Abstract
Internet Key Exchange (IKE) protocol helps to exchange cryptographic techniques and keying materials as prior security association (SA) between two IP hosts. Similar to the several enhancements, the present paper proposes an efficient implementation of IKE using ECC-based public-key certificate that provides required security properties with much reduction in computation complexity and communication cost. The proposed method addresses both the Phase I and Phase II of IKE, where the main mode of the former instead of six, requires four rounds of message exchange. The formats specified in ISAKMP have been used for message exchanges in our implementation, thus the cookies of initiator-responder have been used to protect attacks like DoS, parallel session etc. The security analysis of the proposed method and comparison with other techniques are given and satisfactory performance is found.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
Zhou J (2000) Further analysis of the Internet key exchange protocol. Comput Commun 23:1606–1612
Forouzan BA (2007) Cryptography and network security. Special Indian edition 2007, TMH, pp 563–588
Zhu J-m, Ma J-f (2004) An internet key exchange protocol based on public key infrastructure. J Shanghai Uni (English Ed). Article ID: 1007-6417(2004)01-0051-06
Kaufman C (2004) The internet key exchange (IKEv2) protocol. IETF draft-ietf-ipsec-ikev2-17, Sept 2004
Haddad H, Berenjkoub M, Gazor S (2004) A proposed protocol for internet key exchange (IKE). Electrical and computer engineering, Canadian conference, May 2004
Orman H (1998) The OAKLEY key determination protocol, RFC 2412
Maughan D et al (1998) Internet security association and key management protocol (ISAKMP), RFC 2408
Su M-Y, Chang J-F (2007) An efficient and secured internet key exchange protocol design. Proceedings of the fifth annual conference on communication networks and services research (CNSR’07), pp 184–192
Fereidooni H, Taheri H, Mahramian M (2009) A new authentication and key exchange protocol for insecure networks. In: Proceedings of the fifth international conference on wireless communication, networking and mobile computing (WiCom’09), pp 1–4
Nagalakshmi V, Rameshbabu I (July 2007) A protocol for internet key exchange (IKE) using public encryption key and public signature key. Int J Comput Sci Netw Secur 7(7):342–346
Nagalakshmi V, Rameshbabu I, Avadhani PS (2011) Modified protocols for internet key exchange using public encryption key and signature keys. In: Proceedings of the \(8^{\rm {th}}\) international conference on information technology: new generations 2011, pp 376–381
Ray S, Nandan R, Biswas GP (2012) ECC based IKE protocol design for internet applications, Procedia Technology, Elsevier: Proceedings of 2\(^{\rm {nd}}\) international conference on computer, communication, control and information technology (2012) C3IT 2012, Hooghly, WB, India, 25–26 Feb 2012, pp 522–529
Ray S, Biswas GP (2012) Establishment of ECC-based initial secrecy usable for IKE implementation. Lecture notes in engineering and computer science: proceedings of the world congress on engineering 2012, WCE 2012, London, UK, 4–6 July 2012, pp 530–535
Koblitz N (1987) Elliptic curve cryptosystem. J Math Comput 48(177):203–209
Miller V (1985) Use of elliptic curves in cryptography. In: Williams HC (ed) Advances in cryptology-CRYPTO 85, LNCS 218. Springer, Berlin, pp 417–426
Dang Q, Santesson S, Moriarty K, Brown D, Polk T (2010) Internet X.509 public key infrastructure: additional algorithms and identifiers for DSA and ECDSA, RFC 5758, Jan 2010
Weise J (2001) Public key infrastructure overview, Sun PSSM global security practice. Sun Blue Prints™ Online, Aug 2001
National Institute of Standards and Technology (2001) Introduction to public key technology and the federal PKI infrastructure. National Institute of Standards and Technology, 26 Feb 2001
Schaad J, Kaliski B, Housley R (2005) Additional algorithms and identifiers for RSA cryptography for use in the internet X.509 public key infrastructure certificate and certificate revocation list (CRL) profile, RFC 4055, June 2005
Diffie W, Hellman ME (1976) New directions in cryptography. IEEE Trans Inf Theory 22(6):644–654
Biswas GP (2011) Establishment of authenticated secret session keys using digital signature standard. Inf Secur J: A Glob Prosp 20(1):09–16
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2013 Springer Science+Business Media Dordrecht
About this chapter
Cite this chapter
Ray, S., Biswas, G.P. (2013). Internet Key Exchange Protocol Using ECC-Based Public Key Certificate. In: Yang, GC., Ao, Sl., Gelman, L. (eds) IAENG Transactions on Engineering Technologies. Lecture Notes in Electrical Engineering, vol 229. Springer, Dordrecht. https://doi.org/10.1007/978-94-007-6190-2_30
Download citation
DOI: https://doi.org/10.1007/978-94-007-6190-2_30
Published:
Publisher Name: Springer, Dordrecht
Print ISBN: 978-94-007-6189-6
Online ISBN: 978-94-007-6190-2
eBook Packages: EngineeringEngineering (R0)