A proposal for DoS-defensive internet key exchange

Authors:
MyungSik Choi;DongJin Kwak;SangJae Moon
Affiliations:
Telecommunication Network Division, Samsung Electronics Co., Ltd., Korea;Mobile Network Security Technology Research Center, Kyungpook National University, Daegu, Korea;Mobile Network Security Technology Research Center, Kyungpook National University, Daegu, Korea
Venue:
ICCSA'03 Proceedings of the 2003 international conference on Computational science and its applications: PartII
Year:
2003

Citing 4
Cited 0

Stateless connections

ICICS '97 Proceedings of the First International Conference on Information and Communication Security
Pricing via Processing or Combatting Junk Mail

CRYPTO '92 Proceedings of the 12th Annual International Cryptology Conference on Advances in Cryptology
Towards Network Denial of Service Resistant Protocols

Proceedings of the IFIP TC11 Fifteenth Annual Working Conference on Information Security for Global Information Infrastructures
Inferring internet denial-of-service activity

SSYM'01 Proceedings of the 10th conference on USENIX Security Symposium - Volume 10

Quantified Score

Hi-index	0.00

Visualization

Abstract

A variety of DoS attacks are incapacitating the Net infrastructures. IKEs can be easily targeted by these attacks because they force to process heavy computations, and an IKE is the beginning handshake procedure for secure communications. This paper analyzes existing DoS resistant protocols that have several inappropriateness to apply an IKE and points out DoS vulnerability of three IKE candidates. It proposes a new DoS defensive IKE against CPU and memory exhaustion DoS attacks. Moreover, the proposed IKE enhances a capacity of the responder that may be a heavily loaded web-server or a mobile device.