RFC 3129 (rfc3129) - Page 1 of 6
Requirements for Kerberized Internet Negotiation of Keys
Alternative Format: Original Text Document
Network Working Group M. Thomas
Request for Comments: 3129 Cisco Systems
Category: Informational June 2001
Requirements for Kerberized Internet Negotiation of Keys
Status of this Memo
This memo provides information for the Internet community. It does
not specify an Internet standard of any kind. Distribution of this
memo is unlimited.
Copyright Notice
Copyright (C) The Internet Society (2001). All Rights Reserved.
Abstract
The goal of this document is to produce a streamlined, fast, easily
managed, and cryptographically sound protocol without requiring
public key.
Motivation
The IPsec working group has defined a number of protocols which
provide the ability to create and maintain cryptographically secure
security associations at layer three (i.e., the IP layer). This
effort has produced two distinct protocols:
1) a mechanism to encrypt and authenticate IP datagram payloads which
assumes a shared secret between the sender and receiver
2) a mechanism for IPsec peers to perform mutual authentication and
exchange keying material
The IPsec working group has defined a peer to peer authentication and
keying mechanism, IKE (RFC 2409). One of the drawbacks of a peer to
peer protocol is that each peer must know and implement a site's
security policy which in practice can be quite complex. In addition,
the lack of a trusted third party requires the use of Diffie Hellman
(DH) to establish a shared secret. DH, unfortunately, is
computationally quite expensive and prone to denial of service
attacks. IKE also relies on X.509 certificates to realize scalable
authentication of peers. Digital signatures are also computationally
expensive and certificate based trust models are difficult to deploy
Thomas Informational
