IPSec
IPSec provides numerous security features. The following have configurable values for the administrator to define their
behavior: data encryption, device authentication and credential, data integrity, address hiding, and security-association (SA)
key aging. The IPSec standard requires use of either data integrity or data encryption; using both is optional. Cisco highly
recommends using both encryption and integrity. Because single Data Encryption Standard (DES) was hacked in the last
competition in 1999 in about 22 hours and 15 minutes with US$50,000 worth of equipment, Cisco recommends that you
do not use it for data encryption. Instead, Cisco recommends the use of Triple DES (3DES). Data integrity comes in two
types: 128-bit strength Message Digest 5 (MD5)-HMAC or 160-bit strength secure hash algorithm (SHA)-HMAC. Because
the bit strength of SHA is greater, it is considered more secure. Cisco recommends the use of SHA because the increased
security outweighs the slight processor increase in overhead (in fact, SHA is sometimes faster than MD5 in certain hardware
implementations). Both IPSec phases offer the ability to change the lifetime of the SA. You may consider changing the lifetime
from the default when the sensitivity of the tunneled data mandates replacing the encryption keys and reauthenticating each
device on a more aggressive basis. The use of strong encryption algorithm in non-US countries is sometimes regulated by locl
import and usage laws. These strong encryption algorithms cannot be exported to some countries or some customers. For
more information, please see http://www.cisco.com/wwl/export/crypto.
Changing these values increases the level of security; at the same time, however, it increases the processor overhead. The
default behavior for SA rekeying is to base the new key in part on the old key to save processing resources. Perfect forward
secrecy (PFS) generates a new key based on new seed material altogether by carrying out a Diffie-Hellman (DH)
exponentiation every time a new quick-mode (QM) SA needs new key generation. Again, this option increases the level of
security but at the same time increases processor overhead. Cisco does not recommend changing the SA lifetimes or enabling
PFS unless the sensitivity of the data mandates it. If you choose to change these values, make sure you include this variable
when determining the network design. The strength of the Diffie-Hellman exponentiation is configurable; Groups 1 (768
bits), 2 (1024 bits), and 5 (1536 bits) are supported. Group 2 is recommended. Throughout the SAFE VPN architecture, at
a minimum the following modes were used: IKE 3DES, SHA-HMAC, DH Group 2, preshared key, IPSec 3DES,
SHA-HMAC, no PFS, and tunnel mode.
No comments:
Post a Comment
Note: only a member of this blog may post a comment.