IKE authentication

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!


Why is it when is it in authenticating a phase 1 IKE negotiation with
pre-shared keys (and public key encryption for that matter) such long
prf's are used to create the initiator and requestors hash?

Why include the ID, SA, cookies etc then creating the hash? surely
authentication can be achieved just with the preshared key and some
additional info? Why hash the key (with the 2 nonces) then hash it
again to create the initiators and responders hash?

thanks for any help

Site Timeline