Expand all | Collapse all

IKEv1 main mode

Jump to Best Answer
  • 1.  IKEv1 main mode

    Posted 04-29-2017 09:15

    from the article

    i understood that in phase1 HMAC is used as PRF to derive keys from DH session key... please i need an to correct my understanding.

    1-nonces + pre-shared key result in seed which help in derive another keys?? is this correct

    2-DH session-key +seed( nonces + pre-shared key) + both cookies + number will result in 3 derived key ( encryption, Authentcaion ,Derivative key) ???? is this correct ?

    *message 5,6 are used to autheticate the DH exchange and prove the derived keys are identical by:

    3-identity hash = ID (encrypted by derived encryption key) + HASH ( ID +presharedkey + other values) the other values are: nonces + DH session key + cookies ) is this correct ?????


    if the above details are correct and i hope so i have two last questions:

    HMAC require an input (or message ) + input key material >>>>>So

    1- when HMAC is used to generate the 3 derviated keys >>and when HMAC is used is message 5,6 , How the above parameters are entered as input and input key ??????????

    2-Does the derived authentiaction key (SKEYID_a) is used in message 5,6 ????


    im sorry for bothering but i really need answers to this questions as it cause a headache 🙂 


  • 2.  RE: IKEv1 main mode

    Posted 05-02-2017 08:03

    any help please ?????


  • 3.  RE: IKEv1 main mode
    Best Answer

    Posted 05-04-2017 06:24

    Hi Ahmed,


    First of all i would like to say that you understanding in the first part of your post is almost accurate.


    1. Nonces and pre-shared key are the inputs to PRF (HMAC in this case) to derive the initital SKEYID which is used to dervie other keys i.e. SKEYID_d, SKEYD_a, SKEYID_e.
    2. DH shared secret is generated on each end of the VPN tunnel using the DH public value exchanged in packet no.3 and 4 and this shred secret along with SKEYID , cookies and number are used to generate the 3 keys SKEYID_d, SKEYD_a, SKEYID_e.
    3. Once the SKEYID_e is generated it is used to encrypt the ID and Hash Payload in packet no.5 and 6. If both the ends are able to decrypt the packets sent to each other, it authenticates the DH exchange and the keys are identical.
    4. As mentioned above both identity and Hash Payload are encrypted using SKEYID_e. Both payloads contain the information calculated as below. Fore more details Section 5 Page No.8,9)

    ID Payload- IP address/Hostname of the sendor.

    Hash Payload- PRF (ID+SKEYID+Cookies+Pre-shared-key+SA Payload).


    Now coming to your queries here are my answers-


    • To answer your first query when we configure VPN the hashing function elected in this case for ex- HMAC gets the input message and key material to generate the 3 derivated keys by the different input values on which it runs the hashing function.

    For Ex- to generate SKEYID it used pre-shared key and nonces as the input, In packet no.5 and 6 all the inputs as mentioned above to generate the Hash Payload act as the input material to the hashing function.


    • To answer your second query SKEYID_a is not directly used in packet no.5 and 6 but it is used to generate the SKEYID_e which is used to encrypt packet no. 5 and 6.

    SKEYID_e = PRF (SKEYID+SKEYID_a+DH shared secret+ Cookies + Number)


    Let me know if i was able to answer your queries. Hope this Helps 🙂


    Pulkit Bhandari
    Please mark my response as Solution Accepted if it Helps, Kudos are Appreciated too. Smiley Happy