Main mode

A Main mode exchange is composed of six messages as shown in Figure 1.

Figure 1. Main mode exchange

In main mode, the initiator server A exchanges six messages in three groups with responder server B. A sends proposed ISAKMP SAs to B and receives SA accepted message from B. A sends to and receives from B the message of key generation information. A sends to and receives from B the message of identify and authentication info, which must be encrypted.

Messages 1 and 2 provide agreement on the negotiable attributes of the ISAKMP security association. These associations are used to protect phase 2 negotiations that are established by using this phase 1. The initiator sends a list of acceptable security associations to the responder in message 1. Each security association defines an acceptable combination of attributes for the ISAKMP SA that is being negotiated. The responder picks a security association that is acceptable and returns the choice to the initiator in message 2.

The following attributes can be negotiated in phase1:

Authentication method (for example, pre-shared key or RSA signature)
Hash algorithm (for example, MD5 or SHA1)
Encryption algorithm (for example, DES, 3DES or AES)
Diffie-Hellman group information (for example, group 1, group 2, group 5 or group 14)
Life time and life size of the ISAKMP SA

Messages 3 and 4 are used to exchange information specific to the generation of a shared secret key. This information includes Diffie-Hellman public values and a randomly generated value called a nonce. The initiator sends their Diffie-Hellman public value (for example, g**x mod n) and a nonce in message 3. The responder sends a Diffie-Hellman public value (for example, g**y mod n) and a nonce in message 4. With this information, both the responder and initiator can independently generate the identical keying information. The calculations that are used to generate keying information vary depending on the authentication method that was agreed upon during messages 1 and 2.

The keying information that is generated by both sides includes the following:

A key that authenticates messages sent under the protection of this ISAKMP SA (for example, phase 2 messages)
A key that encrypts messages that are sent under the protection of this ISAKMP SA (for example, phase 2 messages)
Keying material that derives keys that are established for phase 2 SA

Messages 5 and 6 are used to exchange identity information and authentication information. The authentication information varies depending on the authentication method that was agreed upon during messages 1 and 2. For pre-shared key authentication, public key encryption authentication, and revised public key encryption authentication, the information takes the form of an encrypted hash. For signature-based authentication, this information takes the form of a signature. The initiator includes their identity and authentication information in message 5. The responder includes their identity and authentication information in message 6.

Main mode provides a mechanism to exchange certificates when signature-based authentication is used. This mechanism is not shown in Figure 1, but works in the following way. In message 5 the initiating ISAKMP server can include the certificate it used to create its signature. In message 6 the responding ISAKMP server might include the certificate it used to create its signature. Inclusion of the certificate is optional unless the ISAKMP server’s peer explicitly requests that the certificate be sent.