The Subtle Art of Chaining Headers - IKEv2 Attack Surface Case Study

Presented at Black Hat Europe 2020 Virtual, Dec. 9, 2020, 11:20 a.m. (40 minutes).

Internet Key Exchange (IKE) is a significant component of IP Security (IPsec), a suite of protocols used extensively for creating Virtual Private Networks. IKE is used for performing mutual authentication, establishing and maintaining the required Security Associations. IKE is of a particular interest in the context of IPSec since a part of it is neither encrypted, nor authenticated and hence, it constitutes the only attack surface for unauthenticated attackers. This paper provides a network protocol analysis of the attack surface of the latest version of the protocol, IKE version 2 (IKEv2). By diving into the corresponding specifications, the main points of interest are identified and attacking opportunities are discussed. As it will be shown, despite IKEv2 has considerably been simplified in comparison with IKEv1, the format of its messages can vary multifariously, mainly due to the different types and number of payloads that can be incorporated. This complexity has already resulted in several known vulnerabilities. An open-source tool, authored especially for implementing the identified attack opportunities, is used to describe and test the described scenarios. By using this tool in combination with the described attack scenarios, potential flaws on IKEv2 implementations can be identified and hence, have them fixed before they are exploited in the wild.


Presenters:

  • Antonios Atlasis - Cyber Security Engineer, European Space Agency
    Antonios Atlasis (PhD) is a Cyber Security Engineer at European Space Agency (ESA) and an enthusiastic IT Security Researcher. His main interest is the analysis of network protocols from a security perspective (with IPv6 being rather his favorite). He has been a frequent presenter at various security conferences (Black Hat, Troopers, Hack in the Box, Brucon, Deepsec, etc.), and author of a few open-source security assessment tools.

Links:

Similar Presentations: