Privacy-Preserving Authenticated Key Exchange and the Case of IKEv2.

In this work, we propose an extension to the IPsec key exchange protocol IKEv2. ... Our extension (i) allows for continuous exchange of attestation data while the IPsec connection is running, (ii) supports highly ecient exchange of attestation data and (iii) requires minimal changes to ... As the attestation messages are only exchanged once the IKEv2 authentication phase succeeded, requirement R2 of goal G1 is met in case of V1. ...

doi:10.1007/978-3-642-14992-4_14 fatcat:3gp2vmb4lbgwvgwahhjsfx4csi

Previous analyses of IKEv2 concluded that the protocol was suffering from two authentication vulnerabilities: the penultimate authentication flaw and a vulnerability that leads to a reflection attack. ... We further discuss two modifications of the protocol and prove that both of them do overcome the vulnerability the penultimate authentication flaw. ... Acknowledgment The authors would like to thank Thomas Given-Wilson for its help with proof-reading an early version of this paper, and Youcef Ech-Chergui for its IKEv2 expertise. ...

doi:10.1109/pst47121.2019.8949057 dblp:conf/pst/NinetLMTZ19 fatcat:nejckudjdnda7aqsqhe4vf6qa4

The Authentication and Authorization for Constrained Environments (ACE) framework provides fine-grained access control in the Internet of Things, where devices are resource-constrained and with limited ... We provide the first Open Source implementation of the ACE IPsec profile for the Contiki OS and test it on the resource-constrained Zolertia Firefly platform. ... Center CROSSING (project S1) and project C.1 within the RTG 2050 "Privacy and Trust for Mobile Users"; the EIT-Digital Master School. ...

doi:10.1109/cns.2018.8433209 dblp:conf/cns/AragonTMHR18 fatcat:pckthj3ol5ar3k3gd63ko6m72q

Multiple Versions

Furthermore, even for protocols running in the higher layers (e.g, the application layer), a party may respond to a key-exchange request coming from a peer who, for the sake of preserving its privacy, ... The first generation IKEv1 [16] uses public-key encryption as the authentication mechanism (with SKEME serving as the basis in part), 1 and IKEv2 [18] uses public-key signature as the authentication mechanism ... We remark that mixing both parties' IDs in message computation violates the privacy-preserving principle of IKEv2, i.e., message from one party should not involve it's peer's ID. ...

doi:10.1007/978-3-642-13708-2_20 fatcat:hqbabyc5f5avzkz75hd4j3utjy

The goals of designing KEPSOM are to develop key exchange protocol proposal characterized by its secrecy, simplicity, efficiency, resistivity, and its ability to support mobility and multihoming. ... In these tests, it is found that the required time for rekeying is about 27% of the total required time for exchanging the keys. ... In the case of key-exchange, a session is intended to agree on "session key" with one another party (the peer to the session) and involves the exchange of the messages with that party. ...

doi:10.26634/jse.1.2.824 fatcat:mqe2fzozv5efve66r3r3psnj3e

of user traffic and protection of user/host privacy by default. ... by 3GPP and Secure Mobile Architecture (SMA), a standardization effort by The Open Group (TOG). ... ACKNOWLEDGMENT The authors would like to thank the partners of the Celtic MEVICO project for all fruitful discussions and their valuable advice on writing this paper. ...

doi:10.1109/vetecs.2011.5956380 dblp:conf/vtc/PellikkaSG11 fatcat:vwxwvdjwnfboxbnfty62h2agha

For the initialization of a network-assisted mVPN and the related key agreement an extension of Internet Key Exchange version 2 (IKEv2) is proposed. ... For the initialization of a network-assisted mVPN an extension of the Internet Key Exchange version 2 (IKEv2) [21] is proposed. ... Acknowledgement This work has been supported by the project CASCADAS (IST-027807) funded by the FET Program of the European Commission. ...

doi:10.1016/j.comcom.2008.05.018 fatcat:nrxfdlmzfre37dnxly4cypczzy

, integrity, mutual authentication, and key exchange. ... However, DMM, which has no dominant security scheme specified to itself, is excessively dependent on the security of Layer 2 and is vulnerable to various threats. ... Moreover, the obtained lemmas demonstrate that the proposed protocol satisfies the security requirements including confidentiality, integrity, mutual authentication, key exchange, privacy, and defense ...

doi:10.1109/access.2020.2985448 fatcat:2kw6e7k5bnajljauyqxwesk5de

DOAJ

Recent standardization efforts focus on a number of lightweight IP security protocol variants for end-to-end security in the Internet of Things (IoT), most notably DTLS, HIP DEX, and minimal IKEv2. ... These protocol variants commonly consider public-key-based cryptographic primitives in their protocol design for peer authentication and key agreement. ... To authenticate this key agreement, both peers prove the correctness of the Master Key using message authentication codes (MAC) in the I2 and R2 messages. ...

doi:10.1109/icnp.2013.6733571 dblp:conf/icnp/HummenWZHW13 fatcat:ejmfos3uijefbg55dkozozmgsy

In some cases, there are overlaps between the two kinds of proofs; those overlaps provide extra assurance about the correctness of the formalization and the proofs. ... Specifically, we present a formalization of one of the two variants of JFK known as JFKr (the one closer to IKEv2). ... of this paper, and to Michael Roe and Dieter Gollmann for early discussions on this work. ...

doi:10.1145/1266977.1266978 fatcat:mow3dqrjyveptgmtjqf7swvsva

We describe Just Fast Keying (JFK), a new key-exchange protocol, primarily designed for use in the IP security architecture. ... It is simple, efficient, and secure; we sketch a proof of the latter property. ... -Privacy: It must preserve the privacy of the initiator and/or responder, insofar as possible. -Memory-DoS: It must resist memory exhaustion attacks. ...

doi:10.1145/996943.996946 fatcat:6lmsda5cjzaepbftzgzwowplci

The world of Internet as such is open and insecure by nature. ... This paper offers a set of simulated secure data communication tunnels together with a comparison of results of the speed variables measured against the security through different encryption protocols ... Internet Key Exchange 2 (IKEv2): The most recent RFC that covers the IKE2 is RFC 7427 and it introduces IKE2 as an internet standard. ...

doi:10.1016/j.sbspro.2015.06.206 fatcat:tlglyrj5pzbpteawhgirdndxfa

Open Access

In some cases, there are overlaps between the two kinds of proofs; those overlaps provide extra assurance about the correctness of the formalization and the proofs. ... Specifically, we present a formalization of one of the two variants of JFK known as JFKr (the one closer to IKEv2). ... of this paper, and to Michael Roe and Dieter Gollmann for early discussions on this work. ...

doi:10.1007/978-3-540-24725-8_24 fatcat:7sidbpxvlncrzhtkwqcd26wukq

To achieve this a secure authentication and attack detection mechanism can be designed. ... Our scheme shown best performance compared to existing schemes in terms of packet delivery ration, detection rate and detection time. ... Wang, et.al, developed a new light-weight and efficient strong privacy-preserving authentication technique for secure communication in case of VANETs [13] . ...

doi:10.14419/ijet.v7i3.12.17770 fatcat:ln4ruhibf5f6lmvlecft7cmxim

Open Access

The most typical configuration procedure of a host involves the provision of an IP address and most often this is done with the help of Dynamic Host Configuration Protocol (DHCP). ... While the closed nature of the access networks has mitigated the vulnerability, the evolvement of the networks and increase in wireless use demand more stringent secure measures. ... The authors had the ideas of the proposal for the first time within the EU funded Ambient Networks project and wish to acknowledge the feedback and support received there. ...

doi:10.1109/pimrc.2006.254082 dblp:conf/pimrc/HeikkinenT06 fatcat:2gu5z54qnrc37o4y2hb4dcfwzq

Extending IPsec for Efficient Remote Attestation [chapter]

Preserved Fulltext

Model Checking the IKEv2 Protocol Using Spin

Preserved Fulltext

ACE of Spades in the IoT Security Game: A Flexible IPsec Security Profile for Access Control

Preserved Fulltext

Other Versions

Deniable Internet Key Exchange [chapter]

Preserved Fulltext

Key Exchange Protocol Supporting Mobility and Multihoming

Preserved Fulltext

Comparison and Analysis of Secure Mobile Architecture (SMA) and Evolved Packet System

Preserved Fulltext

A network-assisted mobile VPN for securing users data in UMTS

Preserved Fulltext

DMM-SEP: Secure and Efficient Protocol for Distributed Mobility Management based on 5G Networks

Preserved Fulltext

Tailoring end-to-end IP security protocols to the Internet of Things

Preserved Fulltext

Just fast keying in the pi calculus

Preserved Fulltext

Just fast keying

Preserved Fulltext

Conception of Virtual Private Networks Using IPsec Suite of Protocols, Comparative Analysis of Distributed Database Queries Using Different IPsec Modes of Encryption

Preserved Fulltext

Just Fast Keying in the Pi Calculus [chapter]

Preserved Fulltext

Broadcast Message Authentication Mechanism to Detect Clone and Sybil attacks in VANET's based on ID-Based Signature Scheme

Preserved Fulltext

HIP based Approach for Configuration Provisioning

Preserved Fulltext