BSI TR-02102-3: IPsec/IKE
doc
BSI TR-02102 Cryptographic Mechanisms
RFC7427: Signature Authentication in the Internet Key Exchange Version 2 (IKEv2)
RFC7296: Internet Key Exchange Protocol Version 2 (IKEv2)
主要是SA (security association)
- DH 派生 z
-
派生SKEYSEED = prf( Ni Nr, z ),其中Ni/Nr 为双方的随机数 -
prf+(SKEYSEED, Ni | Nr | SPIi | SPIr ) = { SK_d | SK_ai | SK_ar | SK_ei | SK_er | SK_pi | SK_pr },其中SPIi/SPIr为双方的唯一标识SK_d用于Child-SAs派生keySK_ei/SK_er用于加密SK_ai/SK_ar用于完整性SK_pi/SK_pr用于IKE_AUTH exchange消息的AUTH payload的完整性
注意重新DH协商的周期,rekeying的周期
Published
28 March 2021
