Journal of the Korea Academia-Industrial cooperation Society (한국산학기술학회논문지)

The Korea Academia-Industrial cooperation Society (한국산학기술학회)
권호 표지
DOI QR코드

DOI QR Code

IPSec Key Recovery for IKEv2

IKEv2를 지원하는 IPSec 에서의 키 복구 설계

  • Rhee, Yoon-Jung (Dept. of Computer Science and Statistics, Jeju National University) ;
  • Kim, Chul-Soo (Dept. of Computer Science and Statistics, Jeju National University) ;
  • Lee, Bong-Gyu (Dept. of Computer Science and Statistics, Jeju National University)
  • 이윤정 (제주대학교 전산통계학과) ;
  • 김철수 (제주대학교 전산통계학과) ;
  • 이봉규 (제주대학교 전산통계학과)
  • Received : 2010.03.10
  • Accepted : 2010.04.09
  • Published : 2010.04.30
Download PDF
⟨ Previous Next ⟩

Abstract

IPSec is the security protocol that do encryption and authentication service to IP messages on network layer of the internet. This paper presents the key recovery mechanism that is applied to IKEv2 of IPSec for mobile communication environments. It results to have compatibility with IPSec and IKEv2, reduce network overhead, and perform key recovery without depending on key escrew agencies or authorized party.

본 IPSec은 인터넷의 네트워크 계층에서 IP 메시지에 대하여, 암호화 서비스와 인증 서비스를 제공하는 보안 프로토콜이다. 본 논문은 모바일 환경에서 요구되어지는 IPSec 에서의 키 복구를 위하여 IKEv2에 적용할 수 있는 키 복구 수행 메커니즘을 제시한다. 이는 IPSec과 IKEv2에서 호환성을 유지할 수 있으며, 기존의 메커니즘보다 안전하며, 네트워크 오버헤드를 줄일 수 있으며, 키 위탁기관이나 권위기관에 종속되지 않고 키 복구 결정을 할 수 있는 메커니즘이다.

Keywords

References

  1. The Internet Key Exchange (IKE) (RFC 2409)
  2. Internet Security Association and Key Management Protocol (ISAKMP) (RFC 2408)
  3. The Oakley Key Determination Protocol (RFC 2412)
  4. IP Authentication Header (AH) (RFC 2402)
  5. IP Encapsulating Security Payload (ESP) (RFC 2406)
  6. NIST, "Escrow Encryption Standard (EES)", Federal Information Processing Standard Pubilication (FIPS PUB) 185, 1994.
  7. H. Abelson, R. Anderson, S. Bellovin, J. Benaloh, M. Blaze, W. Diffie, J. Gilmore, P.Neumann, R. Rivest, J. Schiller, and B. Schneirer, "The Risks of Key Recovery, Key Escrow, and Trusted Third-Party Encryption",Technical report, 1997. Available from http://www.crypto.com/key-study.
  8. N. Jefferies, C. Mitchell, and M. Walker, "A Proposed Architecture for Trusted Third Party Services", in Cryptography: Policy and Algorithms, Proceedings: International Conference BrisAne, Lecture Notes In Computer Science, LNCS 1029, Springer-Verlag, 1995.
  9. T. Markham and C. Williams, "Key Recovery Header for IPSEC", Computers & Security, 19, 2000, Elsevier Science.
  10. D. Balenson and T. Markham, "ISAKMP Key Recovery Extensions", Computers & Security, 19, 2000, Elsevier Science.
  11. Su Rui-dan, Che Xiang-quan,Fu Shao-feng, Li Long-hai, Zhou Li-hua, ""Protocol-Based Hidden Key Recovery: IBE Approach and IPSec Case"", International Conference on Networks Security, Wireless Communications and Trusted Computing p . 719-723 2009.
  12. Internet Key Exchange Protocol (IKEv2) (RFC4306) http://www.ietf.org/rfc/rfc4306.txt.
  13. 이윤정, "IETF 표준 인터넷 프로토콜과 호환되는 TTP 기반 키 복구", 한국콘텐츠학회논문지 6권 6호, pp. 56-63, 2006. 6
  14. Y.J.Rhee,T.Y.Kim, ""Practical Solutions to Key Recovery Based on PKI in IP Security"", SAFECOMP 2002, LNCS 2434, pp. 44-52, 2002.

Cited by

  1. Threats Analysis and Mobile Key Recovery for Internet of Things vol.19, pp.5, 2016, https://doi.org/10.9717/kmms.2016.19.5.918