MITM attack IPSec with PKI. part 2

Tagir Temirgaliyev · ‎03-20-2019

part1 here https://community.cisco.com/t5/security-blogs/mitm-attack-ipsec-what-happens-if-attacker-knows-ipsec-pre/ba-p/3756562

A brief summary of the part1 : we showed that the security level of IPSec with preshared key is equal to the security level of the configuration file of the router. And how can the configuration file of the router fall into the hands of a hacker? There are a lot of options. For example, I bought a used router and there was a working config from one of the banks.

Most experts will say that you need to use PKI CA authentication.

Now I will demonstrate to you that IPSec with basic primitive PKI authentication even less secure than IPSec with a preshared

key.

on the diagram from Lo0 ROUTER-A to Lo0 ROUTER-B, an IPSec tunnel is established. Authentication is performed using certificates signed by SERVER. This is the simplest configuration.

Now suppose that the hacker turned off the link in the direction of ROUTER-B and installed his router R4

on R4, the hacker created the same IP addresses, generated an RSA key pare, sent a request to SERVER to sign the public key, received a signed certificate in response, and established an IPSec tunnel with ROUTER-A. So easy.

In the application configuration files.

Tagir Temirgaliyev · ‎03-23-2019

Why is this basic implementation weak?
the first reason is grant auto in SERVER.
This means that the server signs any incoming request.
An attacker can generate a pair of RSA keys
and just send a request and automatically receive a signed certificate in reply.
I believe that in a production environment this can not be done.