ZyXEL Communications zywall 50 User Manual
ZyWALL 50 Internet Security Gateway
23-12
VPN/IPSec
Setup
Aggressive Mode is quicker than Main Mode because it eliminates several steps when the
communicating parties are negotiating authentication (phase 1). However the trade-off is that
faster speed limits its negotiating power and it also does not provide identity protection. It is
useful in remote access situations where the address of the initiator is not know by the
responder and both parties want to use pre-shared key authentication.
communicating parties are negotiating authentication (phase 1). However the trade-off is that
faster speed limits its negotiating power and it also does not provide identity protection. It is
useful in remote access situations where the address of the initiator is not know by the
responder and both parties want to use pre-shared key authentication.
23.4.3 Pre-Shared Key
A pre-shared key identifies a communicating party during a phase 1 IKE negotiation. It is called “pre-shared”
because you have to share it with another party before you can communicate with them over a secure
connection.
because you have to share it with another party before you can communicate with them over a secure
connection.
23.4.4 Diffie-Hellman (DH) Key Groups
Diffie-Hellman (DH) is a public-key cryptography protocol that allows two parties to establish a shared
secret over an unsecured communications channel. Diffie-Hellman is used within IKE SA setup to establish
session keys. 768-bit (Group 1 - DH1) and 1024-bit (Group 2 – DH2) Diffie-Hellman groups are supported.
Upon completion of the Diffie-Hellman exchange, the two peers have a shared secret, but the IKE SA is not
authenticated. For authentication, use pre-shared keys.
secret over an unsecured communications channel. Diffie-Hellman is used within IKE SA setup to establish
session keys. 768-bit (Group 1 - DH1) and 1024-bit (Group 2 – DH2) Diffie-Hellman groups are supported.
Upon completion of the Diffie-Hellman exchange, the two peers have a shared secret, but the IKE SA is not
authenticated. For authentication, use pre-shared keys.
23.4.5 Perfect Forward Secrecy (PFS)
Enabling PFS means that the key is transient. The key is thrown away and replaced by a brand new key using
a new Diffie-Hellman exchange for each new IPSec SA setup. With PFS enabled, if one key is compromised,
previous and subsequent keys are not compromised, because subsequent keys are not derived from previous
keys. The (time-consuming) Diffie-Hellman exchange is the trade-off for this extra security.
This may be unnecessary for data that does not require such security, so PFS is disabled (None) by default in
the ZyWALL. Disabling PFS means new authentication and encryption keys are derived from the same root
secret (which may have security implications in the long run) but allows faster SA setup (by bypassing the
Diffie-Hellman key exchange).
a new Diffie-Hellman exchange for each new IPSec SA setup. With PFS enabled, if one key is compromised,
previous and subsequent keys are not compromised, because subsequent keys are not derived from previous
keys. The (time-consuming) Diffie-Hellman exchange is the trade-off for this extra security.
This may be unnecessary for data that does not require such security, so PFS is disabled (None) by default in
the ZyWALL. Disabling PFS means new authentication and encryption keys are derived from the same root
secret (which may have security implications in the long run) but allows faster SA setup (by bypassing the
Diffie-Hellman key exchange).