| IKE协议抵抗中间人攻击的研究 |
| |
| 引用本文: | 汪骏飞,王利,钱锟,白永志,陈定.IKE协议抵抗中间人攻击的研究[J].网络安全技术与应用,2005(4):12-14. |
| |
| 作者姓名: | 汪骏飞 王利 钱锟 白永志 陈定 |
| |
| 作者单位: | 1. 合肥工业大学,计算机信息学院,安徽,230009
2. 合肥工业大学,计算机信息学院,安徽,230009;安徽少年儿童出版社,安徽,230063 |
| |
| 摘 要: | IKE协议是IPSec协议族中的自动密钥交换协议,用于动态地建立安全关联。在IKE协议中采用的D-H交换极易受到中间人攻击的威胁。通过深入研究中间人攻击的实现原理,并结合IKE协议中数字签名认证、公钥加密认证、预共享密钥认证三种认证方式详细论述了在该协议中是如何利用身份认证技术抵抗中间人攻击。
|
| 关 键 词: | IKE 密钥交换 中间人攻击 身份认证 |
The Research on IKE Protocol Against Man in the Middle Attack |
| |
| Wang Junfei,Wang Li,Qian kun,Bai yongzhi,Chending.The Research on IKE Protocol Against Man in the Middle Attack[J].Net Security Technologies and Application,2005(4):12-14. |
| |
| Authors: | Wang Junfei Wang Li Qian kun Bai yongzhi Chending |
| |
| Affiliation: | Wang Junfei1,Wang Li1,2,Qian kun1,Bai yongzhi1,Chending11 Hefei University of Technology,School of Computer and Information,Anhui,2300092 Anhui Children's Publishing House,Anhui,230063 |
| |
| Abstract: | IKE protocol is the current key exchange standard for IPSec protocol and used to establish SecurityAssociation(SA) dynamically. D-H exchange in IKE is prone to be threatened by man in the middle attack. By theanalysis of the principal of man in the middle attack, and the three authentication methods of signature authentication,public key authentication and pre-shared key authentication, this paper elaborates on how to use identity authentica-tion techniques to resist man in the middle attack in IKE protocol. |
| |
| Keywords: | IKE key exchange man in the middle attack identity authentication |
| 本文献已被 CNKI 万方数据 等数据库收录! |
|
