[strongSwan] IKEv2 Auth Data Calculation

AVISHEK GANGULY aganguly14 at gmail.com
Wed Nov 21 13:22:46 CET 2012

Hi All,

I was wondering how Auth data is calculated in strongswan .
According to rfc 4306 Calculation of Auth data sent in Auth payload of
IKE_AUTH message is according to this folmula:-

Authdata = prf(prf(sharedSecret, "key Pad For Ikev2"), authInput )

authInput = (SA_INIT_MESSAGE_I/R | nonceData_of_I/R | prf(Skey_pi,

Now From initiators side:
 Initiator will calculate with SA_INIT_MESSAGE_of_Initiator,
nonceData_of_responder, idPayld_of_Initiator

On Responder side:
 Resonder upon receiving the IKE_AUTH message will calculate the Auth Data
   SA_INIT_MESSAGE of Inittiator
Responder will match the Resulting Auth Data with the received Auth Data.

But, when I try to send wrong ID payload Data and calculate the Auth Data
with that wrong ID payload Data And Send to Responder(In my case strongswan)
It should process that packet. But for Some reason It is sending the Auth
Failure message.

Whereas if the formula mentioned above is followed Then Auth Failure should
only occur in case there is a mismatch between ID payload Data and the Id
data that is used for calculating the Auth Data.

I also want to know what is the significance of ID payload Data then in
calculating Auth Data?

I am using a conformance tool for testing linux stack. Authentication
method used is Preshared Key.

Thanks for any help in advance.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20121121/b3428ff4/attachment.html>

More information about the Users mailing list