Comparative evaluation of successor protocols to Internet key exchange (IKE)

Author

HADDAD, Hossein ; MIRMOHAMADI, Hadi

Author_Institution

Autom. & Instrum. Dept., Mobarakeh Steel Co., Isfahan, Iran

fYear

2005

fDate

10-12 Aug. 2005

Firstpage

692

Lastpage

696

Abstract

IP security (IPSec) is a suite of protocols that integrate security into IP and provide services that are data source authentication, data integrity, confidentiality, protection against replay attack, data privacy, access control, and end-to-end security for IP packets. In order to realize security services is to be established shared key between source and destination. Internet key exchange (IKE) provides this requirement. IKE manages keys securely after source and destination have agreed upon and it exchanges the keys in an authenticated way. IKE has some deficiencies. To solve these problems, some successors have been presented for IKE including IKEv2, SIGMA, and JFK. In this paper, at first it is introduced the original version of IKE and its successors. Then these protocols are comparatively evaluated.

Keywords

IP networks; Internet; authorisation; cryptography; data integrity; data privacy; message authentication; protocols; telecommunication security; IKEv2; IP security; IPSec; Internet key exchange; JFK; SIGMA; access control; data integrity; data privacy; data source authentication; successor protocols; Access control; Access protocols; Authentication; Cryptographic protocols; Cryptography; Data privacy; Data security; Global communication; Internet; Protection;

fLanguage

English

Publisher

ieee

Conference_Titel

Industrial Informatics, 2005. INDIN '05. 2005 3rd IEEE International Conference on

Print_ISBN

0-7803-9094-6

Type

conf

DOI

10.1109/INDIN.2005.1560459

Filename

1560459