Abstract | ||
---|---|---|
IPSec provides encryption and authentication on data packets protecting them from being eavesdropped or falsified. Prior to performing IPSec functions, shared session keys must be safely and secretly established between the two communication parties, usually two security gateways. Internet Key Exchange (IKE) protocol is the most common mechanism for two security gateways to exchange key materials. However, the original IKE is too flexible, complex, and vulnerable to DoS attack. Several enhanced IKE versions have been proposed to replace the original one. In this paper, we propose a new IKE version and analyze it extensively. The latest and most related version proposed in 2004 is used to compare with our version. Simulation results have shown that our protocol is more efficient and DoS resistant than the other, in addition to possessing more security merits. |
Year | DOI | Venue |
---|---|---|
2007 | 10.1109/CNSR.2007.13 | CNSR |
Keywords | Field | DocType |
secured internet key exchange,new ike version,dos attack,security gateway,enhanced ike version,protocol design,related version,original ike,internet key exchange,ipsec function,security merit,dos resistant,information security,computer science,internet,cryptographic protocols,denial of service,public key cryptography,data security,ip security,authentication,data engineering | Internet Key Exchange,IPsec,Cryptographic protocol,Computer science,Computer security,Computer network,Internet Security Association and Key Management Protocol,Internetworking,Kerberized Internet Negotiation of Keys,AuthIP,Public-key cryptography | Conference |
ISBN | Citations | PageRank |
0-7695-2835-X | 2 | 0.38 |
References | Authors | |
12 | 2 |
Name | Order | Citations | PageRank |
---|---|---|---|
Ming-Yang Su | 1 | 362 | 22.26 |
Jia-Feng Chang | 2 | 2 | 0.38 |