03/26/2020 27 People found this article helpful 455,362 Views
Information on IPSec configurations using ESP in Tunnel Mode
Problem Definition:
Weaknesses in certain IPSec configurations using ESP (Encapsulating Security Payload) in Tunnel Mode have been identified where an attacker may effect a controlled change on the header of the inner (encrypted/encapsulated) packet by exploiting a well-known bit-flipping weakness of CBC (Cipher Block Chaining) modes of encryption such as DES, DES3, and AES. This weakness only exists when authentication is not used in the ESP configuration.
Details can be found at: http://www.cpni.gov.uk/docs/re-20050509-00385.pdf?lang=en
Resolution or Workaround:
The identified weaknesses only exist when ESP is configured to use encryption (confidentiality) only without authentication (integrity). The solution is:
Configure ESP to use both Encryption and Authentication.
SonicWall's Phase I IPSec configuration requires the selection of an authentication component, either SHA-1 or MD5. Phase II configurations allow SHA-1, MD5, and Null methods of authentication. To avoid the potential vulnerability described, select either SHA-1 or MD5 for Phase II authentication on all IPSEC configurations.