I created an IPSec tunnel between two VMs using StrongSwan. It relies on a Pre-Shared Key. I wonder, if this key is leaked, what could an attacker perform? Would he/she be able to decrypt previous exchanges? Could he/she perform a MITM without be detected? And more generally, what is the impact?
Some details:
- Mode Tunnel
- auth-trunc hmac(sha256)
- enc cbc(aes)
