|
|||||
|
|
| IKE协议中基于预共享密钥验证的主模式研究 | |
| 引用本文: | 张琳,王汝传,张永平.IKE协议中基于预共享密钥验证的主模式研究[J].南京邮电大学学报(自然科学版),2007,27(5):50-55. |
| 作者姓名: | 张琳 王汝传 张永平 |
| 作者单位: | 1. 南京邮电大学,计算机学院,江苏,南京,210003 2. 南京邮电大学,计算机学院,江苏,南京,210003;南京大学,计算机软件新技术国家重点实验室,江苏,南京,210093 3. 中国矿业大学,计算机科学与技术学院,江苏,徐州,221008 |
| 基金项目: | 国家自然科学基金,江苏省自然科学基金,江苏省高技术研究发展计划项目,国家高技术研究发展计划(863计划),江苏省南京市高科技项目,国家重点实验室基金,江苏省重点实验室基金,江苏省高校自然科学基金 |
| 摘 要: | IKE协议已成为因特网上最具应用前景的密钥交换协议.简要介绍IKE的工作机制之后,对其消息交换的全过程给出了安全性分析.针对现有协议存在的不足,对基于预共享密钥验证的主模式交换过程给出了新的改进模型,提出了身份散列载荷的概念以及进行两次认证的思想,保护了预共享密钥的安全,进而也增强了抵御中间人攻击和DoS攻击的能力.最后,结合freeS/WAN源代码,修改和增加了相应的函数,将改进思想融入其中. |
| 关 键 词: | 预共享密钥 主模式 |
| 文章编号: | 1673-5439(2007)05-0050-06 |
| 收稿时间: | 2006-11-15 |
| 修稿时间: | 2007-03-12 |
Research of Main Mode with a Pre-Shared Key in IKE Protocol |
|
| ZHANG Lin,WANG Ru-chuan,ZHANG Yong-ping.Research of Main Mode with a Pre-Shared Key in IKE Protocol[J].Journal of Nanjing University of Posts and Telecommunications,2007,27(5):50-55. | |
| Authors: | ZHANG Lin WANG Ru-chuan ZHANG Yong-ping |
| Institution: | 1.College of Computer,Nanjing University of Posts and Telecommunications,Nanjing 210003,China;2.State Key Laboratory for Novel Software Technology,Nanjing University,Nanjing 210093,China;3.College of Computer Science and Technology,China University of Mining and Technology,Xuzhou 221008,China |
| Abstract: | IKE becomes the most significant protocol of the key exchange in Internet.Following an introduction to the mechanism of IKE,the security of the whole message-exchanging process is analyzed.Considering the existing deficiency of IKE,a new improved model is presented in the main mode with a pre-shared key in order to protect the security of the pre-shared key and resist the attacks of man-in-the-middle and DoS.Meanwhile,the concept of identity-hashing payload and the idea of adopting twice authentication are provided. Finally,based on the open code of freeS/WAN,the paper modifies and adds some appropriate functions to put the idea into improvement. |
| Keywords: | IKE |
| 本文献已被 维普 万方数据 等数据库收录! | |