Download your favorite Linux distribution at LQ ISO.
Go Back > Forums > Linux Forums > Linux - Networking
User Name
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.


  Search this Thread
Old 04-22-2015, 08:32 AM   #1
LQ Newbie
Registered: Jul 2013
Posts: 28

Rep: Reputation: Disabled
Unhappy IKEv2 Rekeying of IKE_SA using CREATE_CHILD_SA message

I have a Confusion regarding rekeying Procedure of IKE_SA in IKEv2. MY confusion is when rekeying of IKE_SA is done whether its repective Keys of CHILD_SAs ie. ESP or AH SAs would be change or not. As per rfc 7296, in rekeying procedure of IKE_SA new SKEYSEED would be generate and then new set of {SK_d | SK_ai | SK_ar | SK_ei | SK_er | SK_pi | SK_pr} = prf+ (SKEYSEED, Ni | Nr | SPIi | SPIr). i.e. new Sk_d is generated.So, using these new values whether new keymat would be generated or not by this way, KEYMAT = prf+(SK_d, g^ir (new) | Ni | Nr). and would using this new ESP/AH Keys would be generated or enforced or not.. Does anyone can say something on this note..I need quick response.. Please Comment if you know about this..


ipsec, networking, security

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
PHP mail returns true (Message accepted for delivery), but the message is not sent Sogeking Linux - Server 1 06-09-2013 10:30 PM
IKEv2 - Strongswan to Cisco ikev2 Linux - Networking 1 05-18-2013 12:52 PM
strongswan ikev2 issue in setting up tunnels sriram_ec Linux - Networking 2 06-19-2012 04:09 AM
IKEV2 test---pls help me woshizhuzi Linux - Networking 0 09-09-2010 04:22 AM
neat command not working azx_get_response timeout message in /var/log/message ninadshaha Red Hat 1 02-19-2008 02:32 PM > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 11:53 AM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration