| 一种基于PKI的密钥 |
| |
| 引用本文: | 朱建明,马建峰.一种基于PKI的密钥[J].上海大学学报(英文版),2004,8(1):51-56. |
| |
| 作者姓名: | 朱建明 马建峰 |
| |
| 作者单位: | School of Computer,Xidian University,Xi'an 710071,P.R. China,State Key Laboratory for Information Security,Chinese Academy of Sciences,Beijing 100039,P.R. China,School of Computer,Xidian University,Xi'an 710071,P.R. China |
| |
| 基金项目: | theNationalHigh TechnologyResearchandDevelopmentProgramofChina (GrantNo . 863 -2 0 0 2AA14 3 0 2 1) |
| |
| 摘 要: | Internet key exchange (IKE) is an automated key exchange mechanism that is used to facilitate the transfer of IPSec security associations (SAs). Public key infrastructure (PKI) is considered as a key element for providing security to new distributed communication networks and services. In this paper, we concentrate on the properties of the protocol of Phase 1 IKE. After investigating IKE protocol and PKI technology, we combine IKE protocol and PKI and present an implementation scheme of the IKE based on PKI. Then, we give a logic analysis of the proposed protocol with the BAN-logic and discuss the security of the protocol. The result indicates that the protocol is correct and satisfies the security requirements of Internet key exchange.
|
| 关 键 词: | 通信协议 互联网 公用密钥 网络安全 IP地址 |
| 收稿时间: | 5 March 2003 |
An internet key exchange protocol based on public key infrastructure |
| |
| Zhu?Jian-ming,Ma?Jian-feng.An internet key exchange protocol based on public key infrastructure[J].Journal of Shanghai University(English Edition),2004,8(1):51-56. |
| |
| Authors: | Zhu Jian-ming Ma Jian-feng |
| |
| Institution: | 1. School of Computer, Xidian University, Xi'an 710071, P.R. China;State Key Laboratory for Information Security, Chinese Academy of Sciences, Beijing 100039, P.R. China
2. School of Computer, Xidian University, Xi'an 710071, P.R. China |
| |
| Abstract: | Internet key exchange (IKE) is an automated key exchange mechanism that is used to facilitate the transfer of IPSec security associations (SAs). Public key infrastructure (PKI) is considered as a key element for providing security to new distributed communication networks and services. In this paper, we concentrate on the properties of the protocol of Phase 1 IKE. After investigating IKE protocol and PKI technology, we combine IKE protocol and PKI and present an implementation scheme of the IKE based on PKI. Then, we give a logic analysis of the proposed protocol with the BAN-logic and discuss the security of the protocol. The result indicates that the protocol is correct and satisfies the security requirements of Internet key exchange. |
| |
| Keywords: | authentication encryption Interent key exchange(IKE) public key infrastructure(PKI) |
| 本文献已被 CNKI 维普 万方数据 SpringerLink 等数据库收录! |
