Internet Security Protocols

  • Walter Fumy
Part of the Lecture Notes in Computer Science book series (LNCS, volume 1528)


This article describes various efforts to address security in three areas of the Internet protocol suite: the Internet Protocol itself (IPsec), the domain between transport and application layer (the Secure Sockets Layer and the Transport Layer Security protocols) and security extensions for the HyperText Transfer Protocol (S-HTTP). For each area the current technology, relevant standardization activities and likely future developments are discussed. In addition, a brief introduction to the Internet standardization process is given.


Transmission Control Protocol Internet Protocol Block Cipher Security Protocol Message Authentication Code 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. [BCK96]
    Bellare, M.; Canetti, R.; Krawczyk, H.: “Keying Hash Functions for Message Authentication”, Proceedings of Crypto’96, Springer LNCS 1109 (1996), 1–15.Google Scholar
  2. [Bel89]
    Bellovin, S.M.; “Security Problems in the TCP/IP Protocol Suite”, ACM Computer Communications Review, Vol. 19, No. 2, March 1989.Google Scholar
  3. [DA97]
    Dierks, T.; Allen, C.: “The TLS Protocol-Version 1.0”, Internet-Draft, November 1997.Google Scholar
  4. DBP96]
    Dobbertin, H.; Bosselaers, A.; Preneel, B.: “RIPEMD-160: A Strengthened Version of RIPEMD”, Fast Software Encryption, Springer LNCS 1039 (1996), 71–82.Google Scholar
  5. [FIPS180-1]
    NIST FIPS PUB 180-1: Secure Hash Standard, April 1995.Google Scholar
  6. [FIPS186]
    NIST FIPS PUB 186: Digital Signature Standard, May 1994.Google Scholar
  7. [FIPS46-1]
    NIST FIPS PUB 46-1: Data Encryption Standard, reaffirmed January 1988 (supersedes FIPS PUB 46, 1977).Google Scholar
  8. [FKK96]
    Freier, A. O.; Karlton, P.; Kocher, P. C.: “The SSL 3.0 Protocol”, Internet-Draft, November 1996.Google Scholar
  9. [Fum98]
    Fumy, W.: “Key Management Techniques“, this volume, 143–164.Google Scholar
  10. [ISO10116]
    ISO/IEC 10116: Modes of operation for an n-bit block cipher algorithm, 2nd ed. 1997.Google Scholar
  11. [ISO11577]
    ISO/IEC 11577: Network Layer Security Protocol, 1995.Google Scholar
  12. [JMLW93]
    Johnson, D. B.; Matyas, S. M.; Le, A.; Wilkins, J.: “Design of the Commercial Data Masking Facility Data Privacy Algorithm”, Proceedings 1st ACM Conference on Computer & Communications Security, November 1993, Fairfax, VA., 93–96.Google Scholar
  13. [KA98a]
    Kent, S.; Atkinson, R.: “Security Architecture for the Internet Protocol”, Internet-Draft, February 1998.Google Scholar
  14. [KA98b]
    Kent, S.; Atkinson, R.: “IP Authentication Header”, Internet-Draft, February 1998.Google Scholar
  15. [KA98c]
    Kent, S.; Atkinson, R.: “IP Encapsulating Security Payload (ESP)”, Internet-Draft, February 1998.Google Scholar
  16. [KP98]
    Keromytis, A. D.; Provos, N.: “The Use of HMAC-RIPEMD-160-96 within ESP and AH“, Internet-Draft, February 1998.Google Scholar
  17. [KR95]
    Kaliski, B.; Robshaw, M.: “Message authentication with MD5”, CryptoBytes, vol. 1 no. 1, Spring 1995.Google Scholar
  18. [KR96]
    Kilian, J.; Rogaway, P.: “How to Protect DES Against Exhaustive Key Search”, Proceedings of Crypto’96, Springer LNCS 1109 (1996), 252–267.Google Scholar
  19. [MD98]
    Madson, C.; Doraswamy, N.: “The ESP DES-CBC Cipher Algorithm With Explicit IV”, Internet-Draft, February 1998.Google Scholar
  20. [MG98a]
    Madson, C.; Glenn, R.: “The Use of HMAC-MD5-96 within ESP and AH”, Internet-Draft, February 1998.Google Scholar
  21. [MG98b]
    Madson, C.; Glenn, R.: “The Use of HMAC-SHA-1-96 within ESP and AH”, Internet-Draft, February 1998.Google Scholar
  22. [MSST97]
    Maughan, D.; Schertler, M.; Schneider, M.; Turner, J.: “Internet Security Association and Key Management Protocol (ISAKMP)”, Internet-Draft, July 1997.Google Scholar
  23. [Orm96]
    Orman, H. K.: “The Oakley Key Determination Protocol”, Internet-Draft, May 1996.Google Scholar
  24. [PKCS1]
    RSA Laboratories: “PKCS #1: RSA Encryption Standard”, version 1.5, November 1993.Google Scholar
  25. [PKCS7]
    RSA Laboratories: “PKCS #7: RSA Cryptographic Message Syntax Standard”, version 1.5, November 1993.Google Scholar
  26. [PV96]
    Preneel, B.; van Oorschot, P.: “On the Security of two MAC Algorithms”, Proceedings of Eurocrypt’96, Springer LNCS 1070 (1996), 19–32.Google Scholar
  27. [RFC1108]
    Kent, S., “US DoD Security Options for the Internet Protocol”, RFC 1108 (H), November 1991.Google Scholar
  28. [RFC1319]
    Kaliski, B.: “The MD2 Message-Digest Algorithm”, RFC1319 (I), April 1992.Google Scholar
  29. [RFC1321]
    Rivest, R.: “The MD5 Message-Digest Algorithm”, RFC1321 (I), April 1992.Google Scholar
  30. [RFC1446]
    Galvin, J.; McCloghrie, K.: “Security Protocols for version 2 of the Simple Network Management Protocol (SNMPv2)”, RFC 1446 (PS), April 1993.Google Scholar
  31. [RFC1510]
    Kohl, J.; Neuman, B.: “The Kerberos Network Authentication Service (V5)”, RFC 1510 (PS), September 1993.Google Scholar
  32. [RFC1825]
    Atkinson, R.: “Security Architecture for the Internet Protocol”, RFC 1825 (PS), August 1995.Google Scholar
  33. [RFC1826]
    Atkinson, R.: “IP Authentication Header”, RFC 1826 (PS), August 1995.Google Scholar
  34. [RFC1827]
    Atkinson, R.: “IP Encapsulating Security Payload (ESP)”, RFC 1827 (PS), August 1995.Google Scholar
  35. [RFC1828]
    Metzger, P.; Simpson, W.: “IP Authentication using Keyed MD5”, RFC 1828 (PS), August 1995.Google Scholar
  36. [RFC1829]
    Karn, P., Metzger, P., Simpson, W.: “The ESP DES-CBC Transform”, RFC 1829 (PS), August 1995.Google Scholar
  37. [RFC1851]
    Karn, P.; Metzger, P.; Simpson, W.: “The ESP Triple DES Transform”, RFC 1851 (E), September 1995.Google Scholar
  38. [RFC1883]
    Deering, S.; Hinden, R.: “Internet Protocol version 6 (IPv6) Specification”, RFC 1883 (PS), December 1995.Google Scholar
  39. [RFC2068]
    Fielding, R.; Gettys, J.; Mogul, J.; Frystyk, H.; Berners-Lee, T.: “Hypertext Transfer Protocol-HTTP/1.1”, RFC 2068 (PS), January 1997.Google Scholar
  40. [RFC2084]
    Bossert, G.; Cooper, S.; Drummond, W.: “Considerations for Web Transaction Security”, RFC 2084 (I), January 1997.Google Scholar
  41. [RFC2104]
    Krawczyk, H., Bellare, M., Canetti, R.: “HMAC: Keyed-Hashing for Message Authentication”, RFC 2104 (I), February 1997.Google Scholar
  42. [RFC2144]
    Adams, C.: “The CAST-128 Encryption Algorithm”, RFC 2144 (I), May 1977.Google Scholar
  43. [RFC2202]
    Cheng, P.; Glenn, R.: “Test Cases for HMAC-MD5 and HMAC-SHA-1”, RFC 2202 (I), March 1997.Google Scholar
  44. [RS96]
    Rescorla, E.; Schiffman, A.: “The Secure HyperText Transfer Protocol”, Internet-Draft, July 1996.Google Scholar
  45. [SDNS]
    Secure Data Network System: “Security Protocol 3-SP3”, Document SDN.301, Revision 1.5, 15 May 1989.Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 1998

Authors and Affiliations

  • Walter Fumy
    • 1
  1. 1.Siemens AG, Corporate Technology - Information and CommunicationsMunichGermany

Personalised recommendations