The Subtle Art of Chaining Headers - IKEv2 Attack Surface Case Study

Internet Key Exchange (IKE) is a significant component of IP Security (IPsec), a suite of protocols used extensively for creating Virtual Private Networks. IKE is used for performing mutual authentication, establishing and maintaining the required Security Associations. IKE is of a particular interest in the context of IPSec since a part of it is neither encrypted, nor authenticated and hence, it constitutes the only attack surface for unauthenticated attackers.

This talk will provide a network protocol analysis of the attack surface of the latest version of the protocol, IKE version 2 (IKEv2). By divining into the corresponding specifications, the main points of interest will be identified and attacking opportunities will be discussed. As it will be shown, despite IKEv2 has considerably been simplified in comparison with IKEv1, the format of its messages can vary multifariously, mainly due to the different types and number of payloads that may – or may not – be incorporated. This complexity has already resulted in several known vulnerabilities. However, this may not be the end; for this reason, an open-source tool, authored especially for implementing the identified attack opportunities, will be released suitable for test the described scenarios. By using this tool, potential flaws can be identified and hence, have them fixed or mitigated before they are exploited in the wild.

About the Speaker