The Complete Cisco VPN Configuration Guide

Key Exchange

So far I’ve talked about all different kinds of keys: symmetric and asymmetric keys, and encryption and HMAC keys. As I mentioned in the last two sections on encryption and packet authentication, which typically use symmetrical keys, the sharing of the protection keys is a security issue. This next section will explore the key-sharing process in more depth and talk about some possible solutions, such as the following:

Key Sharing Dilemma
Diffie-Hellman
Key Refreshing
Limitations of Key Exchange Methods

Key Sharing Dilemma

A simple example illustrates the issues of sharing keys for symmetric keying algorithms and functions. You have decided to protect financial data between two devices, PeerA and PeerB, and want to encrypt this information ...

Get The Complete Cisco VPN Configuration Guide now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

The Complete Cisco VPN Configuration Guide by Richard Deal

Key Exchange

Key Sharing Dilemma

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly