What are the distinctions between a Phase 1 and a Phase 2 Security Association?

What the Security Associations protect:

• Phase 1 Security Associations are used to protect IKE messages that are exchanged between two IKE peers, or security endpoints.

• Phase 2 Security Associations are used to protect IP traffic, as specified by the security policy for a specific type of traffic, between two data endpoints.

The attributes of the Security Associations:

• The phase 1 Security Association can specify only a single IP address for the security endpoints, while the phase 2 Security Association can specify a contiguous range or subnet as the data endpoint.

• The phase 1 Security Association must specify an encryption method, while encryption is optional for the phase 2 Security Association. An authentication method must be specified for both the phase 1 and phase 2 Security Association.

The specific IP security policy statements that apply to each phase:

• The KeyExchangeOffer statement applies to phase 1.

• The IpDataOffer statement applies to phase 2.

The phase 1 Security Association contains the following information: v The key that is used to encrypt IKE messages v The key that is used to authenticate IKE messages v Keying material used to generate keys produced during phase 2 v The security endpoints (single IP addresses) v The type of protection that is required (authentication and encryption) v How often the keys should be renewed v A Security Parameter Index (SPI) value, which is used together with the remote security endpoint IP address to uniquely identify the Security Association v The Diffie-Hellman group, which is an attribute of the public key cryptography algorithm

The Phase 2 Security Association contains the following information:

The keys that are used to encrypt, if encryption is being used The keys that are used to authenticate v The data endpoints, either a single IP address or range of IP addresses v The protocol of the traffic to be protected, either a single protocol or all protocols v The ports of the traffic to be protected, either a single port, a range of ports if the IKEv2 protocol is used to negotiate the phase 2 Security Association, or all ports v The IPSec protocol that is used to protect the data: AH or ESP, or both if the IKEv1 protocol is used for the negotiation v The type of authentication algorithm to be used v The type of encryption algorithm to be used, if encryption is being used v How to build the IPSec packets (tunnel, transport, UDP-encapsulated tunnel, or UDP-encapsulated transport) v How often the keys should be refreshed, if the IKEv1 protocol is used for the negotiation v A security parameter index (SPI) value, used together with the remote security endpoint IP address to uniquely identify the Security Association v The Diffie-Hellman group for perfect forward secrecy (PFS)