Browse Prior Art Database

Function to Analyze Internet Key Exchange (IKE) Messages

IP.com Disclosure Number: IPCOM000123928D
Original Publication Date: 1999-Jul-01
Included in the Prior Art Database: 2005-Apr-05
Document File: 2 page(s) / 62K

Publishing Venue

IBM

Related People

Genty, DM: AUTHOR [+2]

Abstract

Disclosed is a software function that analyzes IP Security's IKE protocol messages. This function parses the IKE message packets and displays human readable text for each data portion of the packet (payload).

This text was extracted from an ASCII text file.
This is the abbreviated version, containing approximately 54% of the total text.

Function to Analyze Internet Key Exchange (IKE) Messages

   Disclosed is a  software function that analyzes IP
Security's IKE protocol messages.  This function parses the IKE
message packets and displays human readable text for each data
portion of the packet (payload).

   IKE is a protocol which is used for automatic key exchange
purposes, which is technology to enhance the security of the
internet.  The IKE protocol offers secure key negotiation and key
refreshment based on IETF standards.  IKE is a complex, two-step
negotiation process, and this disclosure aids in determining the
data in the IKE messages.

   For different types of message payloads (there are about
12 types) the function displays message information unique to the
type of message.  The contents of the IKE messages which are sent to
the remote communicating peer will be parsed and written in a log
file.  The value of the 'Next Payload' field in the header indicates
the type of the payload following the ISAKMP
header/payload.   A value of zero implies that the payload is the
last payload in the ISAKMP packet, therefore the function stops
parsing.

   Each type of payload has a different set of values.   For
each message the ISAKMP message header data is logged.  Next, the
data payloads are logged.  The example below shows what will be
logged when the ISAKMP daemon sends/receives the IKE messages.
  ISAKMP msg header:
    Icookie : 0x79c225d9692b4f08, Rcookie : 0x0000000000000000
    Next Payload : 1(SA), Maj Ver : 1, Min Ver : 0
    Xchg Type : 4 (Aggressive), Flag= 0, Encr : No
    Msg ID  : 0x00000000
    len     : 0xe1(225)
  SA Payload:
    Next Payload...