The Internet Key Exchange (IKE) Protocol

IPsec uses the Internet Key Exchange (IKE) protocol to negotiate and establish secured site-to-site or remote access virtual private network (VPN) tunnels. IKE is a framework provided by the Internet Security Association and Key Management Protocol (ISAKMP) and parts of two other key management protocols, namely Oakley and Secure Key Exchange Mechanism (SKEME).

In IKE Phase 1 IPsec peers negotiate and authenticate each other. In Phase 2 they negotiate keying materials and algorithms for the encryption of the data being transferred over the IPsec tunnel.

There are two versions of IKE:

IKEv1: Defined in RFC 2409, The Internet Key Exchange

IKE version 2 (IKEv2): Defined in RFC 4306, Internet Key Exchange (IKEv2) Protocol

IKEv2 enhances the function of performing dynamic key exchange and peer authentication. IKEv2 simplifies the key exchange flows and introduces measures to fix vulnerabilities present in IKEv1. Both IKEv1 and IKEv2 protocols operate in two phases. IKEv2 provides a simpler and more efficient exchange.

Phase 1 in IKEv2 is IKE_SA, consisting of the message pair IKE_SA_INIT. IKE_SA_INIT is used to initiate the IKE negotiation. IKE_SA is comparable to the IKEv1 Phase 1. The security association (SA) is the keying material used to encrypt packets over the VPN tunnel. The attributes of the IKE_SA phase are defined in the key exchange policy. The second phase in IKEv2 is CHILD_SA. The first CHILD_SA (Phase 2 SA) is the IKE_AUTH message pair. This phase is comparable to the IKEv1 Phase 2. Additional CHILD_SA message pairs can be sent for rekey and informational messages. The CHILD_SA attributes are defined in the data policy.

Differences from IKEv1 include the following:

IKEv1 Phase 1 has two possible exchanges: main mode and aggressive mode. There is a single exchange of a message pair for IKEv2 IKE_SA.

IKEv2 has a simple exchange of two message pairs for the CHILD_SA. IKEv1 uses at least a three-message pair exchange for Phase 2.