Initial session key generation – Brocade Communications Systems ServerIron ADX 12.4.00 User Manual
Page 69
ServerIron ADX Global Server Load Balancing Guide
57
53-1002437-01
Secure GSLB
1
•
Peer authentication — Each network device must be authenticated before it can connect to the
GSLB network. This check ensures that any peer a GSLB device communicates with is the
legitimate peer. Peer authentication is provided by using the Rivest-Shamir-Adleman (RSA)
public key technology. The key length is 1024 bits.
•
Data Encryption — Converts plaintext into cipher text (encrypted data). Only the designated
receiver can decrypt and retrieve the information. Encryption of the GSLB protocol message
data will deny unauthorized access to the GSLB protocol data. All GSLB protocol messages
between the controller and site ServerIron ADX are encrypted using the Blowfish Cipher Block
Chaining (CBC) algorithm. The key length is 256 bits (standard 16 rounds).
•
Data integrity — Reassures the recipient the message has not been altered after it was
generated and transmitted by a legitimate source. Data integrity is ensured by using Hashed
Message Authentication Codes (HMAC) with SHA1. The key length is 20 bytes. The digest
length is 20 bytes.
A MAC is included with each GSLB protocol packet. The MAC is computed using the
authentication key, packet sequence number, and the contents of the packet:
mac = MAC(key, sequence-number || unencrypted-packet)
The unencrypted packet refers to the entire packet without a MAC. The sequence number is a
32-bit implicit packet sequence number. This number is initialized to zero for the first packet,
and it is incremented for every GSLB protocol packet sent thereafter.
The message authentication key is negotiated during authentication phase as described in the
section
“Initial session key generation”
•
Data authentication — Guarantees that the sender of the data is the legitimate peer. An
authentication-session key is used to perform a hash between the peers that have already
been authenticated. Only the two peers can generate the hash based on the key.
Each MAC hash is generated using the negotiated authentication key. This key is shared
between the two peers. Therefore, a message received with the correct MAC hash
authenticates the peer because only the sender and the receiver have knowledge of the
authentication key.
•
Protection — Against replay and "man-in-the-middle" attacks.
•
Dynamic session key generation — Makes it difficult for an intruder to decipher session keys,
by regenerating keys periodically or randomly.
Initial session key generation
Once the initial authentication is completed, the GSLB controller generates two session keys:
•
Encryption key
•
Authentication key
These keys are randomly generated. The secure random generator from the RSA toolkit is used for
random number generation.
When the GSLB controller sends the session keys to the site, the keys are first encrypted with the
local private key followed by public key of the peer. An SHA-1 digest of the keys is also attached to
the message. In effect, both authentication and integrity are provided.
On receiving these encrypted passwords from the GSLB controller, the site ServerIron ADX decrypts
the encryption key and authentication key using its private key and peer public key and verifies the
SHA-1 hash is same as received. RSA decryption technology is used for this purpose.