We are aware of how the internet can endanger our daily lives. From identity theft to illegal use of your IP, the internet is fraught with risks. However, many avenues attempt to provide a haven for like-minded privacy-concerned users. Numerous tools can aid a user with his online privacy conquests, such as the SOCKS5 proxy, TOR (The Onion Router), or the famous VPN. Unsurprisingly, these forms of technology have their dos and don’ts. But many regard VPNs as a one-stop solution to most privacy and security issues. VPNs work by building a tunnel between the client and the internet, thus barring any third party from spying on your online activities. These tunnels are the working of security protocols or VPN protocols: PPTP, LT2P, OpenVPN, WireGuard, IKEv2/IPsec, etc. Today, we will take a closer look at the IKEv2/IPsec VPN protocol, and learn what it is and how it works. Also, is it worth it?
IKEv2 over IPsec, usually IKEv2/IPsec in notation, is a combination of two protocols, IKEv2 (Internet Key Exchange version 2) and IPsec (Internet Protocol Security). To learn how they function in unison, we must first analyze them separately.
What is IPsec?
IPsec, short for Internet Protocol Security, is a secure network suite of open standard protocols and algorithms. It secures connections over the Internet Protocol (IP), which is the underlying technology that makes the internet possible. Developed by the Internet Engineering Task Force (IETF) back in the 90s, IPsec can facilitate communication between two access points across the IP network (internet). IPsec provides data authenticity, integrity, and confidentiality. It also defines the encrypted, decrypted, and authenticated data packets alongside protocols that can secure key exchange and key management such as IKEv2. This suite of protocols can, together, set up encrypted connections between devices. IPsec ensures that any data packet sent over the public network remains secure.
Used mainly in VPNs, it provides security at the IP layer through authentication and encryption of IP network packets. IPsec establishes mutual authentication between agents at the beginning of a session; it negotiates the use of cryptographic keys during one. It can connect host-to-host, gateway-to-gateway, network-to-network, or network-to-host.
Originally, IPsec defined two protocols for securing data packets: Authentication Header (AH) and Encapsulation Security Payload (ESP). However, it has grown to use IKE, as we discuss below. It can now generate shared security keys to establish a security association (SA).
Note — The initial IPv4 suite had fewer security provisions. Thus, IPsec is a part of IPv4 enhancement and is a layer 3 OSI model. While some other internet security systems like the TLS and SSH operate above layer 3, IPsec at OSI layer 3 can automatically secure applications at the IP layer.
How does it work?
The working of an IPsec connection involves several terminologies, such as:
- Key exchange — Keys are responsible for the encryption and decryption of data. During an IPsec connection, the two parties exchange keys to ensure security.
- Packet headers and trailers — Data travels in the form of packets on the Internet. They consist of the payload (the actual data) and the “header” (carries the information regarding that particular packet). IPsec encapsulates this data packet into others that contain authentication and encryption details.
- Authentication — IPsec authenticates each outgoing data packet to assure the receiver it comes from a trusted source.
- Encryption — The process of encapsulating data packets into others to provide security. However, the transport mode doesn’t offer encrypted packets.
- Transmission — IPsec uses UDP instead of TCP to ensure that it can overcome firewalls.
The process looks like this:
- First, the host checks if the data needs transmission via IPsec or not.
- If yes, then the data packet is “interesting” traffic.
- These packets then trigger the security policies for themselves.
- Then, the IKE phase 1 starts.
- In this phase, the pair of connected hosts authenticate each other.
- First, they negotiate the IKE SA policy.
- Then, they set up a secure tunnel to encrypt data.
- Now, after the tunnel is in play, the connected parties negotiate and exchange keys.
- It is the IKE phase 2.
- These keys are responsible for the encryption and decryption of any traffic flowing through this particular tunnel.
- This tunnel will last till the connection is active.
- Then the actual transmission of packets occurs.
- Now, the IKE SA key will encrypt and decrypt the data packets.
- Lastly, the protocol discards these keys; After the communication ends to terminate the tunnel.
Different modes of IPsec operations:
There are two different encryption modes available for IPsec. Depending on the situation, each has its advantage.
- Tunnel mode — Normally, the tunnel mode is used between secure network gateways. It enables the hosts hidden behind their respective gateways to communicate securely with one another. Moreover, it helps protect all traffic between two networks. In IPsec tunnel mode, the entire data packet is encrypted and authenticated before the encapsulation takes place. Therefore, IPsec tunnel mode can create VPNs easily.
- Transportation mode — IPsec transport mode can directly connect two hosts without them hiding behind gateways. It can enable remote access. However, there is no encapsulation as only the payload goes through encryption.
What protocols are in the IPsec suite?
IPsec is not a singular protocol but consists of different protocols. IPsec authenticates and encrypts data packets sent over both IPv4 and IPv6-based networks. The IPsec protocols use the Request for Comments (RFC) format to develop the requirements for the network security standards. It uses many protocols, such as digital signature algorithms and most protocols outlined in the IPsec and IKE Document Roadmap, or RFC 6071.
The protocols that make up the IPsec protocol suite are:
- Authentication Header (AH) — The AH protocol ensures that data packets are from a trusted source. These headers do not provide any encryption. In AH, it hashes the header and payload, and from this hash, a new AH header forms. It provides data integrity and transport protection but can’t conceal the data against attackers.
- Encapsulating Security Payload (ESP) — ESP protocol encrypts the header and the payload for each packet. This protocol then adds a custom header and a trailer to each data packet, which provides authentication, integrity, and confidentiality. ESP performs at the IP layer and supports multiple encryption methods.
- Internet Key Exchange (IKE) — IKE is a protocol that enables two systems or devices to establish a tunnel over a public network. It uses a series of key exchanges to create a secure tunnel between a client and a server. This tunnel can then send encrypted traffic. The security of the tunnel depends on the Diffie-Hellman key exchange.
- Internet Security Association and Key Management Protocol (ISAKMP) — ISAKMP (Internet Security Association and Key Management Protocol), a part of IKE, is a framework for key establishment, authentication, and negotiation. It defines the SA policy of the connected devices.
What is IKEv2?
IKEv2 or Internet Key Exchange version 2 is the latest generation of the IKE protocol. It handles request and response action and is an IPsec-based tunneling protocol. It ensures traffic security by establishing and negotiating SA within the suite, in this case, the IPsec suite. IKE builds upon the OAKLEY (Oakley Key Determination Protocol) and ISAKMP. Furthermore, IKEv2 is secure, stable, easy to set up, and among the fastest protocols when combined with IPsec.
IKEv2 is a hybrid protocol that does key management within IPsec networks. It works by creating a tunnel between two hosts over an unsure network. Then, it proceeds to negotiate the SA policy and key exchange. IETF was the first to define IKE in the late 90s. The IETF published 3 RFCs to specify IKE completely and has since updated these definitions in 2005, 2006, and 2014. IKEv2 shares its root with the OAKLEY, SKEME (Versatile Secure Key Exchange Mechanism), and ISAKMP.
Developed jointly by the Microsoft enterprises and Cisco, IKEv2 is the latest version of IKE, which came out around December 2005. It is used primarily in VPNs together with the IPsec suite to provide stability and speed. It supports MOBIKE and is thus resistant to network changes. The best thing about IKEv2 is that it is capable of automatically re-establish a dropped connection.
IKEv1 vs. IKEv2
The key differences between IKEv1 & IKEv2 are:
- IKEv1 was the initial protocol that came out in 1998. IKv2 is the enhancement of IKE and was developed jointly by Cisco and Microsoft in December 2005.
- IKEv2 consumes less bandwidth when compared to the IKEv1.
- The latter can establish a tunnel faster because the message exchange requirement between tunnel endpoints is lower than that of IKE.
- It permits remote access by default as it uses EAP, which IKEv1 does not.
- IKEv2 is more secure as it uses encryption keys on both ends of the tunnel.
- The latter has native Network Address Translation – Traversal (NAT-T) to provide compatibility.
- IKEv2 supports the much-needed MOBIKE (IKEv2 Mobility and Multihoming) protocol that offers stability and resists network changes. IKE doesn’t. It also keeps the connection “alive” by attempting to re-establish it once it drops.
- The number of algorithms IKEv2 supports is much greater than IKE.
- IKEv2 is more resistant to DoS attacks as it authenticates whether the requester really exists.
- IKEv2 uses asymmetric authentication in place of the symmetric one used by the IKE. Consequently, IKEv2 uses two secret keys for added security instead of one like its predecessor.
How does it work?
The IKEv2 protocol lets the devices at the two ends of a tunnel encrypt and decrypt data packets using pre-shared keys, EAP, or digital signatures. Both the encryption and decryption use asymmetric authentication instead of symmetric one. Meaning, both ends are free to decline a mutually agreed upon “singular” authentication method and can use two secret keys at once. The IKEv2 uses four different types of messages to establish the SA policy, which are IKE_SA_INIT, IKE_AUTH, CREATE_CHILD_SA, and INFORMATIONAL. The SA deals with multiple attributes and includes traffic encryption keys and cryptographic algorithms, among others.
Notable traits of the IKEv2 are:
- It supports the latest encryption algorithms.
- In general, the IKE runs in the user space i.e., system memory dedicated to running applications. Meanwhile, the IPsec stack runs in kernel space or the core of the operating system, which helps boost performance.
- The IKE protocol uses UDP packets with port 500.
- It uses four to six packets for creating the SA.
- IKE has roots within 3 security protocols: ISAKMP, SKEME, and OAKLEY.
- When implemented in a VPN, the IKEv2 supports MOBIKE. Besides the pros we mentioned above, it provides stability to the protocol architecture and boosts the quality of experience on mobile VPNs.
- IKEv2 supports PFS (Perfect Forward Secrecy).
- IKEv2 was developed by Microsoft together with Cisco.
- Note. There are open-source implementations of the protocol like OpenIKEv2, Openswan, and strongSwan.
- IKE uses the X.509 certificates when it handles the authentication process.
Main concerns regarding IKEv2:
IKEv2 has three major concerns:
- Password issues — The password used with the IKEv2 protocol must not be weak. That makes it especially prone to successful hacks. This can be negated by either choosing a strong password or using a third-party application of IKEv2.
- The alleged NSA exploitation of ISAKMP — According to the German magazine Der Spiegel the NSA seems capable of exploiting the IKE and ISAKMP to decrypt IPsec traffic. However, the authenticity of these claims is questionable and subject to prejudice.
- Potential Man-in-the-Middle (MITM) attacks — The configurations used to allow multiple negotiations can easily be made subject to a downgrade MITM attack. Luckily, the risks are eliminated by neat, secure configurations.
IKEv2 vs Other Protocols
|Latest in technology stacks over IPsec to provide a secure connection.
|One of the best when it comes to security, especially when combined with a robust cipher and ephemeral keys.
|As secure as OpenVPN, but depends on the ciphers used.
|By itself, it isn’t much. But with L2TP over IPsec, it has no major vulnerability.
|The oldest protocol and thus full of issues.
|Highly stable and consistent connection as it uses the MOBIKE protocol.
|It is stable.
|Stable but solely on Windows.
|Unstable and may experience frequent drops.
|Faster than most protocols out there.
|Great speed across long distances and on connections with high latency.
|Faster than SSTP and L2TP.
|Alone, it isn’t fast. With L2TP/IPsec it gains a substantial boost.
|The fastest protocol due to simple encryptions.
|Windows, Mac, iOS, Android, and Linux only.
|Most OSes are supported, they include Windows, Mac, iOS, Android, Linux, etc.
|Most OSes are supported, they include Windows, Mac, iOS, Android, Linux, etc.
|Most OSes are supported, they cover Windows, Mac, iOS, Android, Linux, etc.
|The modicum of stability and speed. It offers fast speed, prominent security, and additional safety.
|Native support for most OS, it has good speed and is reliable.
|Ideal for Windows users can circumvent firewalls.
|Stable and easy to set up.
|Recommended only to those who crave speed and not security.
What is IKEv2/IPsec?
IKEv2 is a Key exchange, and IPsec is a suite of protocols. Together, they form one of the best VPN protocols currently available. In general, using IKEv2 over IPsec is beneficial because they cover each other’s shortcomings. It uses the Diffie–Hellman key exchange, has no known vulnerabilities, allows Perfect Forward Secrecy, and supports fast VPN connections.
The IKEv2/IPsec is specifically designed for VPN use. While IKEv2 is a key management protocol, the IPsec takes care of tunneling security and transportation. Therefore, for best results, IKEv2 is nearly always used with IPsec. The IKE part of this protocol handles the security associations between a client and a server. The IPsec carries the data through the tunnel created by the IKE negotiations. They both work the best when they operate jointly. Why? Because IKE was built upon and for the IPsec suite. This merging is what allows this protocol to be this fast. Remember, IKEv2 runs in the user space while the IPsec operates within the kernel.
How does it work?
When your VPN client deems traffic interesting, it will initiate IPsec to encapsulate the data packets. The packets will travel through a tunnel maintained by the IKEv2. The security of the tunnel relies on the various protocols within the IPsec suite. It starts the IKE phase 1 to exchange keys and then moves into negotiation with IKE phase 2. The tunnel persists till the exchange is over. After that, IPsec drops this tunnel and discards the IKE keys.
Pros and cons of IKEv2/IPsec
Read our article about the advantages and disadvantages of IKEv2 to get detailed information. Before you do, here’s a quick rundown:
- Benefits of IKEv2/IPsec are:
- Strong security
- Great speed
- Drawbacks of IKEv2/IPsec are:
- Closed source
- Prone to blocks
- Security issues