Network Working Group D. Harkins
Request for Comments: 2409 D. Carrel
Category: Standards Track cisco Systems
November 1998
The Internet Key Exchange (IKE)
Status of this Memo
This document specifies an Internet standards track protocol for the
Internet community, and requests discussion and suggestions for
improvements. Please refer to the current edition of the "Internet
Official Protocol Standards" (STD 1) for the standardization state
and status of this protocol. Distribution of this memo is unlimited.
Copyright Notice
Copyright (C) The Internet Society (1998). All Rights Reserved.
Table Of Contents
1 Abstract........................................................ 2
2 Discussion...................................................... 2
3 Terms and Definitions........................................... 3
3.1 Requirements Terminology...................................... 3
3.2 Notation...................................................... 3
3.3 Perfect Forward Secrecty...................................... 5
3.4 Security Association.......................................... 5
4 Introduction.................................................... 5
5 Exchanges....................................................... 8
5.1 Authentication with Digital Signatures........................ 10
5.2 Authentication with Public Key Encryption..................... 12
5.3 A Revised method of Authentication with Public Key Encryption. 13
5.4 Authentication with a Pre-Shared Key.......................... 16
5.5 Quick Mode.................................................... 16
5.6 New Group Mode................................................ 20
5.7 ISAKMP Informational Exchanges................................ 20
6 Oakley Groups................................................... 21
6.1 First Oakley Group............................................ 21
6.2 Second Oakley Group........................................... 22
6.3 Third Oakley Group............................................ 22
6.4 Fourth Oakley Group........................................... 23
7 Payload Explosion of Complete Exchange.......................... 23
7.1 Phase 1 with Main Mode........................................ 23
7.2 Phase 2 with Quick Mode....................................... 25
8 Perfect Forward Secrecy Example................................. 27
9 Implementation Hints............................................ 27
Harkins & Carrel Standards Track