Please use this identifier to cite or link to this item:
Title: CGA integration into IPsec/IKEv2 authentication
Authors: AlSa'deh, Ahmad
Meinel, Christoph
Westphal, Florian
Gawron, Marian
Groneberg, Bjorn
Issue Date: Dec-2013
Publisher: Springer International Publishing
Abstract: In IPv6 networks, two security mechanisms are available at the network-layer; SEcure Neighbor Discovery (SEND) and IP security (IPsec). Although both provide authentication, neither subsumes the other; both SEND and IPsec mechanisms should be deployed together to protect IPv6 networks. However, when a node uses both SEND and IPsec, the authentication has to be done twice, which increases the burden on the node and decreases its performance. In this paper, we propose an approach to enable them to work together under the mediation of an Authentication Management Block, where IPsec uses the public-private keys obtained by SEND rather than negotiating its own authentication credentials in order to save the time and facilitate the IPsec authentication deployment. We implement and evaluate our approach using ipsec-tools and DoCoMo SEND implementations. Our proof-of-concept experiment shows a considerable speedup of IPsec authentication time
Appears in Collections:Fulltext Publications

Files in This Item:
File Description SizeFormat
10162.pdf227.02 kBAdobe PDFView/Open
Show full item record

Page view(s)

Last Week
Last month
checked on Jan 2, 2022


checked on Jan 2, 2022

Google ScholarTM


Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.