Title

  Test IKEv2.EN.R.1.2.5.5: Perfect Forward Secrecy
  Part A: (BASIC)


Purpose

  To verify an IKEv2 device properly handles CREATE_CHILD_SA exchange when Perfect
  Forward Secrecy enabels.


References

  * [RFC 4306] - Sections 2.12


Test Setup

  * Network Topology
      Connect the devices according to the Common Topology.
  * Configuration
      In each part, configure the devices according to the Common Configuration. Enable PFS.
  * Pre-Sequence and Cleanup Sequence
      IKEv2 on the NUT is disabled after each part.


Procedure

   NUT                  TN1
(End-Node)           (End-Node)
    |                    |
    |<-------------------| IKE_SA_INIT request (HDR, SAi1, KEi, Ni)
    |                    | (Packet #1)
    |------------------->| IKE_SA_INIT response (HDR, SAr1, KEr, Nr)
    |                    | (Judgement #1)
    |                    |
    |<-------------------| IKE_AUTH request (HDR, SK {IDi, AUTH, N+, SAi2, TSi, TSr})
    |                    | (Packet #2)
    |------------------->| IKE_AUTH response (HDR, SK {IDr, AUTH, N+, SAr2, TSi, TSr})
    |                    | (Judgement #2)
    |                    |
    |<-------------------| IPsec {Echo Request}
    |                    | (Packet #3)
    |------------------->| IPsec {Echo Reply}
    |                    | (Judgement #3)
    |                    |
    |<-------------------| CREATE_CHILD_SA request (HDR, SK {N, N+, SA, Ni, KEi, TSi, TSr})
    |                    | (Packet #4)
    |------------------->| CREATE_CHILD_SA response (HDR, SK {N+, SA, Nr, KEr, TSi, TSr})
    |                    | (Judgement #4)
    |                    |
    |<-------------------| INFORMATIONAL request (HDR, SK {D})
    |                    | (Packet #5)
    |------------------->| INFORMATIONAL response (HDR, SK {D})
    |                    | (Judgement #5)
    |                    |
    |<-------------------| IPsec {Echo Request} (new SA)
    |                    | (Packet #6)
    |------------------->| IPsec {Echo Reply} (new SA)
    |                    | (Judgement #6)
    |                    |
    V                    V

N: REKEY_SA N+: USE_TRANSPORT_MODE
Packet #1 See Common Packet #1
Packet #2 See Common Packet #3
Packet #3 See Common Packet #19
(CHILD_SA is negotiated by steps 1 through 4.)
Packet #4 See below
Packet #5 See below
Packet #6 See Common Packet #19
(CHILD_SA is negotiated by steps 7 through 8.)

* Packet #4: CREATE_CHILD_SA response
IPv6 Header Same as the Common Packet #13
UDP Header Same as the common packet #13
IKEv2 Header Same as the common packet #13
E Payload Same as the common packet #13
N Payload Same as the common packet #13
N Payload Same as the common packet #13
SA Proposals Same as the common packet #13
Ni Payload Next Payload 34 (KE)
KEi Payload Next Payload 44 (TSi)
Critical 0
Reserved 0
Payload Length 136
DH Group # 2
Reserved 0
Key Exchange Data any
TSi Payload Same as the common packet #13
TSr Proposals Same as the common packet #13
* Packet #5: INFORMATIONAL request
IPv6 Header Same as the Common Packet #17
UDP Header Same as the common packet #17
IKEv2 Header Same as the common packet #17
E Payload Other fields are same as the Common Packet #17
Next Payload 42 (Delete)
Delete Payload Next Payload 0 (last)
Critical 0
Reserved 0
Payload Length 12
Procotol ID 3 (ESP)
SPI Size 4
# of SPIs 1
Security Parameter Index(es) (SPI) SPI negotiated by Initial Exchange
  Part A: (BASIC)
     1. TN1 starts to negotiate with NUT by sending IKE_SA_INIT request.
     2. Observe the messages transmitted on Link A.
     3. After reception of IKE_SA_INIT response from the NUT, TN1 transmits an IKE_AUTH
         request to the NUT.
     4. Observe the messages transmitted on Link A.
     5. TN1 transmits an Echo Request with IPsec ESP using corresponding algorithms to NUT.
     6. Observe the messages transmitted on Link A.
     7. TN1 transmits a CREATE_CHILD_SA request including a Notify Payload of type
         REKEY_SA and rekeyed CHILD_SA's SPI value in the SPI field to the NUT.
     8. Observe the messages transmitted on Link A.
     9. TN1 transmits an INFORMATIONAL request including a Delete payload with the old
         CHILD_SA's SPI value to the NUT.
     10. Observe the messages transmitted on Link A.
     11. TN1 transmits an Echo Request with IPsec ESP using the second negotiated algorithms to
         the NUT.
     12. Observe the messages transmitted on Link A.


Observable Result

  Part A
       Step 2: Judgment #1
       The NUT transmits an IKE_SA_INIT response including "ENCR_3DES",
       "PRF_HMAC_SHA1", "AUTH_HMAC_SHA1_96" and "D-H group 2" as accepted
       algorithms.
       Step 4: Judgment #2
       The NUT transmits an IKE_AUTH response including "ENCR_3DES",
       "AUTH_HMAC_SHA1_96" and "No Extended Sequence Numbers" as accepted algorithms.
       Step 6: Judgment #3
       The NUT transmits an Echo Reply with IPsec ESP using corresponding algorithms.
       Step 8: Judgment #4
       The NUT transmits a CREATE_CHILD_SA response including "ENCR_3DES",
       "AUTH_HMAC_SHA1_96" and "No Extended Sequence Numbers" as proposed algorithms.
       Step 10: Judgment #5
       The NUT transmits an INFORMATIONAL response including a Delete payload with the old
       CHILD_SA's SPI value to the TN1.
       Step 12: Judgment #6
       The NUT transmits an Echo Reply with IPsec ESP using the newly negotiated algorithms.


Possible Problems

  * None.