Scribd
Upload
53 views

Presented By: Anurag Roll No:-1703233 Topic: Internet Key Exchange

The document discusses Internet Key Exchange (IKE) which is a protocol used to set up security associations for IPsec. It has two phases - Phase 1 negotiates the IKE security association using main or aggressive mode exchange. Phase 2 negotiates the IPSec security associations using quick mode exchange. Diffie-Hellman key exchange algorithm is used to establish a shared secret key over an unsecured channel. The differences between aggressive and main mode are also outlined along with descriptions of SKIP and Photuris protocols.

Uploaded by

Anurag Gupta
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
53 views

Presented By: Anurag Roll No:-1703233 Topic: Internet Key Exchange

The document discusses Internet Key Exchange (IKE) which is a protocol used to set up security associations for IPsec. It has two phases - Phase 1 negotiates the IKE security association using main or aggressive mode exchange. Phase 2 negotiates the IPSec security associations using quick mode exchange. Diffie-Hellman key exchange algorithm is used to establish a shared secret key over an unsecured channel. The differences between aggressive and main mode are also outlined along with descriptions of SKIP and Photuris protocols.

Uploaded by

Anurag Gupta
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
You are on page 1/ 8

PRESENTED BY : Anurag

Roll no:- 1703233

TOPIC : INTERNET KEY EXCHANGE


IPsec: IKE

• IKE is a protocol used to setup a security association in internet protocol


security.
• IKE protocol uses UDP to create a security association with other
devices.
• IKE public key algorithm are used to mutually aunthenticate
communicating parties.
• solves many problems :-1. Domain of service 2.poor security association
negotiation.
IKE Phases and Modes
IKE has 2 phases:
• IKE Phase 1
o Uses main or aggressive mode exchange
o Negotiates IKE SA
• IKE Phase 2
o Uses quick mode exchange
o Negotiates IPSec SAs
Diffie-Hellman Algorithm

• Algorithm for secure key exchange over unsecured


channels
• Based on the difficulty of finding discreet algorithms
• Used to establish a shared secret between parties
(usually the secret keys for symmetric encryption or
HMACs)
• This method allows 2 parties which have no prior knowledge of each
other to establish a shared secret key over an insecure channel.
Difference between aggressive and main mode

1. Provide to secure algo and cryptography key.


2. This method allows 2 parties which have no prior knowledge of each
other to establish a shared secret key over an insecure channel.
• aggressive and main mode:-
• aggressive accomplishes mutual authentication in 3 messages/proof ct
• main mode accomplishes mutual authentication in 6 messages/
cryptography proposal
SKIP

Simple Key-Management for Internet Protocol or SKIP was a protocol developed in 1995 by
the IETF Security Working Group for the sharing of encryption keys.
SKIP and Photuris were evaluated as key exchange mechanisms for IPsec before the
adoption of IKE in 1998.
SKIP and Photuris are used for security management protocols used for security
management
Skip is hybrid Key distribution protocol Simple Key Management for Internet Protocols
(SKIP)
SKIP uses the knowledge of its own secret key or private component and the destination's
public component to calculate a unique key that can only be used between them.
photuris

• domain of service of protection.


• uses dif hel algo
• identifies hiding
• It uses long term diffie hellman public key
• data encrytion: long term secrets should not be used to encrypt data so it
is preferred for short term data

You might also like