Topic
IPsec
About: IPsec is a(n) research topic. Over the lifetime, 3631 publication(s) have been published within this topic receiving 58860 citation(s). The topic is also known as: Internet Protocol Security & Security Architecture for Internet Protocol.
Papers published on a yearly basis
Papers
More filters
01 Aug 1995
TL;DR: This document describes an updated version of the "Security Architecture for IP", which is designed to provide security services for traffic at the IP layer, and obsoletes RFC 2401 (November 1998).
Abstract: This document describes an updated version of the "Security
Architecture for IP", which is designed to provide security services
for traffic at the IP layer. This document obsoletes RFC 2401
(November 1998). [STANDARDS-TRACK]
3,435 citations
TL;DR: The design, rationale, and implementation of a security architecture for protecting the secrecy and integrity of Internet traffic at the Internet Protocol (IP) layer, which includes a modular key management protocol, called MKMP, is presented.
Abstract: In this paper we present the design, rationale, and implementation of a security architecture for protecting the secrecy and integrity of Internet traffic at the Internet Protocol (IP) layer. The design includes three components: (1) a security policy for determining when, where, and how security measures are to be applied; (2) a modular key management protocol, called MKMP, for establishing shared secrets between communicating parties and meta-information prescribed by the security policy; and (3) the IP Security Protocol, as it is being standardized by the Internet Engineering Task Force, for applying security measures using information provided through the key management protocol. Effectively, these three components together allow for the establishment of a secure channel between any two communicating systems over the Internet. This technology is a component of IBM's firewall product and is now being ported to other IBM computer platforms.
1,479 citations
01 Aug 1995
TL;DR: This document describes an updated version of the Encapsulating Security Payload (ESP) protocol, which is designed to provide a mix of security services in IPv4 and IPv6.
Abstract: This document describes an updated version of the Encapsulating
Security Payload (ESP) protocol, which is designed to provide a mix of
security services in IPv4 and IPv6. ESP is used to provide
confidentiality, data origin authentication, connectionless integrity,
an anti-replay service (a form of partial sequence integrity), and
limited traffic flow confidentiality. This document obsoletes RFC 2406
(November 1998). [STANDARDS-TRACK]
1,405 citations
27 Oct 2003
Abstract: In this paper, we describe LEAP (Localized Encryption and Authentication Protocol), a key management protocol for sensor networks that is designed to support in-network processing, while at the same time restricting the security impact of a node compromise to the immediate network neighborhood of the compromised node. The design of the protocol is motivated by the observation that different types of messages exchanged between sensor nodes have different security requirements, and that a single keying mechanism is not suitable for meeting these different security requirements. LEAP supports the establishment of four types of keys for each sensor node -- an individual key shared with the base station, a pairwise key shared with another sensor node, a cluster key shared with multiple neighboring nodes, and a group key that is shared by all the nodes in the network. The protocol used for establishing and updating these keys is communication- and energy-efficient, and minimizes the involvement of the base station. LEAP also includes an efficient protocol for inter-node traffic authentication based on the use of one-way key chains. A salient feature of the authentication protocol is that it supports source authentication without precluding in-network processing and passive participation. We analyze the performance and the security of our scheme under various attack models and show our schemes are very efficient in defending against many attacks.
1,093 citations
01 Aug 1995
TL;DR: This document describes an updated version of the IP Authentication Header (AH), which is designed to provide authentication services in IPv4 and IPv6, and obsoletes RFC 2402 (November 1998).
Abstract: This document describes an updated version of the IP Authentication
Header (AH), which is designed to provide authentication services in
IPv4 and IPv6. This document obsoletes RFC 2402 (November 1998).
[STANDARDS-TRACK]
920 citations