESP i want to use PFS with DH Group 5 (which works).
However, i am not able to figure out in which packet this settings is sent to the partner.



In the first two packets (IKE_SA_INIT) i am able to find the DH group for the IKE SA. I assume that the setting is sent in the 3rd/4th message (IKE AUTH) _since all the CHILD_SA relevant stuff is in it (ENC/AUTH algorithm). But i can't find it (i decrypted the packet using wireshark isakmp decryption).



Where is this setting hidden?
Thanks






networking encryption wireshark







share|improve this question













i am investigating currently the IKEv2 protocol with ESP payload encryption. For ESP i want to use PFS with DH Group 5 (which works).
However, i am not able to figure out in which packet this settings is sent to the partner.



In the first two packets (IKE_SA_INIT) i am able to find the DH group for the IKE SA. I assume that the setting is sent in the 3rd/4th message (IKE AUTH) _since all the CHILD_SA relevant stuff is in it (ENC/AUTH algorithm). But i can't find it (i decrypted the packet using wireshark isakmp decryption).



Where is this setting hidden?
Thanks






networking encryption wireshark




networking encryption wireshark






share|improve this question













share|improve this question











share|improve this question




share|improve this question










asked Nov 11 '15 at 16:49









user1816723

133




133












  • If you're using PFS, then how did Wireshark decrypt it?
    – grawity
    Nov 12 '15 at 14:27










  • doesn't answer my question. however, as far as i know for the first 4 packets (2x IKE_SA_INIT, 2x IKE_AUTH) PFS is not relevant since PFS is only used for the next CHILD_SA rekeying. To decrypt IKE_AUTH packets i used the computed SK_Ei, SK_Er
    – user1816723
    Nov 13 '15 at 17:49






  • 1




    The comment wasn't meant to answer the question, it was meant to ask one...
    – grawity
    Nov 13 '15 at 17:52


















  • If you're using PFS, then how did Wireshark decrypt it?
    – grawity
    Nov 12 '15 at 14:27










  • doesn't answer my question. however, as far as i know for the first 4 packets (2x IKE_SA_INIT, 2x IKE_AUTH) PFS is not relevant since PFS is only used for the next CHILD_SA rekeying. To decrypt IKE_AUTH packets i used the computed SK_Ei, SK_Er
    – user1816723
    Nov 13 '15 at 17:49






  • 1




    The comment wasn't meant to answer the question, it was meant to ask one...
    – grawity
    Nov 13 '15 at 17:52
















If you're using PFS, then how did Wireshark decrypt it?
– grawity
Nov 12 '15 at 14:27




If you're using PFS, then how did Wireshark decrypt it?
– grawity
Nov 12 '15 at 14:27












doesn't answer my question. however, as far as i know for the first 4 packets (2x IKE_SA_INIT, 2x IKE_AUTH) PFS is not relevant since PFS is only used for the next CHILD_SA rekeying. To decrypt IKE_AUTH packets i used the computed SK_Ei, SK_Er
– user1816723
Nov 13 '15 at 17:49




doesn't answer my question. however, as far as i know for the first 4 packets (2x IKE_SA_INIT, 2x IKE_AUTH) PFS is not relevant since PFS is only used for the next CHILD_SA rekeying. To decrypt IKE_AUTH packets i used the computed SK_Ei, SK_Er
– user1816723
Nov 13 '15 at 17:49




1




1




The comment wasn't meant to answer the question, it was meant to ask one...
– grawity
Nov 13 '15 at 17:52




The comment wasn't meant to answer the question, it was meant to ask one...
– grawity
Nov 13 '15 at 17:52










1 Answer
1






active

oldest

votes

















up vote
0
down vote













The first Child SA is negotiated within the IKE_AUTH Payload. It's called SA[i|r]2 https://tools.ietf.org/html/rfc7296#section-1.2 . It's an extra SA Payload within the IKE_AUTH Payload.
The RFC states:




Note that IKE_AUTH messages do not contain KEi/KEr or Ni/Nr payloads.
Thus, the SA payloads in the IKE_AUTH exchange cannot contain
Transform Type 4 (Diffie-Hellman group) with any value other than
NONE. Implementations SHOULD omit the whole transform substructure
instead of sending value NONE.




To precisely answer your question: There is no PFS for the first CHILD_SA that is part of the IKE_AUTH exchanges. Any setting regarding PFS for CHILD_SAs only apply to CHILD_SA exchanges to create new CHILD_SAs after the initial exchanges.






share|improve this answer





















    Your Answer








    StackExchange.ready(function() {
    var channelOptions = {
    tags: "".split(" "),
    id: "3"
    };
    initTagRenderer("".split(" "), "".split(" "), channelOptions);

    StackExchange.using("externalEditor", function() {
    // Have to fire editor after snippets, if snippets enabled
    if (StackExchange.settings.snippets.snippetsEnabled) {
    StackExchange.using("snippets", function() {
    createEditor();
    });
    }
    else {
    createEditor();
    }
    });

    function createEditor() {
    StackExchange.prepareEditor({
    heartbeatType: 'answer',
    convertImagesToLinks: true,
    noModals: true,
    showLowRepImageUploadWarning: true,
    reputationToPostImages: 10,
    bindNavPrevention: true,
    postfix: "",
    imageUploader: {
    brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
    contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
    allowUrls: true
    },
    onDemand: true,
    discardSelector: ".discard-answer"
    ,immediatelyShowMarkdownHelp:true
    });


    }
    });














    draft saved

    draft discarded


















    StackExchange.ready(
    function () {
    StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f999150%2fikev2-esp-pfs-which-packets-includes-the-configuration%23new-answer', 'question_page');
    }
    );

    Post as a guest















    Required, but never shown

























    1 Answer
    1






    active

    oldest

    votes








    1 Answer
    1






    active

    oldest

    votes









    active

    oldest

    votes






    active

    oldest

    votes








    up vote
    0
    down vote













    The first Child SA is negotiated within the IKE_AUTH Payload. It's called SA[i|r]2 https://tools.ietf.org/html/rfc7296#section-1.2 . It's an extra SA Payload within the IKE_AUTH Payload.
    The RFC states:




    Note that IKE_AUTH messages do not contain KEi/KEr or Ni/Nr payloads.
    Thus, the SA payloads in the IKE_AUTH exchange cannot contain
    Transform Type 4 (Diffie-Hellman group) with any value other than
    NONE. Implementations SHOULD omit the whole transform substructure
    instead of sending value NONE.




    To precisely answer your question: There is no PFS for the first CHILD_SA that is part of the IKE_AUTH exchanges. Any setting regarding PFS for CHILD_SAs only apply to CHILD_SA exchanges to create new CHILD_SAs after the initial exchanges.






    share|improve this answer

























      up vote
      0
      down vote













      The first Child SA is negotiated within the IKE_AUTH Payload. It's called SA[i|r]2 https://tools.ietf.org/html/rfc7296#section-1.2 . It's an extra SA Payload within the IKE_AUTH Payload.
      The RFC states:




      Note that IKE_AUTH messages do not contain KEi/KEr or Ni/Nr payloads.
      Thus, the SA payloads in the IKE_AUTH exchange cannot contain
      Transform Type 4 (Diffie-Hellman group) with any value other than
      NONE. Implementations SHOULD omit the whole transform substructure
      instead of sending value NONE.




      To precisely answer your question: There is no PFS for the first CHILD_SA that is part of the IKE_AUTH exchanges. Any setting regarding PFS for CHILD_SAs only apply to CHILD_SA exchanges to create new CHILD_SAs after the initial exchanges.






      share|improve this answer























        up vote
        0
        down vote










        up vote
        0
        down vote









        The first Child SA is negotiated within the IKE_AUTH Payload. It's called SA[i|r]2 https://tools.ietf.org/html/rfc7296#section-1.2 . It's an extra SA Payload within the IKE_AUTH Payload.
        The RFC states:




        Note that IKE_AUTH messages do not contain KEi/KEr or Ni/Nr payloads.
        Thus, the SA payloads in the IKE_AUTH exchange cannot contain
        Transform Type 4 (Diffie-Hellman group) with any value other than
        NONE. Implementations SHOULD omit the whole transform substructure
        instead of sending value NONE.




        To precisely answer your question: There is no PFS for the first CHILD_SA that is part of the IKE_AUTH exchanges. Any setting regarding PFS for CHILD_SAs only apply to CHILD_SA exchanges to create new CHILD_SAs after the initial exchanges.






        share|improve this answer












        The first Child SA is negotiated within the IKE_AUTH Payload. It's called SA[i|r]2 https://tools.ietf.org/html/rfc7296#section-1.2 . It's an extra SA Payload within the IKE_AUTH Payload.
        The RFC states:




        Note that IKE_AUTH messages do not contain KEi/KEr or Ni/Nr payloads.
        Thus, the SA payloads in the IKE_AUTH exchange cannot contain
        Transform Type 4 (Diffie-Hellman group) with any value other than
        NONE. Implementations SHOULD omit the whole transform substructure
        instead of sending value NONE.




        To precisely answer your question: There is no PFS for the first CHILD_SA that is part of the IKE_AUTH exchanges. Any setting regarding PFS for CHILD_SAs only apply to CHILD_SA exchanges to create new CHILD_SAs after the initial exchanges.







        share|improve this answer












        share|improve this answer



        share|improve this answer










        answered Nov 29 at 13:31









        Bezalel_DE

        1




        1






























            draft saved

            draft discarded




















































            Thanks for contributing an answer to Super User!


            • Please be sure to answer the question. Provide details and share your research!

            But avoid



            • Asking for help, clarification, or responding to other answers.

            • Making statements based on opinion; back them up with references or personal experience.


            To learn more, see our tips on writing great answers.





            Some of your past answers have not been well-received, and you're in danger of being blocked from answering.


            Please pay close attention to the following guidance:


            • Please be sure to answer the question. Provide details and share your research!

            But avoid



            • Asking for help, clarification, or responding to other answers.

            • Making statements based on opinion; back them up with references or personal experience.


            To learn more, see our tips on writing great answers.




            draft saved


            draft discarded














            StackExchange.ready(
            function () {
            StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f999150%2fikev2-esp-pfs-which-packets-includes-the-configuration%23new-answer', 'question_page');
            }
            );

            Post as a guest















            Required, but never shown





















































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown

































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown







            -

            Popular posts from this blog

            Plaza Victoria

            Image
            Plaza Victoria Plaza Victoria en 2017 Otros nombres Plaza de La Victoria Localización El Almendral, Valparaíso, Chile Vías adyacentes Chacabuco, Molina, Plaza Victoria y Edwards Creación 1841 Metro Bellavista Ubicación 33°02′46″S 71°37′11″O  /  -33.04624167, -71.61980833 Coordenadas: 33°02′46″S 71°37′11″O  /  -33.04624167, -71.61980833 [editar datos en Wikidata] La Plaza Victoria , también llamada Plaza de la Victoria , [ 1 ] ​ es una plaza ubicada en el sector El Almendral del plan de la ciudad de Valparaíso, Chile, de importancia patrimonial, que incluye valiosas estatuas y especies vegetales. [ 2 ] ​ La plaza se creó como tal en la primera mitad del siglo XIX, tomando previamente los nombres de Plaza Nueva y Plaza de Orrego . Si bien desde sus inicios tuvo relevancia histórica, no fue sino a partir de fines de los años 1860 cuando comenzó a cobrar mayor importancia y se convirtió en uno de los principales centros sociales de l
            Read more

            Puebla de Zaragoza

            Image
            Para otros usos de este término, véase Puebla (desambiguación). Heroica Puebla de Zaragoza Localidad De arriba a abajo de izquierda a derecha: Estrella de Puebla, Volcán Popocatépetl, Catedral de Puebla, Monumento a Ignacio Zaragoza, Estadio Cuauhtémoc, Angelópolis y Vista panorámica de la ciudad. Escudo Otros nombres: El relicario de América/ La ciudad de los Ángeles/ La Angelópolis Lema: Muy noble y muy leal ciudad de Puebla de los Ángeles Heroica Puebla de Zaragoza Localización de Heroica Puebla de Zaragoza en México Heroica Puebla de Zaragoza Localización de Heroica Puebla de Zaragoza en Puebla Mapa interactivo Coordenadas 19°03′05″N 98°13′04″O  /  19.051388888889, -98.217777777778 Coordenadas: 19°03′05″N 98°13′04″O  /  19.051388888889, -98.217777777778 Idioma oficial Español Entidad Localidad  • País   México  • Estado Puebla  • Municipio Puebla Presidente municipal Claudia Rivera Vivanc
            Read more

            Musa

            Image
            Para el género de plantas, véase Musa (planta). Apolo y la Nueve Musas En la mitología griega, las musas (en griego antiguo μοῦσαι « mousai» ) son, según los escritores más antiguos, las divinidades inspiradoras de las Artes: cada una de ellas está relacionada con ramas artísticas y del conocimiento. Son hijas de Zeus y de Mnemósine, compañeras del séquito de Apolo, dios olímpico de la música y patrón de las bellas artes, quien tuvo romances con cada una de ellas, dejando descendientes. Bajaban a la tierra a susurrar ideas e inspirar a aquellos mortales que las invocaran. En la época más arcaica eran las ninfas inspiradoras de las fuentes, en las cuales eran adoradas. Finalmente, alrededor de los siglos VIII-VII a. C. [ 1 ] ​ prevaleció en todo el territorio de la Hélade la adoración de las nueve Musas, que son Calíope, Clío, Erato, Euterpe, Melpómene, Polimnia, Talía, Terpsícore y Urania. El culto a las musas era originalmente de Tracia y Beocia, y fueron de vital impo
            Read more