[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: issues with IKE that need resolution
>> So that final Quick Mode message would presumably include the "CONNECTED"
>> Notify payload, right? Would there also be a Hash payload to authenticate
>> it? If so, what goes in that hash? If people are already implementing
>> this, it'd be nice to know how it's done...
>
> Yes, it would contain the CONNECTED message. And all Quick Mode messages
>are authenticated with an hmac which is keyed with SKEYID_a (and they're
>all encrypted with SKEYID_e).
Am I right in assuming that the fourth message looks like this (using
IKE draft notation):
Initiator Responder
----------- -----------
<-- HDR*, HASH(4), Notify
where
HASH(4) = prf(SKEYID_a, M-ID | Notify)
That would be what I'd expect, but some of the other Quick Mode hashes
require Nonce data from previous messages. Just want to make it all
explicit, that's all...
-Shawn Mamros
E-mail to: smamros@BayNetworks.com
Follow-Ups: