A Survey on IPSEC Key Management Protocols
نویسنده
چکیده
Theworking group IPSEC of the Internet Engineering Task Force (IETF) is considering IP-layer key management standards. Currently several protocols have been suggested as candidates of the IP security key management standards. They are ISAKMP, Oakley, SKIP, and Photuris. SKEME is another suggestion for an IP-layer key exchange mechanism but is not a suggested Internet Draft. In this paper, we present a survey of these protocols and a comparison among them. A brief analysis on these protocols is also included. The potential threats to these protocols and problems in implementation are also described. We suggest resolutions for these problems.
منابع مشابه
C-ISCAP(Controlled Internet Secure Connectivity Assurance Platform) : Design, Implementation and Evaluation
IPsec has now become a standard information security technology throughout the Internet society. It provides a well-defined architecture which takes into account confidentiality, authentication, integrity, secure key exchange and protection mechanism against replay attack also. For the connectionless security services on packet basis, IETF IPsec Working Group has standardized two extension head...
متن کاملSecurity at the Internet Layer
43 I nternet Protocol, version 6, was conceived with two main goals: increase address space and improve security, relative to IPv4. 1 The community achieved the first goal by increasing the IP address length from 32 bits to 128 bits. To meet the second goal, the Internet Engineering Task Force chartered the IP Security Working Group to design a security architecture and corresponding protocols ...
متن کاملBehavioral and Performance Characteristics of IPsec/IKE in Large-Scale VPNs
Cryptographic network security services are essential for providing secure data communication over an insecure public network such as the Internet. Recently there has been tremendous growth in the requirements for, and use of, secure virtual private networks (VPNs) to interconnect enterprises with business partners, traveling staff, and remote office locations. Internet Protocol Security (IPsec...
متن کاملTowards a policy system for IPsec: issues and an experimental implementation
IPsec, the standard suite of protocols to provide security in IP networks, and IKE, the commonly used key management protocol for IPsec, do not address the more general problem of how security policies should be distributed to IPsec nodes. Recent IETF work in the area of network security provides a definition of the basic requirements of an IP Security Policy System (IPSP) and a proposal of a S...
متن کاملFormal Proofs of Cryptographic Security of Diffie-Hellman-Based Protocols
We present axioms and inference rules for reasoning about Diffie-Hellman-based key exchange protocols and use these rules to prove authentication and secrecy properties of two important protocol standards, the Diffie-Hellman variant of Kerberos, and IKEv2, the revised standard key management protocol for IPSEC. The new proof system is sound for an accepted semantics used in cryptographic studie...
متن کامل