Title :
T-NATPT - A novel proposal for NAT-PT/IPSec traversing
Author :
Yin, Lu ; Jin, Shi ; Qifeng, Yu ; Li, Xie
Author_Institution :
State Key Lab. for Novel Software Technol., Nanjing Univ., Nanjing
Abstract :
During the IPv6/v4 transition, we are faced with the challenge to ensure the security of interconnections between heterogeneous IP nodes or networks. Unfortunately, the IPSec can not be applied in NAT-PT environment due to the conflict lies between their intrinsic functionalities. In this paper, we propose a novel solution, namely T-NATPT, for ensuring the effective and efficient NAT-PT/IPSec traversal. Inspired by existing NAT-traversal solution, we adopt a UDP-ESP-encapsulated traversing way and improve the process of IKE negotiation accordingly. Two novel schemes for interconnection between different IP protocol domains to support both transport and tunnel modes are also introduced in our solution. Experimental results show that our proposal is feasible, and its performance is efficient to meet general requirements in practice.
Keywords :
IP networks; transport protocols; IKE negotiation; IP protocol; IPv6-v4 transition; NAT-PT-IPSec traversing; NAT-traversal solution; T-NATPT; UDP-ESP-encapsulated traversing; heterogeneous IP nodes; Costs; Cryptography; Encapsulation; IP networks; Laboratories; Network address translation; Payloads; Proposals; Transport protocols; Tunneling; IPSec; IPv6 transition; NAT-PT; Secure tunneling;
Conference_Titel :
Anti-counterfeiting, Security and Identification, 2008. ASID 2008. 2nd International Conference on
Conference_Location :
Guiyang
Print_ISBN :
978-1-4244-2584-6
Electronic_ISBN :
978-1-4244-2585-3
DOI :
10.1109/IWASID.2008.4688358
