Is it possible to calculate authentication key within the IPsec/L2TP tunnel?

0

I have established IPsec/L2TP tunnel. I can retrieve all secret information, using the ip xfrm state command. Example of output:

src 192.168.1.105 dst 58.93.199.252
    proto esp spi 0x047b9a7f reqid 1 mode transport
    replay-window 32 
    auth-trunc hmac(sha1) 0x4e7b5739049a9ed7bc43255991bc1ff71b02de0b 96
    enc cbc(aes) 0x50d5bbef1c5e5ccda33113f76140901b753318d0c1c10e2588137fa454a39076
    encap type espinudp sport 4500 dport 4500 addr 0.0.0.0
    anti-replay context: seq 0x0, oseq 0x98, bitmap 0x00000000
    sel src 192.168.1.105/32 dst 58.93.199.252/32 
src 58.93.199.252 dst 192.168.1.105
    proto esp spi 0xcae006a5 reqid 1 mode transport
    replay-window 32 
    auth-trunc hmac(sha1) 0xe9a8965b5ddb4a2939f1fc06d29eb2b107ca42e3 96
    enc cbc(aes) 0x9aca454871a9f7d2468ec5df57aa4a24f9fc64ab5dc927ccaf5087d359e65433
    encap type espinudp sport 4500 dport 4500 addr 0.0.0.0
    anti-replay context: seq 0x18f, oseq 0x0, bitmap 0xffffffff
    sel src 58.93.199.252/32 dst 192.168.1.105/32 

I was wondering if it is possible to calculate auth-trunc if I know the following: encryption algorithm (AES), session's encryption key, pre-shared key (PSK), authentication algorithm (SHA-1)?

encryption
hmac
ipsec
asked on Stack Overflow Feb 1, 2020 by Simon Raily

0 Answers

Nobody has answered this question yet.


User contributions licensed under CC BY-SA 3.0