Key Agreement Protocol Process

A new key exchange protocol has been established, extending the IKE protocol, which uses IPSec to trade AS to protect AH and ESP traffic. The new key exchange protocol is authenticated Internet Protocol (AuthIP). AuthIP is an extension of the current IKE, but offers additional support for the mode of transport in order to make it more efficient. It was designed to simplify the key exchange process by reducing the complexity and number of round trips required. Multimedia Internet KEYing (MIKEY) is another key exchange protocol for SRTP, defined in RFC 3830.12. It is mainly designed for peer-to-peer groups, simple 1:n and small groups (interactive). One of the main multimedia scenarios considered in THE design of MIKEY was the multimedia entertainment scenario in which users can interact and communicate in real time. In these scenarios, peers can be expected to set up multimedia sessions with each other in which a multimedia session can consist of one or more secure media streams (for example. B, SRTP feeds). Below are some typical scenarios for multimedia applications that can occur: two PAKE (Four-Party Password Authentication Key Exchange) protocols [YEH 05]: one is the four-page KTAP (Four-Party Key Key Transfer Authentication Protocol) and the other is the KaAP (Four-Party Key Agreement Authentication Protocol) with four parts. However, there is a downside to this protocol, as it could be a vulnerable point of attack, while it cannot support legal eavesdropping.

The key management protocol has the following features: Key password-identified MOUs require the separate implementation of a password (which may be less than a key) in a way that is both private and non-integrity. These are designed to withstand man-in-the-middle and other active attacks on the password and established keys. For example, DH-EKE, SPEKE and SRP are Diffie-Hellman password authentication variants. If you have a way to ensure the integrity of a freed key via a public channel, you can exchange Diffie-Hellman keys to deduct a short-term released key and then authenticate that the keys match. One option is to use a key reading, as in PGPfone. However, voice authentication assumes that it is not possible for a middle man to summon the voice of one participant in real time to another, which may be an undesirable hypothesis. These protocols can be designed to work even with a small public value, for example. B a password.

Variations on this topic have been proposed for Bluetooth coupling protocols. [CHE 08] proposed a protocol for authenticating key agreements for IMS (IMSKAAP) to address the above issue. This IMSKAAP offers a secure key exchange and allows servers to support legal interceptions by integrating the benefits of the KTAP and KAAP protocols. To avoid the use of additional off-band authentication factors, Davies and Price proposed the use of Ron Rivest and Adi Shamir`s Interlock protocol, which has come under subsequent attack and refinement. For an application-level isolation and restoration system, Solitude [JAI 08] was proposed to limit the impact of attacks and simplify the post-intrusion recovery process.