Good stuff! Thanks for sharing, I always wondered but never got round to checking what the individual key pairs were used for.
Ian On 16 Sep 2010, at 13:43, Kingsley Charles <[email protected]> wrote: > Guys got the answer :-) > > Snippet from > http://www.cisco.com/en/US/docs/ios/12_3/security/command/reference/sec_c2g.html#wp1104892 > > > Note Secure Shell (SSH) may generate an additional RSA key pair if you > generate a key pair on a router having no RSA keys. The additional key pair > is used only by SSH and will have a name such as {router_FQDN}.server. For > example, if a router name is "router1.cisco.com," the key name is > "router1.cisco.com.server." > > This command is not saved in the router configuration; however, the RSA keys > generated by this command are saved in the private configuration in NVRAM > (which is never displayed to the user or backed up to another device) the > next time the configuration is written to NVRAM. > > > Note If the configuration is not saved to NVRAM, the generated keys are lost > on the next reload of the router. > > There are two mutually exclusive types of RSA key pairs: special-usage keys > and general-purpose keys. When you generate RSA key pairs, you will be > prompted to select either special-usage keys or general-purpose keys. > > Special-Usage Keys > > If you generate special-usage keys, two pairs of RSA keys will be generated. > One pair will be used with any Internet Key Exchange (IKE) policy that > specifies RSA signatures as the authentication method, and the other pair > will be used with any IKE policy that specifies RSA encrypted keys as the > authentication method. > > A certification authority (CA) is used only with IKE policies specifying RSA > signatures, not with IKE policies specifying RSA-encrypted nonces. (However, > you could specify more than one IKE policy and have RSA signatures specified > in one policy and RSA-encrypted nonces in another policy.) > > If you plan to have both types of RSA authentication methods in your IKE > policies, you may prefer to generate special-usage keys. With special-usage > keys, each key is not unnecessarily exposed. (Without special-usage keys, one > key is used for both authentication methods, increasing the exposure of that > key.) > > General-Purpose Keys > > If you generate general-purpose keys, only one pair of RSA keys will be > generated. This pair will be used with IKE policies specifying either RSA > signatures or RSA encrypted keys. Therefore, a general-purpose key pair might > get used more frequently than a special-usage key pair. > > > > That clarifies everything, I love happy endings :-) > > > With regards > Kings > > On Thu, Sep 16, 2010 at 12:22 PM, Kingsley Charles > <[email protected]> wrote: > This might be a clue, when you try to associate a rsa key to trustpoint, the > options says either general purpose of signature key > > > > router5(config)#crypto pki trustpoint cisco > router5(ca-trustpoint)#rsakeypair cisco ? > <360-2048> General Purpose or Signature Key length > > > > Which means signature key is never used for IPSec. This also can be an answer. > > > > On Thu, Sep 16, 2010 at 12:13 PM, Kingsley Charles > <[email protected]> wrote: > Hi Tacack/Ian > > Thanks for your response. > > I think, we three have variations in our answer but if we ourselves together, > we will get the correct answer :-) > > > The IPsec peer sends the certificate request in PKCS#10 along with it's > public keys encrypted using the CA's public key that it got from the CA > certificate. > The CA server decrypts the request using it's own private key. > Sends back a X.509 certificate along with a signature and the peer's public > key. > The signature is a hash of the peer's public key and other values in request > after which it is encrypted using CA's private key. > The peer get's it's certificate from the CA server. > During IPSec negotiation, the peer sends it's cert to the remote peer. > The remote peer using the CA's public key from the CA certificate which is > used to decrypt the signature. Both the peer should have enrolled with same > CA. > Remote peer get's the hash value after decryption using CA pub key. > The remote peer generates hash from the details it from the peer and compares > the hash. > If they are the same, then authentication suceeds. > > > > > Either you can have the following on the IPSec peers > > > > Cert used for encrytion > Cert used for signature > RSA keys for encryption > RSA keys for signature > > > or > > > > Cert for general purpose (both encryption and signature) > RSA keys for general purpose (both encryption and signature) > > > > > > > The certificate that is sent to the remote IPSec peers has a public key. Now > that public key in the cert can used for encryption and signature for 2nd case > > while in the first case, you have two certs one having public key for both > encryption and other for signature. > > > > The IPSec encryption happens with SKEYID_d that was obtained using the shared > secret from DH. > > > Hence the only encryption function of the public key from the cert is for > encrypting msg 5 and 6. Either general purpose key or the encryption key is > > used for encryption. The private key on the peer is used for decrypting the > messages 5 and 6. Also the other place where the encryption is used is > > when sending cert request to the CA server > > > > > > Ok what's the purpose of signature key of the peers which is available in the > signature cert? > > > > > > The signature is encrypted by the CA public key not the peer's pub key. I > need to know what is the purpose of signature cert and signature keys. > > > > > > With regards > Kings > > > On Wed, Sep 15, 2010 at 10:26 PM, Ian McGowan <[email protected]> wrote: > Okay I'll hit reply all this time, sorry Vybhav :-) > > > Hi Kings, > > RSA is used for encryption on IKE Phase 1 when the ISAKMP policy is set to > rsa-sig. The initiator takes a hash of a block data and then encrypts it, > the other end can then decrypt it and compare the hashes. If exact, the peer > is authenticated. When it moves to Phase 2 the encryption algorithm > specified in the transform set is used. This encryption algorithm in the > transform set will be a form symmetric encryption which is computationally > much faster than asymmetric encryption (ie RSA). The overhead of asymmetric > is accepted on IKE phase 1 for authentication but for passing traffic > asymmetric encryption is too slow so we must symmetric such as 3DES or AES. > Asymmetric being more secure, we can generate very strong Key Encyption Keys > (KEK's) in the phase 1 tunnel and share them with our peer across the tunnel > to raise the security of the symmetric encryption algorithm. > > "My question is in IOS and ASA, is RSA keys or shared secret used for > encryption/decryption." > **This depends on what you have set the ISAKMP policy to be. Phase 2 is > always symmetric. > > As for what the signature keys and encryption keys are used for, I believe > signature for IKE Phase 1 and I'm not actually sure what the encryption keys > are used for....?? > > Hope that helps, > > Ian > > > > On Wed, Sep 15, 2010 at 3:11 PM, Kingsley Charles > <[email protected]> wrote: > When we generate encryption and signature keys separately and use it with > trustpoint, we get two certs - encryption and signature cert. If signature > cert is > used for authenticating with the peer then please let me know what is the > purpose of encryption cert? Is it used for encrypting data? > > > With regards > Kings > > > > On Wed, Sep 15, 2010 at 12:34 PM, Kingsley Charles > <[email protected]> wrote: > Hi all > > When using Digital certificates, are the private/public key of the device > peering used for encrypting/decrypting the data or the shared secret key used > as done when using pre-shared keys. > Most places, I read that the rsa keys are used for encryption and decryption. > > I have also read that rsa keys are not used because during bulk data > encryption/decryption they don't scale well. > > > My question is in IOS and ASA, is RSA keys or shared secret used for > encryption/decryption. > > > With regards > Kings > > > _______________________________________________ > For more information regarding industry leading CCIE Lab training, please > visit www.ipexpert.com > > > > >
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com
