End to End Ipsec Support across Ipv4/Ipv6 Translation Gateway

The presence of IPv4/IPv6 translation gateway provides transparent routing mechanism to IPv4-only nodes and IPv6-only nodes which trying to establish communication from disparate address realms. However, the mechanism breaks TCP/IP intrinsic functionalities that results in IPSec cannot be applied in this environment. The existing solutions to address the compatibility issues between translation gateway and IPSec are either to enhance the translation gateway operation or to modify IPSec architecture especially on IKE negotiation process. By realizing the fact that most of the intermediate networking devices such as translation gateway are beyond the end nodes administration, this paper discusses the existing solutions to improve IKE negotiation in order to ensure end to end IPSec interoperability across translation gateway. Inspired by this solution, this paper proposes new IKE authentication by using Address Based Keys with certificateless signature to alleviate the limitation of traditional pre-shared keys and Public Key Infrastructure (PKI).