摘要: 分析并指出了因特网密钥交换协议的安全漏洞和设计缺陷,提出了一种安全高效的密钥交换协议。对比现有的几种密钥交换协议,改进的协议具有更好的安全性、抗DoS攻击能力、较少的密钥交换时间和消息数。
关键词:
因特网密钥交换,
安全联盟,
拒绝服务攻击,
阶段,
模式
Abstract: This paper gives an analysis of Internet key exchange (IKE) protocol and identifies its security holes and design weaknesses and proposes an efficient and improved secure key exchange protocol. Compared with existing key exchange protocol, the proposed protocol is more secure, robust to DoS attacks and has less key exchange time and messages.
Key words:
Internet key exchange (IKE),
security association(SA),
denial of service attack,
phase,
mode
中图分类号:
袁志勇;熊惠林;陈绵云. IKE协议的研究与改进[J]. 计算机工程, 2007, 33(17): 153-155,.
YUAN Zhi-yong; XIONG Hui-lin; CHEN Mian-yun. Research and Improvement of Internet Key Exchange Protocol[J]. Computer Engineering, 2007, 33(17): 153-155,.