摘要
文章首先对IKE协议进行了深入分析,然后对IKE协议交换过程中的第一阶段主模式中存在的可能遭受到中间攻击的安全漏洞提出了一种解决方案,即在交换过程中的第5,6步发起方和响应方HASH-I和HASH-R增加签名,从而解决了IKE协议在交换过程中存在的安全漏洞,并且进一步增强了互联网密钥交换协议的安全性。
In this paper,it firstly analyzes the IKE protocol,then a solution to solve the security loopholes of the middle attacks in the process of the first phase on the IKE protocol exchange is pointed out,that is,Initiates side HASH-I and the response side HASH-R signature in the stage 5 and 6 of exchange process.It solved the security crack which exists in the exchange project and further enhances the Internet key swap agreement security.
出处
《微计算机信息》
2010年第24期67-68,71,共3页
Control & Automation
关键词
IKE
中间攻击
安全漏洞
数字签名
IKE
Middle Attack
security vulnerabilities
digital signature
