Enhancing the IKE preshared key authentication method

Autor: Raed M. Bani-Hani, Gordon K. Springer
Rok vydání: 2018
Předmět:
DOI: 10.32469/10355/4406
Popis: Over the past decade, the Internet has grown from a small, restricted network to a big, global network connecting people and organizations all over the world. People are using the Internet for on-line banking, e-commerce, and private communications. Furthermore, large organizations are using the Internet to provide many services to its users and to exchange sensitive data with other businesses and organizations. With the growing amount of sensitive and valuable amount of information that is transferred across the Internet continuously, protection from unauthorized access has become a major concern. It is necessary to secure information exchanged against security threats such as loss of privacy, loss of data integrity, or identity theft. This necessity leads to the design of security protocols. One of the modern security protocols is the IP security (IPsec) protocol. Actually, it is a set of protocols and standards that provides the security services of data confidentiality, integrity, and authenticity for an Internet User. IPsec depends on another protocol to establish shared keys before it can apply any security service. This protocol is called the Internet Key Exchange (IKE) protocol. In addition to generating and maintaining shared secrets, IKE is responsible for authenticating the parties that would like to use the IPsec services. One of authentication methods is the preshared key authentication method. In this dissertation, we explain this method, show how the keys negotiated through this method can be compromised, and propose an improvement to make the method more secure.
Databáze: OpenAIRE
Externí odkaz: