Information Technology Reference
In-Depth Information
The fourth part (assumptions and claims) considers an unbounded number of ses-
sions in parallel, and the final part provides the secrecy hypothesis that is exploited in
the Hermes's reasoning [33]. It defines keys unknown to the intruder which can be
used to safely encrypt messages. secret (K@s.H) means that the key K in session s
should be treated as a secret from H's point of view.
Table 1. Result of IKE phase 1 with digital signature
Secrets: SK(h);Ks; (h represent a Principal)
GoodPatterns: {xs}_PK(h);
{xs}_Ks
BadPatterns:
Vide
Using the Online Hermes's tool [34], our specification was correctly compiled and
verified regarding secrecy properties. As output, Hermes provides the sequence of
rules leading to each new secret or bad pattern.
The previous table summarizes the result obtained on the first phase of IKE proto-
col with digital signature. In table 1, “GoodPatterns” means that, all message en-
crypted with one of the three secrets (Ka, shr and SK) can be securely exchanged
[33]. No attack was identified with “BadPatterns”. Moreover, Hermes provides
online, a graphical tree proof that can be exploited for understanding attacks and pro-
tocol certification.
5 Security Consideration
This paper describes how to solve IPsec security issue at NAT/DHCP environment.
Since this proposition does not change or discard any of the IPsec security itself, the
security of this paper is exactly the same as that of the IPsec functionality.
However, the use of this proposition will be limited to the presence of a PKI infra-
structure. This is due to the fact that this proposition is based on the use of attribute
certificate in correlation with X.509 certificate in IKE authentication schemes.
6 Conclusion and Future Work
NAT removes the end-to-end significance of an IP address. Therefore, end-to-end
network layer security via IPsec cannot operate with an intervening NAT device. This
is significant problem with NAT, particularly considering the increase in demand for
IPsec and VPN-based solutions.
This paper has presented the incompatibilities between NAT/IPsec, exposed some
existing solutions that define how to combine NAT/IPsec and illustrated the limits of
those solutions. We have proposed a safely new way of making IPsec work through a
NAT function. Our proposed solution assures end-to-end security using IPsec in the
NAT/DHCP environment. We point out that this solution is built upon [6] and [8],
Search WWH ::




Custom Search