Efficient, DoS-resistant, Secure Key Exchange for Internet Protocols
Many public-key-based key setup and key agreement protocols already exist and have been implemented for a variety of applications and environments. Several have been proposed for the IPsec protocol, and one, IKE , is the current standard. IKE has a number of deficiencies, the three most important being that the number of rounds is high, that it is vulnerable to denial-of-service attacks, and the complexity of its specification. (This complexity has led to interoperability problems, so much so that, several years after its initial adoption by the IETF, there are still completely non-interoperating implementations).
- SecureKeyExchange.pdf application/pdf 162 KB Download File
Also Published In
- Security protocols: 9th international workshop, Cambridge, UK, April 25-27, 2001: revised papers