IKE Phase 2

The purpose of IKE Phase 2 is to negotiate IPSec SAs. IKE phase 2 performs the following functions. For details, see Cisco, “IPSec Overview Part Four: Internet Key Exchange (IKE)”.

Negotiates IPSec SA parameters protected by an existing IKE SA
Establishes IPSec security associations
Periodically renegotiates IPSec SAs to ensure security
Optionally performs an additional Diffie-Hellman exchange

A negotiated shared IPSec Phase 2 policy includes:

IPSec Security protocols
When IKE is not used to establish SAs, a single transform set must be used. Before a transform set can be included in a crypto map entry, it must be defined. A transform set specifies one or two IPSec security protocols (either Encapsulation Security Protocol (ESP) or Authentication Header (AH)

To select a transform set, consider the following:
- For data confidentiality, include an ESP.
- For data authentication for the outer IP header as well as the data, include an AH.
- For data authentication (either using ESP or AH), choose from the MD5 or SHA (HMAC keyed hash variants) authentication algorithms. The SHA algorithm is generally considered stronger than MD5, but is slower.
Encryption—AES Counter mode (AES-CTR) are used are also used. AES-CTR use ESP confidentiality mechanism and require the encryptor to generate a unique per-packet value and to communicate this value to the decryptor. AES-CTR must be used in conjunction with an authentication function, such as HMAC-SHA.
Authentication
IPSec Mode—the options are tunnel and transport modes.
Perfect Forward Secrecy— Perfect forward secrecy means that a piece of an encryption system automatically and frequently changes the keys it uses to encrypt and decrypt information, such that if the latest key is compromised, it exposes only a small portion of the user’s sensitive data.
If perfect forward secrecy (PFS) is specified in the IPSec policy, a new Diffie-Hellman exchange is performed with each quick mode, providing keying material that has greater entropy (key material life) and thereby greater resistance to cryptographic attacks. Each Diffie-Hellman exchange requires large exponentiations, thereby increasing CPU use and exacting a performance cost.

For IKE Phase 2, see crypto map ipsec command.

For IPSec Mode, see crypto ipsec mode command.