Minimal IKEv2 AuthenTec Oy Tero Kivinen kivinen@iki.fi - PowerPoint PPT Presentation

Jan 26, 2024 •297 likes •363 views

Minimal IKEv2 AuthenTec Oy Tero Kivinen kivinen@iki.fi draft-kivinen-ipsecme-minimal-ikev2-01 What Problem Does This Document Solve Tries to educate implementors that IKEv2 is not complex and difficult to implement. Why Do People

Minimal IKEv2 AuthenTec Oy Tero Kivinen kivinen@iki.fi draft-kivinen-ipsecme-minimal-ikev2-01
What Problem Does This Document Solve ● Tries to educate implementors that IKEv2 is not complex and difficult to implement.
Why Do People Consider IKEv2 Complex ● IKEv2 looks quite complicated because there is so many optional features – Optional things include: ● Working as responder, SA management, rekeying, NAT-T, Configuration payloads, EAP authentication, Cookies, Multiple child SAs ● IKEv2 can be implemented without any of those optional features, and then it comes quite small and simple.
Implementation Experience ● There is 2 minimal implementations of IKEv2 both less than 1000 lines of source code (perl and python). – Our full IKEv2 library is 44k lines of C – Cert library is 56k lines, or 81k lines of enrollment and CRL retrieval is included ● Implementing minimal IKEv2 is very simple compared to full implemention. ● There are some optimizations which can be done when only supporting minimal set of features.
Summary ● This document does not change anything in the RFC5996. – Except it profiles X.509 certificate authentication out ● Explains the mandatory minimal features, leaving out all the optional things to make it short and simple.

Download Presentation

Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

IKEv2 with CGA Jean-Michel Combes jeanmichel.combes@orange.com Aurlien Wailly

IKEv2 with CGA Jean-Michel Combes jeanmichel.combes@orange.com Aurlien Wailly aurelien.wailly@orange.com Maryline Laurent Maryline.Laurent@it-sudparis.eu 2011-10-25 ICSNA 2011 1 Outline IPsec IKEv2 CGA IKEv2 with CGA?

744 views • 36 slides

Overview of IKEv2 Dan Harkins Charlie Kaufman Radia Perlman 1 Radia Perlman A n a l y s i s

A n a l y s i s o f I K E Overview of IKEv2 Dan Harkins Charlie Kaufman Radia Perlman 1 Radia Perlman A n a l y s i s o f I K E What we were trying to do Consolidate RFCs 2407, 2408, and 2409 in one document Not make gratuitous

643 views • 16 slides

Privacy-Preserving Authenticated Key Exchange and the Case of IKEv2 Sven Schge, Jrg Schwenk,

Privacy-Preserving Authenticated Key Exchange and the Case of IKEv2 Sven Schge, Jrg Schwenk, Sebastian Lauer Ruhr-University Bochum Classical Key Exchange Setting m1 Bob Alice m2 skA skB pkB pkA mq-1 mq derive K derive K 2

185 views • 18 slides

CGA as alternative security credentials with IKEv2: implementation and analysis SAR-SSI 2012

CGA as alternative security credentials with IKEv2: implementation and analysis SAR-SSI 2012 Orange Labs Jean-Michel Combes (France Telecom - Orange) Aurlien Wailly (France Telecom - Orange) Maryline Laurent (Telecom Sud Paris)

580 views • 26 slides

Use of IKEv2 and IPsec with Multiple CoA support MONAMI6 WG, IETF 68 Vijay Devarapalli

Use of IKEv2 and IPsec with Multiple CoA support MONAMI6 WG, IETF 68 Vijay Devarapalli (vijay.devarapalli@azairenet.com) Assumptions in RFC 3775, 3963 There is only one primary care-of address per mobile node The primary care-of

240 views • 7 slides

A toy example in Minimal Model Program In minimal model program for 3-folds, Mori connected

A toy example in Minimal Model Program In minimal model program for 3-folds, Mori connected minimal models with flops. A flop is a pair of birational proper surjections: X Y Z of 3-folds with certain properties. In particular, X and Y

321 views • 10 slides

Key Exchange in IPsec revisited: Formal Analysis of IKEv1 and IKEv2 Cas Cremers, ETH Zurich

Key Exchange in IPsec revisited: Formal Analysis of IKEv1 and IKEv2 Cas Cremers, ETH Zurich Overview What is IKE ? Internet Key Exchange , part of IPsec Formal analysis of IKE Previously considered infeasible Using Scyther

410 views • 19 slides

IKEv2: IPSec Key Management Protocol Lecture 20 Acknowledgement: Slides from Vincent Luk, revised

IKEv2: IPSec Key Management Protocol Lecture 20 Acknowledgement: Slides from Vincent Luk, revised by Cunsheng Ding IP Security Architecture IPSec module 1 IPSec module 2 SPD SPD IKE IKE AH/ESP AH/ESP SAD SAD SA IKE: Internet Key

702 views • 26 slides

www.tablegroup.com/hub Smart Healthy Strategy Minimal Politics Marketing Minimal

www.tablegroup.com/hub Smart Healthy Strategy Minimal Politics Marketing Minimal Confusion Finance High Morale Technology High Productivity Low Turnover BUILD A CREATE COHESIVE CLARITY LEADERSHIP TEAM

240 views • 4 slides

ilab 2 - IPSec with IKEv2 and Strongswan Lukas Grillmayer and Linus Lotz Chair for Network

ilab 2 - IPSec with IKEv2 and Strongswan Lukas Grillmayer and Linus Lotz Chair for Network Architectures and Services Department for Computer Science Technische Universit at M unchen June 4, 2014 Lukas Grillmayer and Linus Lotz: ilab 2 -

1.39k views • 51 slides

On the minimal coloring number of the minimal diagram of torus links Eri Matsudo Nihon

Introduction Known results Main theorem On the minimal coloring number of the minimal diagram of torus links Eri Matsudo Nihon University Graduate School of Integrated Basic Sciences Joint work with K. Ichihara (Nihon Univ.) & K.

560 views • 21 slides

Strongly minimal groups in o-minimal structures ( with P . Eleftheriou and A. Hasson ) Kobi

Strongly minimal groups in o-minimal structures ( with P . Eleftheriou and A. Hasson ) Kobi Peterzil Department of Mathematics University of Haifa Model theory, combinatorics and valued fields, IHP , Paris 2018 Kobi Peterzil 1

336 views • 15 slides

Understanding Minimal Risk Richard T. Campbell University of Illinois at Chicago Why is Minimal

Understanding Minimal Risk Richard T. Campbell University of Illinois at Chicago Why is Minimal Risk So Important? It is the threshold for determining level of review (Issue 8) Determines, in part, what is on list of research eligible for

689 views • 23 slides

Flicker: Flicker: Minimal TCB Code Execution Minimal TCB Code Execution Jonathan M. McCune

Flicker: Flicker: Minimal TCB Code Execution Minimal TCB Code Execution Jonathan M. McCune Carnegie Mellon University March 25, 2008 Bryan Parno, Arvind Seshadri Adrian Perrig, Michael Reiter 1 Password Reuse People often use 1

748 views • 49 slides

Minimal ESP draft-mglt-lwig-minimal-esp-05 Migault, Guggemos -- IETF99 Motivations Securing m2m

Minimal ESP draft-mglt-lwig-minimal-esp-05 Migault, Guggemos -- IETF99 Motivations Securing m2m communications with IPsec/ESP presents significant advantages [1] especially for small devices: - Interoperability - VPN - Transport layer

413 views • 8 slides

Normal and minimal surfaces The correspondence between normal surfaces and minimal surfaces has

Normal and minimal surfaces The correspondence between normal surfaces and minimal surfaces has more applications. It can be used to investigate classical problems in Differential Geometry. Classical Isoperimetric Inequality: A curve in R 2

1.14k views • 79 slides

SRv6 Net etwork Programming FD.io VPP and Linux Pablo Camarillo - Software Engineer @ Cisco

SRv6 Net etwork Programming FD.io VPP and Linux Pablo Camarillo - Software Engineer @ Cisco Systems Ahmed Abdelsalam PhD student @ Gran Sasso Science Institute Who are we? Ah Ahmed Ab Abdelsalam Pablo lo Ca Camarillo illo PhD

857 views • 62 slides

Dynamic Programming Lecture 6 September 12, 2013 Sariel (UIUC) CS573 1 Fall 2013 1 / 72

CS 573: Algorithms, Fall 2013 Dynamic Programming Lecture 6 September 12, 2013 Sariel (UIUC) CS573 1 Fall 2013 1 / 72 Part I . Maximum Weighted Independent Set in Trees . Sariel (UIUC) CS573 2 Fall 2013 2 / 72 Maximum Weight

1.73k views • 147 slides

Nonlinear Programming Models Fabio Schoen 2008 http://gol.dsi.unifi.it/users/schoen Nonlinear

Nonlinear Programming Models Fabio Schoen 2008 http://gol.dsi.unifi.it/users/schoen Nonlinear Programming Models p. Introduction Nonlinear Programming Models p. NLP problems min f ( x ) x S R n Standard form: min f ( x ) h i

936 views • 52 slides

Integer Linear Programming Modeling Marco Chiarandini Department of Mathematics & Computer

DM554/DM545 Linear and Integer Programming Lecture 9 Integer Linear Programming Modeling Marco Chiarandini Department of Mathematics & Computer Science University of Southern Denmark Integer Programming Outline Modeling 1. Integer

748 views • 28 slides

General purpose I/O bus is not enough

General purpose I/O bus is not enough Bandwidth of 1Gbps can only support three 155Mbps links. Why? Design goals Throughput Packets/sec Scalability Number of

486 views • 15 slides

SafeVanish: An Improved Data Self-Destruction for Protecting Data Privacy Lingfang Zeng, Zhan

CloudCom, Dec 3, 2010 SafeVanish: An Improved Data Self-Destruction for Protecting Data Privacy Lingfang Zeng, Zhan Shi, Shengjie Xu, Dan Feng School of Computer Science and Technology, Huazhong University of Science and Technology

269 views • 13 slides

INESC Porto a brief description L. Torgo ltorgo@fc.up.pt, ltorgo@inescporto LIAAD-Inesc Tec -

INESC Porto a brief description L. Torgo ltorgo@fc.up.pt, ltorgo@inescporto LIAAD-Inesc Tec - University of Porto Out 2011 INESC Porto LA Institute for Systems and Computer Engineering of Porto Private non-profit association, recognised as a

681 views • 9 slides

Inhomogeneities in magnetic systems Inhomogeneous magnetic systems: control and applications

European School on Magnetism 2009 Inhomogeneities in magnetic systems Inhomogeneous magnetic systems: control and applications Alberta Bonanni Institute for Semiconductor and Solid State Physics, Johannes Kepler University, Linz Austria

588 views • 26 slides