[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

IKE-SIGMA: draft-krawczyk-ipsec-ike-sigma-00.txt



 
I have written an internet-draft proposing simplified secure protocols
for use in IKE, and intended to submit it for IPsec WG consideration.
Unfortunately, I misread the cut-off date and believed it to be 11/21
(which is the deadline for drafts with versions greater than 00).

In spite of this I ask that this draft will be considered by the WG.
It is not a full specification but a detailed protocol proposal that 
can be merged into the son-of-ike framework.
It certainly has significant advantages over existing IKE modes
both at the simplicity level and efficiency (in its basic form it can allow
to create a working IPsec SA in just 3 messages, instead of the 9 messages
it takes today, and with the same security properties).

The proposal is named "The IKE-SIGMA Protocol"
and its abstract is appended below.

The draft is available at: 
http://tiger.technion.ac.il/~hugo/draft-krawczyk-ipsec-ike-sigma-00.txt

Hugo

=======================================================================
Abstract:

We present a concrete proposal for a simplified version of the
signature modes of IKE, and suggest a related mechanism for use with
pre-shared keys.  The proposed design, named SIGMA, achieves several
seemingly conflicting goals: simplification of the protocol, enhanced
functionality, and performance improvement. In particular, it
provides efficient and adaptive defense against DoS attacks, privacy
enhancement with both identities protected from eavesdroppers in the 
network, elimination of the distinction (and duplicity) between 
aggressive mode and main mode, and a reduced number of messages per 
exchange. The SIGMA protocol re-uses the specification basis existing
in ISAKMP and IKE, and allows for significant re-use of existing code
that already implements these protocols. The proposed protocols enjoy
a proof of security via formal cryptographic analysis.







Follow-Ups: