Opportunistic Encryption using IKE December 2005

نویسنده

M. Richardson

چکیده

This document describes opportunistic encryption (OE) as designed and implemented by the Linux FreeS/WAN project. OE uses the Internet Key Exchange (IKE) and IPsec protocols. The objective is to allow encryption for secure communication without any pre-arrangement specific to the pair of systems involved. DNS is used to distribute the public keys of each system involved. This is resistant to passive attacks. The use of DNS Security (DNSSEC) secures this system against active attackers as well.

برای دانلود رایگان متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Identity-Based Hierarchical Key-Insulated Encryption Without Random Oracles

Key-insulated encryption is one of the effective solutions to a key exposure problem. Recently, identity-based encryption (IBE) has been used as one of fundamental cryptographic primitives in a wide range of various applications, and it is considered that the identity-based keyinsulated security has a huge influence on the resulting applications. At Asiacrypt’05, Hanaoka et al. proposed an iden...

متن کامل

Weaknesses of the Boyd-Mao Deniable Authenticated key Establishment for Internet Protocols

In 2003, Boyd and Mao proposed two deniable authenticated key establishment protocols using elliptic curve pairings for Internet protocols, one is based on Diffie-Hellman key exchange and the other is based on Public-Key Encryption approach. For the use of elliptic curve pairings, they declared that their schemes could be more efficient than the existing Internet Key Exchange (IKE), nowadays. H...

متن کامل

Enabling Intrusion Detection in Ipsec Protected Ipv6 Networks through Secret-key Sharing Thesis

As the Internet Protocol version 6 (IPv6) implementation becomes more widespread, the IP Security (IPSec) features embedded into the next-generation protocol will become more accessible than ever. Though the network-layer encryption provided by IPSec is a boon to data security, its use renders standard network intrusion detection systems (NIDS) useless. The problem of performing intrusion detec...

متن کامل

IPSECvalidate: A Tool to Validate IPSEC Configurations

This paper describes a tool for validating the proper configuration of the IPSEC protocol suite including IKE. The tool validates that two hosts are able to communicate (normal ping functionality) and that this communication is occurring using the proper authentication/encryption transformations as required by IPSEC. IPSEC configuration is very complex, and administrators are often unable to de...

متن کامل

IPSECvalidate { A Tool to Validate IPSEC Con gurations IPSECvalidate { A Tool to Validate IPSEC Con gurations

This paper describes a tool for validating the proper con guration of the IPSEC protocol suite including IKE. The tool validates that two hosts are able to communicate (normal ping functionality) and that this communication is occurring using the proper authentication/encryption transformations as required by IPSEC. IPSEC con guration is very complex, and administrators are often unable to dete...

متن کامل

ذخیره در منابع من

ذخیره در منابع من قبلا به منابع من ذحیره شده

{@ msg_add @}

با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

عنوان ژورنال:

دوره شماره

صفحات -

تاریخ انتشار 2005

Opportunistic Encryption using IKE December 2005

نویسنده

چکیده

منابع مشابه

Identity-Based Hierarchical Key-Insulated Encryption Without Random Oracles

Weaknesses of the Boyd-Mao Deniable Authenticated key Establishment for Internet Protocols

Enabling Intrusion Detection in Ipsec Protected Ipv6 Networks through Secret-key Sharing Thesis

IPSECvalidate: A Tool to Validate IPSEC Configurations

IPSECvalidate { A Tool to Validate IPSEC Con gurations IPSECvalidate { A Tool to Validate IPSEC Con gurations

عنوان ژورنال:

اشتراک گذاری