IP security (IPSec) is a suite of protocols that integrate security into IP and provide services that are data source authentication, data integrity, confidentiality, protection against replay attack, data privacy, access control, and end-to-end security for IP packets. In order to realize security services is to be established shared key between source and destination. Internet key exchange (IKE) provides this requirement. IKE manages keys securely after source and destination have agreed upon and it exchanges the keys in an authenticated way. IKE has some deficiencies. To solve these problems, some successors have been presented for IKE including IKEv2, SIGMA, and JFK. In this paper, at first it is introduced the original version of IKE and its successors. Then these protocols are comparatively evaluated.
[1]
Hugo Krawczyk,et al.
A Security Architecture for the Internet Protocol
,
1999,
IBM Syst. J..
[2]
Steven M. Bellovin,et al.
Just Fast Keying (JFK)
,
2002
.
[3]
Pasi Eronen,et al.
Denial of service in public key protocols
,
2000
.
[4]
Charlie Kaufman,et al.
Internet Key Exchange (IKEv2) Protocol
,
2005,
RFC.
[5]
Dan Harkins,et al.
The Internet Key Exchange (IKE)
,
1998,
RFC.
[6]
Stephen T. Kent,et al.
IP Authentication Header
,
1995,
RFC.
[7]
Randall J. Atkinson,et al.
IP Encapsulating Security Payload (ESP)
,
1995,
RFC.
[8]
Stephen T. Kent,et al.
Security Architecture for the Internet Protocol
,
1998,
RFC.