There are some folks saying that SHA1 (160 bit) should not be used any longer on IPSEC implementations since it is broken.
Can anybody comment on this? For phase 2 there is sha1 + hmac(cannot be broken yet), what about Phase1?
Whole world is still running IKE v1 VPN IPSEC using SHA1 hash.
Indeed IKEv1 security has been improved by IKEv2.
In order to have some more secure algorithms, then you will need to consider IKEv2, an ASA running 8.4 or later should give the following integrity algorithms:
ciscoasa(config)# crypto ikev2 policy 10
ciscoasa(config-ikev2-policy)# integrity ?
ikev2-policy mode commands/options:
md5 set hash md5
sha set hash sha1
sha256 set hash sha256
sha384 set hash sha384
sha512 set hash sha512
IKEv1 does not only support SHA1.
Please rate any helpful posts
Portu, it is all clear that IKEv2 provides improvements on IKE v1.
But your reply does not answer my question.
Can SHA1 be cracked on IPSEC implementation on Phase 1 and Phase 2 currently?
to answer that question you need to know what hashing is doing in IPsec.
It's not that algorithm cannot be broken (altough I still need to see a real-time attack).
Have a look at IPsec (ESP, most commony used) header structure.
You can even find it out on wikipedia:
EVEN if you're able to break the integrity check, you are still going to face problem encrypting spoofing the actual payload.
Is SHA 256, as well as groups higher than DH-group 5 (like 14, 16)supported on ASA only with IKEv2?
I know that IOS supports SHA256 and Group 14, 16 on IKEv1, but it looks like ASA only supports them with IKEv2.
In practice suite-B etc. has been only added for IKEv2.
You will notice that while in theory there is no reason for IKEv1 not to implement those "new" algorithms it's with IKEv2 they are required to be accredited.