摘要： IKE协议的复杂性和安全性一直备受关注，文献[1]对IKE协议交换过程进行了简化，该文对简化后的IKE协议进行了安全性分析，并针对拒绝服务攻击DOS和中间人攻击的身份泄露，提出了改进建议。测试表明，该文提出的方法是可行的、有效的，大大降低了攻击的影响。

关键词: IPSec, IKE, 密钥交换, 安全性

Abstract: The complexity and security of IKE protocol is always paid close attention by many researchers. Reference[1] simplifies the exchange of IKE. This paper discusses the security properties of the simplified IKE and presents some suggestions to solve the problems of denial of service attack and identification leak for man-in-the-middle attack. It is proved that the design is available and feasible. It reduces the influence of attack.

Key words: IPSec, Internet Key Exchange (IKE), Key exchange, Security