Browse > Article

A Mechanism for the Secure IV Transmission in IPSec  

Lee, Young-Ji (Dept.of Computer Sceince, Korea University)
Park, Nam-Sup (Dept.of Computer Sceince, Korea University)
Kim, Tai-Yun (Dept.of Computer Sceince, Korea University)
Publication Information
Journal of KIISE:Information Networking / v.29, no.2, 2002 , pp. 156-164 More about this Journal
Abstract
IPSec is a protocol which provides data encryption, message authentication and data integrity on public and open network transmission. In IPSec, ESP protocol is used when it needs to provide data encryption, authentication and Integrity In real transmission packets. ESP protocol uses DES-CBC encryption mode when sender encrypts packets and receiver decrypts data through this mode IV is used at that time. This value has many tasks of attack during transmission by attacker because it is transferred clean and opened. If IV value is modified, then decryption of ESP data is impossible and higher level information is changed. In this paper we propose a new algorithm that it encrypts IV values using DES-ECB mode for preventing IV attack and checks integrity of whole ESP data using message authentication function. Therefore, we will protect attacks of IV and data, and guarantee core safe transmission on the public network.
Keywords
IPSec; ESP; IV; IPSec; IV; ESP; DES-ECB; Message Authentication; SA;
Citations & Related Records
연도 인용수 순위
  • Reference
1 D. Harkins, D. Carrel, The Internet Key Exchange, Internet RFC 2409, November 1998
2 Naganand Doraswamy and Dan Harkins, IPSec The New Security Standard for the Internet, Intranets, and Virtual Private Networks, Prentice Hall. Networking, vol. 4, pp. 885-901, Dec. 1996
3 S. Kent and R. Atkinson, IP Authentication Header, Internet RFC 2402,, November 1998
4 Bruce Schneier, Applied Cryptography Second Edition, John Wiley & Son, Inc., 1996
5 P. Karn, P. Metsger and W. Simpson, The ESP DES-CBC Transform, Internet RFC 1829, August 1995
6 William Stallings, Network Security Essentials, Prentice Hall, 2000
7 S. Kent and R. Alkinson, IP Encapsulation Security Payload(ESP), Internet RFC 2406, November 1998
8 Steven M. Bellovin, 'Problem Areas for the IP Security Protocols,' 1996
9 http://www.cisco.com/univercd/cc/td/doc/product/software/ios120/12supdoc/12cmdsum/12cssec/csipsec.htm#xtocid92300
10 C. Madson, N. Doraswamy, The ESP DES-CBC Cipher Algorithm with Explicit IV, Internet RFC 2405, November 1998
11 김창배, 박성준, 'IPSec을 이용한 가상 사설망 구현', 한국 멀티미디어 학회, 1999
12 S. Kent and R. AtKinson. Security Architecture for the Internet Protocol, Internet RFC 2401, November 1998
13 민병찬, '안전한 IPSec 기반 VPN 구현 방안', 동국대 국제 정보 대학원 석사 학위 논문, 2001
14 James S. Tiller, IPSec Virtual Private Networks, Auerbach Publications, 2001
15 D. Comer. Internetworking with TCP/IP, Principles, Protocols and Architecture, Prentice Hall, 1995
16 D. Maughan, M. Schertler, M. Schneider, Internet Security Association and Key Management Protocol (ISAKMP), Internet RFC 2408, November 1998
17 Christopher B. MaCubbin and Ali Aydin Selcuk, 'Initialization Vector Attacks on the IPSec Protocol Suite,' IEEE Trans. Commun., vol. 17, NO. 6. June 2000