Showing results for 
Search instead for 
Did you mean: 

vpn queries - cisco s2s vpn

Level 4
Level 4

Read more websites, and confused more.... Can anyone give clear picture on the below..

what is a session key ?

what is a shared secret key ?

how preshared keys are detected and authenticated by its ipsec peer ?

what is hash ?

in phase 1 and phase 2, how encryption actually works ?

2 Replies 2

Marcin Latosiewicz
Cisco Employee
Cisco Employee

Session key in cryptography is meant to describe a key which actually used in protection of a given transaction/set of transcations.

Shared secret key, I guess you are referring to IKE's Pre-shared key (PSK), it's a key mutually agreed between two parties. In IKE it is used to authenticate given peer.

PSK or RSA-SIG or RSA-ENC as the authentication mechanism as long as mechanisms used to protect later parts of exchange is "negotiated" in MM1/MM2 or AM1 and AM2.

Hash - is one was crypto function - read more

Phase 1 (from MM5) and Phase 2 exchanges are protected by whatever will be negotiated in MM1/MM2. Phase 2 esteblishes how actual traffic will be encrypted.

If you want to read about the encapsulation mechanism and math behind it, RFC(s) are your freiends.