Title :
Arcanum: a secure and efficient key exchange protocol for the Internet
Author :
Mian, Ajmal S. ; Masood, Ashraf
Author_Institution :
Comput. Sci. & Software Eng., Western Australia Univ., Crawley, WA, Australia
Abstract :
A VPN establishes a cryptographically secure network using the existing insecure infrastructure of the Internet. A number of protocols, including IPSec have been designed to establish VPNs. However, keys must be shared between the communicating peers before a VPN can be established. IKE protocol is used for exchanging keys between authenticated peers over the Internet. However, IKE is vulnerable to DoS attacks and has security holes. A number of protocols have been proposed to replace IKE but these protocols also have vulnerabilities of their own. In this paper, we present an analysis of IKE and identify its security holes and design weaknesses. We also propose a more secure and efficient key exchange protocol, Arcanum, and carry out its security analysis and comparison with existing protocols. Arcanum is more secure, robust to DoS attacks and efficient in terms of time and number of messages.
Keywords :
Internet; cryptography; protocols; virtual private networks; Arcanum; DoS attacks; IKE protocol; IPSec; Internet infrastructure; Internet key exchange; VPN; cryptographically secure network; denial of service; key exchange protocol; peer communication; protocol comparison; security analysis; security holes; virtual private networks; Computer crime; Cryptographic protocols; Cryptography; IP networks; Internet; Payloads; Public key; Security; Telecommunication traffic; Virtual private networks;
Conference_Titel :
Information Technology: Coding and Computing, 2004. Proceedings. ITCC 2004. International Conference on
Print_ISBN :
0-7695-2108-8
DOI :
10.1109/ITCC.2004.1286419
