Peer authentication

Peer authentication is a critical part of a phase 1 negotiation. Before two hosts can participate in the negotiation of a Security Association, each must be authorized to negotiate with the other. IKE does not allow negotiation with a host that cannot be properly identified. IP addresses are not a guarantee of identity (an IP packet can be spoofed), and the IP address from an inbound packet alone is insufficient to prove the identity of a remote host. Therefore, the IKE daemon needs a more reliable method for determining the remote host’s identity. This proof of identity is first presented during the phase 1 negotiation.

z/OS® IP security implements two methods of host authentication as follows:

  • Digital signature (RSA or ECDSA)
  • Pre-shared key

Each of these authentication methods provides a way for hosts to verify the identity of the other, and while the pre-shared key mechanism is easier to configure, the digital signature methods are more versatile, secure, and scalable. The choice of authentication method is configured in an IP security policy configuration file for each IPSec connection, using the KeyExchangeOffer statement for IKEv1 and the KeyExchangeAction statement for IKEv2. For more details about the KeyExchangeOffer and KeyExchangeAction statements, see z/OS Communications Server: IP Configuration Reference.

Peer authentication is not the same as data authentication. Data authentication uses IPSec to authenticate an IP packet after an IPSec Security Association has been negotiated by two IKE daemons. Peer authentication is used during an IKE phase 1 negotiation to identify two IKE peers to each other before the establishment of any phase 2 Security Associations.

Guideline: As a matter of security, pre-shared keys should not be shared among multiple remote IKE peers. If the pre-shared key method of authentication is used, each remote host should have its own unique key and KeyExchangeRule specific to that host. If multiple remote hosts are identified by the same KeyExchangeRule, digital signature methods of peer authentication should be used.
Rule: For IKEv2, if digital signatures are used as the authentication method, then the IKED must be configured to use the certificate services of the NSSD. For more details about the configuring the IKED and the NSS IPSec client, see Network security services.