Monday, 29 February 2016

Main Mode vs Aggressive Mode and PFS

During ISAKMP negotiation the peer initiating the SA will attempt to use main mode or aggressive mode (or both) to establish the SA.

Aggressive mode is the less secure of the two (although quicker) due to the fact that the negotiation is squeezed into three UDP packets - the first packet contains the proposal, key material and ID, the second packet is then sent back to the initiator from the responder with the DH secret and then the third packet is sent to the responder from the initiator with identity and has payloads. The downside to this is that the initiator, responder IDs and pre-shared key's (identities) are sent in plain text and hence visible in plain text (Unless you use PKI!) By sniffing the connection you can extract the hashed PSK and run it against a database of cracked hashes.

Main mode is the more secure of the two as the sender and receiver ID's, PSK's are NOT sent in plain-text. Although this comes at a cost of bandwidth / packets - as main mode uses more packets to achieve the ISAKMP SA.

Using PFS (Perfect Forward Secrecy) ensures that a new DH key is generated each time a phase 2 (IPSec) negotiation reoccurs - hence causing generation of new phase 1 (ISAKMP) keys. If the peer supports this - this option should always remain turned on!


Post a Comment