• DocumentCode
    2144100
  • Title

    A Proposal to Improve IKEv2 negotiation

  • Author

    Iso-Anttila, Lari ; Ylinen, Jorma ; Loula, Pekka

  • Author_Institution
    Tampere Univ. of Technol., Tampere
  • fYear
    2007
  • fDate
    14-20 Oct. 2007
  • Firstpage
    169
  • Lastpage
    174
  • Abstract
    IKEv2 is a new key exchange protocol in the IPsec network and IKEv2 includes a method to detect when it is under denial-of-service (DoS) attack. In case IKEv2 is not under DoS attack it can use initial exchange, but when IKEv2 is under DoS attack cookie negotiation may be used. Cookie negotiation adds an extra round trip to the initial exchange, and protection that is easy to pass by. The resistance to DoS attacks is actually weaker in IKEv2 than in JFK or full-SIGMA in different networks. This paper presents improved cookie negotiation to remedy this weakness. The proposed cookie negotiation delays the responder´s calculation work to the last second and computational load is kept as low as possible.
  • Keywords
    IP networks; cryptographic protocols; security of data; telecommunication security; IPsec network; cookie negotiation; denial-of-service attack; key exchange protocol; Authentication; Computer crime; Cryptographic protocols; DH-HEMTs; Delay; Information security; Internet; Proposals; Protection; Virtual private networks;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Emerging Security Information, Systems, and Technologies, 2007. SecureWare 2007. The International Conference on
  • Conference_Location
    Valencia
  • Print_ISBN
    978-0-7695-2989-9
  • Type

    conf

  • DOI
    10.1109/SECUREWARE.2007.4385329
  • Filename
    4385329
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=2144100