Authentication and authenticated key exchanges
Designs, Codes and Cryptography
The KryptoKnight family of light-weight protocols for authentication and key distribution
IEEE/ACM Transactions on Networking (TON)
A security architecture for the Internet protocol
IBM Systems Journal
A method for obtaining digital signatures and public-key cryptosystems
Communications of the ACM
Handbook of Applied Cryptography
Handbook of Applied Cryptography
SKEME: a versatile secure key exchange mechanism for Internet
SNDSS '96 Proceedings of the 1996 Symposium on Network and Distributed System Security (SNDSS '96)
Pseudorandom functions revisited: the cascade construction and its concrete security
FOCS '96 Proceedings of the 37th Annual Symposium on Foundations of Computer Science
Design and implementation of modular key management protocol and IP secure tunnel on AIX
SSYM'95 Proceedings of the 5th conference on USENIX UNIX Security Symposium - Volume 5
Deniable authenticated key establishment for internet protocols
Proceedings of the 11th international conference on Security Protocols
Hi-index | 0.00 |
In this paper we present the design, rationale, and implementation of the Internet Key Exchange (IKE) Protocol. This protocol is used to create and maintain Internet Protocol Security (IPSec) associations and secure tunnels in the IP layer. Secure tunnels are used to construct virtual private networks (VPNs) over the Internet. The implementation is done in the application layer. The design includes four components: (1) an IKE protocol engine to execute the IKE protocol, (2) a tunnel manager to create and manage secure tunnels--it generates requests to the IKE protocol engine to establish security associations, (3) VPN policy administration tools to manage VPN policies that guide the actions of the IKE protocol engine and the tunnel manager, and (4) a certificate proxy server to acquire and verify public key certificates that are used for authentication of messages and identities in the IKE protocol. The implementation was done on the Advanced Interactive Executive® (AIX®) operating system at IBM Research and has been transferred to IBM's AIX, Application System/400®, and System/390® products.