T-NATPT - A novel proposal for NAT-PT/IPSec traversing

Author

Yin, Lu ; Jin, Shi ; Qifeng, Yu ; Li, Xie

Author_Institution

State Key Lab. for Novel Software Technol., Nanjing Univ., Nanjing

fYear

2008

Firstpage

144

Lastpage

147

Abstract

During the IPv6/v4 transition, we are faced with the challenge to ensure the security of interconnections between heterogeneous IP nodes or networks. Unfortunately, the IPSec can not be applied in NAT-PT environment due to the conflict lies between their intrinsic functionalities. In this paper, we propose a novel solution, namely T-NATPT, for ensuring the effective and efficient NAT-PT/IPSec traversal. Inspired by existing NAT-traversal solution, we adopt a UDP-ESP-encapsulated traversing way and improve the process of IKE negotiation accordingly. Two novel schemes for interconnection between different IP protocol domains to support both transport and tunnel modes are also introduced in our solution. Experimental results show that our proposal is feasible, and its performance is efficient to meet general requirements in practice.

Keywords

IP networks; transport protocols; IKE negotiation; IP protocol; IPv6-v4 transition; NAT-PT-IPSec traversing; NAT-traversal solution; T-NATPT; UDP-ESP-encapsulated traversing; heterogeneous IP nodes; Costs; Cryptography; Encapsulation; IP networks; Laboratories; Network address translation; Payloads; Proposals; Transport protocols; Tunneling; IPSec; IPv6 transition; NAT-PT; Secure tunneling;

fLanguage

English

Publisher

ieee

Conference_Titel

Anti-counterfeiting, Security and Identification, 2008. ASID 2008. 2nd International Conference on

Conference_Location

Guiyang

Print_ISBN

978-1-4244-2584-6

Electronic_ISBN

978-1-4244-2585-3

Type

conf

DOI

10.1109/IWASID.2008.4688358

Filename

4688358