Browse > Article

IPsec Support for NAT-PT in IPv6 Transition Mechanisms  

Choi Inseok (숭실대학교 정보통신전자공학부)
Kim Younghan (숭실대학교 정보통신전자공학부)
Park Yongseok ((주)삼성전자 정보통신 연구개발센터)
Jung Souhwan (숭실대학교 정보통신전자공학부)
Publication Information
The Journal of Korean Institute of Communications and Information Sciences / v.30, no.11B, 2005 , pp. 736-743 More about this Journal
Abstract
NAT-PT is one of the IPv6 transition mechanisms, as defined in RFC2766, allowing IPv6-only devices to communicate with IPv4-only devices and vice versa. In NAT-PT, sender fail to verify TCP/UDP checksum and authentication data due to IP translation in the NAT-PT server The NAT-PT, therefore, has a limit to applying the IPsec that provides the end-to-end security such as confidentiality, authentication, and integrity. This paper proposes a scheme to apply the IPsec using IP HTI in NAT-PT environment.
Keywords
NAT-PT; SIIT; IPsec; NAT; RSIP;
Citations & Related Records
연도 인용수 순위
  • Reference
1 S. Satapati, 'NAT-PT Applicability,' draftsa­tapati-v60ps-natpt-applicability-00, October 2003
2 Egevang, K. and P. Francis, 'The IP Network Address Translator (NAT),' RFC 1631, May 1994
3 Kivinen, T., 'Negotiation of NAT-Traversal in the IKE,' draft-ietf-IPsec-nat-t-ike-08, Fe­bruary 2004
4 S. Kent, R. Atkinson., 'IP Authentication Header,' RFC 2402, November 1998
5 S. Kent, R. Atkinson, 'Security Architec­ture for the Internet Protocol,' RFC 2401, November 1998
6 Huttunen, A. et. al., 'UDP Encapsulation of IPsec Packets,' Internet Draft, draft-ietf-IPsec-udp-encaps-6.txt, January 2003
7 S. Kent, R. Atkinson., 'IP Encapsulating Security Payload (ESP),' RFC 2406, Novem­ber 1998
8 G. Montenegro, M. Borella, 'RSIP Support for End-to-end IPsec,' RFC 3104, October 2001
9 Aboba, B. et. Al., 'IPsec-Network Address Translation (NAT) Compatibility Require­ments,' RFC 3715, March 2004
10 D. Harkins, D. Carrel., 'The Internet Key Exchange (IKE),' RFC 2409, November 1998
11 E. Nordmark., 'Stateless IP/ICMP Transla­tion Algorithm (SIlT),' RFC 2765, February 2000
12 G. Tsirtsis, P. Srisuresh, 'Network Address Translation Protocol Translation (NAT-PT),' RFC 2766, February 2000