Key Management

• The actual key exchange mechanism in IKE is derived from Oakley

• Plus several other key exchange protocols that had been proposed for IPSec

• Key exchange is based on the use of the Diffie Hellman algorithm

  • But provides added security
  • In particular, Diffie-Hellman alone does not authenticate the two users that are exchanging keys, making the protocol vulnerable to impersonation
  • IKE includes mechanisms to authenticate the users

Previous slide

Next slide

Back to first slide

View graphic version