CSC 774 -- Network Security - Dr. Peng Ning
30.01.2015 Views
Share Embed Flag

CSC 774 -- Network Security - Dr. Peng Ning

CSC 774 -- Network Security - Dr. Peng Ning

CSC 774 -- Network Security - Dr. Peng Ning

SHOW MORE
SHOW LESS
ePAPER READ
DOWNLOAD ePAPER
discovery.csc.ncsu.edu

Create successful ePaper yourself

Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.

START NOW

Internet Key Management<br />

• Manual key management<br />

– Mandatory<br />

– Useful when IPsec developers are debugging<br />

– Keys exchanged offline (phone, email, etc.)<br />

– Set up SPI and negotiate parameters<br />

Computer Science<br />

<strong>Dr</strong>. <strong>Peng</strong> <strong>Ning</strong> <strong>CSC</strong> <strong>774</strong> <strong>Network</strong> <strong>Security</strong> 11<br />

Internet Key Management (Cont’d)<br />

• Automatic key management<br />

– Two major competing proposals<br />

– Simple Key Management for Internet Protocols<br />

(SKIP)<br />

– ISAKMP/OAKLEY<br />

• Photuris<br />

– Ephemeral D-H + authentication + Cookie<br />

– The first to use cookie to thwart DOS attacks<br />

• SKEME (extension to Photuris)<br />

• Oakley (RFC 2412)<br />

• ISAKMP (RFC 2408)<br />

• ISAKMP/OAKLEY → IKE (RFC 2409)<br />

Computer Science<br />

<strong>Dr</strong>. <strong>Peng</strong> <strong>Ning</strong> <strong>CSC</strong> <strong>774</strong> <strong>Network</strong> <strong>Security</strong> 12

logo

products

Resources

Company

Terms of service
Privacy policy
Cookie policy
Cookie settings
Imprint
Change language
Made with love in Switzerland
© 2024 Yumpu.com all rights reserved

Hooray! Your file is uploaded and ready to be published.

Saved successfully!

Ooh no, something went wrong!