Efficient, DoS-resistant, Secure Key Exchange for Internet Protocols

Aiello, William; Bellovin, Steven Michael; Blaze, Matt; Ioannidis, John; Canetti, Ran; Keromytis, Angelos D.; Reingold, Omer

Many public-key-based key setup and key agreement protocols already exist and have been implemented for a variety of applications and environments. Several have been proposed for the IPsec protocol, and one, IKE [1], is the current standard. IKE has a number of deficiencies, the three most important being that the number of rounds is high, that it is vulnerable to denial-of-service attacks, and the complexity of its specification. (This complexity has led to interoperability problems, so much so that, several years after its initial adoption by the IETF, there are still completely non-interoperating implementations).



Also Published In

Security protocols: 9th international workshop, Cambridge, UK, April 25-27, 2001: revised papers

More About This Work

Academic Units
Computer Science
Published Here
July 12, 2012