Browse Prior Art Database

The Internet Key Exchange (IKE) (RFC2409)

IP.com Disclosure Number: IPCOM000002984D
Original Publication Date: 1998-Nov-01
Included in the Prior Art Database: 2019-Feb-11
Document File: 41 page(s) / 54K

Publishing Venue

Internet Society Requests For Comment (RFCs)

Related People

D. Harkins: AUTHOR [+1]

Related Documents

10.17487/RFC2409: DOI

Abstract

This memo describes a hybrid protocol. The purpose is to negotiate, and provide authenticated keying material for, security associations in a protected manner. [STANDARDS-TRACK]

This text was extracted from a PDF file.
This is the abbreviated version, containing approximately 4% of the total text.

Network Working Group D. Harkins Request for Comments: 2409 D. Carrel Category: Standards Track cisco Systems November 1998

The Internet Key Exchange (IKE)

Status of this Memo

This document specifies an Internet standards track protocol for the Internet community, and requests discussion and suggestions for improvements. Please refer to the current edition of the "Internet Official Protocol Standards" (STD 1) for the standardization state and status of this protocol. Distribution of this memo is unlimited.

Copyright Notice

Copyright (C) The Internet Society (1998). All Rights Reserved.

Table Of Contents

1 Abstract........................................................ 2 2 Discussion...................................................... 2 3 Terms and Definitions........................................... 3 3.1 Requirements Terminology...................................... 3 3.2 Notation...................................................... 3 3.3 Perfect Forward Secrecty...................................... 5 3.4 Security Association.......................................... 5 4 Introduction.................................................... 5 5 Exchanges....................................................... 8 5.1 Authentication with Digital Signatures........................ 10 5.2 Authentication with Public Key Encryption..................... 12 5.3 A Revised method of Authentication with Public Key Encryption. 13 5.4 Authentication with a Pre-Shared Key.......................... 16 5.5 Quick Mode.................................................... 16 5.6 New Group Mode................................................ 20 5.7 ISAKMP Informational Exchanges................................ 20 6 Oakley Groups................................................... 21 6.1 First Oakley Group............................................ 21 6.2 Second Oakley Group........................................... 22 6.3 Third Oakley Group............................................ 22 6.4 Fourth Oakley Group........................................... 23 7 Payload Explosion of Complete Exchange.......................... 23 7.1 Phase 1 with Main Mode........................................ 23 7.2 Phase 2 with Quick Mode....................................... 25 8 Perfect Forward Secrecy Example................................. 27 9 Implementation Hints............................................ 27

Harkins & Carrel Standards Track [Page 1]

RFC 2409 IKE November 1998

10 Security Considerations........................................ 28 11 IANA Considerations............................................ 30 12 Acknowledgments................................................ 31 13 References..................................................... 31 Appendix A........................................................ 33 Appendix B........................................................ 37 Authors’ Addresses................................................ 40 Authors’ Note.....

Processing...
Loading...