CryptoDB
Security Analysis of IKE's Signature-based Key-Exchange Protocol
Authors: | |
---|---|
Download: | |
Abstract: | We present a security analysis of the Diffie-Hellman key-exchange protocols authenticated with digital signatures used by the Internet Key Exchange (IKE) standard, and of the more comprehensive SIGMA family of key exchange protocols. The analysis is based on an adaptation of the key-exchange security model from [Canetti and Krawczyk, Eurocrypt'01] to the setting where peer identities are not necessarily known or disclosed from the start of the protocol. This is a common practical setting, which includes the case of IKE and other protocols that provide confidentiality of identities over the network. The rigorous study of this ``post-specified peer" model is a further contribution of this paper. |
BibTeX
@misc{eprint-2002-11643, title={Security Analysis of IKE's Signature-based Key-Exchange Protocol}, booktitle={IACR Eprint archive}, keywords={cryptographic protocols / key exchange, Diffie-Hellman, IKE, IPSec}, url={http://eprint.iacr.org/2002/120}, note={Presented at Crypto'2002 hugo@ee.technion.ac.il 11925 received 16 Aug 2002, last revised 26 Aug 2002}, author={Ran Canetti and Hugo Krawczyk}, year=2002 }