Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3261
Views
5
Helpful
1
Replies

IPSec PSK security

jmprats
Level 4
Level 4

‎06-29-2011 12:42 AM - edited ‎02-21-2020 05:25 PM

Hi, I've read that IPSec PSK remote access is not secure enough because a lot of people know the key.

But I think PSK is not used for encryption. IPsec creates new session keys from the PSK in each session and for each user and they are different and unknown each time.

In this case, knowing the PSK for an attacker it will not be a security risk.

But I'm not sure about that, any ideas?

Is a security risk to share the PSK? why?

Thanks

Labels:
0 Helpful
1 Reply 1

wzhang
Cisco Employee
Cisco Employee

‎07-07-2011 02:41 PM

Hi,

You are correct - the IPSec session keys used for encryption/decryption are completely different from the PSK used for peer authentication. The main risks associated with the leak of a PSK are: 1) MITM attack if the attacker is in the data path, and 2) the attacker can gain illegal access the private network by impersonating a trusted host. You may find more info here:

http://www.cisco.com/en/US/tech/tk583/tk372/technologies_security_notice09186a008016b57f.html

Note the specific attack described above is with Aggressive Mode, but there is also techniques with Main Mode, although it's bit more difficult to do.

Hope this helps,

Thanks,

Wen

Customers Also Viewed These Support Documents