A Survey on IPSEC Key Management Protocols

نویسنده

  • Jong-Hyeon Lee
چکیده

Theworking group IPSEC of the Internet Engineering Task Force (IETF) is considering IP-layer key management standards. Currently several protocols have been suggested as candidates of the IP security key management standards. They are ISAKMP, Oakley, SKIP, and Photuris. SKEME is another suggestion for an IP-layer key exchange mechanism but is not a suggested Internet Draft. In this paper, we present a survey of these protocols and a comparison among them. A brief analysis on these protocols is also included. The potential threats to these protocols and problems in implementation are also described. We suggest resolutions for these problems.

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

C-ISCAP(Controlled Internet Secure Connectivity Assurance Platform) : Design, Implementation and Evaluation

IPsec has now become a standard information security technology throughout the Internet society. It provides a well-defined architecture which takes into account confidentiality, authentication, integrity, secure key exchange and protection mechanism against replay attack also. For the connectionless security services on packet basis, IETF IPsec Working Group has standardized two extension head...

متن کامل

Security at the Internet Layer

43 I nternet Protocol, version 6, was conceived with two main goals: increase address space and improve security, relative to IPv4. 1 The community achieved the first goal by increasing the IP address length from 32 bits to 128 bits. To meet the second goal, the Internet Engineering Task Force chartered the IP Security Working Group to design a security architecture and corresponding protocols ...

متن کامل

Behavioral and Performance Characteristics of IPsec/IKE in Large-Scale VPNs

Cryptographic network security services are essential for providing secure data communication over an insecure public network such as the Internet. Recently there has been tremendous growth in the requirements for, and use of, secure virtual private networks (VPNs) to interconnect enterprises with business partners, traveling staff, and remote office locations. Internet Protocol Security (IPsec...

متن کامل

Towards a policy system for IPsec: issues and an experimental implementation

IPsec, the standard suite of protocols to provide security in IP networks, and IKE, the commonly used key management protocol for IPsec, do not address the more general problem of how security policies should be distributed to IPsec nodes. Recent IETF work in the area of network security provides a definition of the basic requirements of an IP Security Policy System (IPSP) and a proposal of a S...

متن کامل

Formal Proofs of Cryptographic Security of Diffie-Hellman-Based Protocols

We present axioms and inference rules for reasoning about Diffie-Hellman-based key exchange protocols and use these rules to prove authentication and secrecy properties of two important protocol standards, the Diffie-Hellman variant of Kerberos, and IKEv2, the revised standard key management protocol for IPSEC. The new proof system is sound for an accepted semantics used in cryptographic studie...

متن کامل

ذخیره در منابع من


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

عنوان ژورنال:

دوره   شماره 

صفحات  -

تاریخ انتشار 1997