IBM Skip to main content
  Home     Products & services     Support & downloads     My account  
  Select a country  
Journals Home  
  Systems Journal  
  ·  Current Issue  
  ·  Recent Issues  
  ·  Papers in Progress  
  ·  Search/Index  
  ·  Orders  
  ·  Description  
  ·  Author's Guide  
Journal of Research
and Development
  Staff  
  Contact Us  
Systems Journal  
Volume 37, Number 1, 1998
Internet Computing
 Table of contents: arrowHTML arrowASCII   This article: arrowHTML arrowASCII
arrowCopyright info
   

A security architecture for the Internet Protocol - References
by P.-C. Cheng, J. A. Garay, A. Herzberg

Cited references and notes

  1. J. Postel, Internet Protocol, Internet RFC 791 (September 1981).
  2. S. Kent and R. Atkinson, Security Architecture for the Internet Protocol, IETF (draft-ietf-ipsec-arch-sec-01.txt) (March 1997).
  3. A preliminary version of this paper was presented in Salt Lake City by the authors: P.-C. Cheng, J. A. Garay, A. Herzberg, and H. Krawczyk, "Design and Implementation of Modular Key Management Protocol and IP Secure Tunnel on AIX," Proceedings of the 5th USENIX UNIX Security Symposium (June 1995), pp. 41-54.
  4. S. Kent and R. Atkinson, IP Encapsulating Security Payload (ESP), IETF(draft-ietf-ipsec-esp-v2-00) (July 1997).
  5. S. Kent and R. Atkinson, IP Authentication Header, IETF(draft-ietf-ipsec-auth-header-01.txt) (July 1997).
  6. D. Harkins and D. Carrel, The Resolution of ISAKMP with Oakley, IETF (draft-ietf-ipsec-isakmp-oakley-04.txt) (July 1997).
  7. J. Ioannidis and M. Blaze, "The Architecture and Implementation of Network-Layer Security under UNIX," Proceedings of the 4th USENIX UNIX Security Symposium (1993), pp. 29-39.
  8. J. Ioannidis and M. Blaze, The swIPe IP Security Protocol, IETF(draft-ietf-ipsec-swipe-01.txt) (June 1994).
  9. A. O. Freier, P. Karlton, and P. C. Kocher, The SSL Protocol Version 3.0, IETF (draft-ietf-tls-ssl-version3-00.txt) (November 1996).
  10. T. Dierks and C. Allen, The TLS Protocol Version 1.0, IETF (draft-ietf-tls-protocol-02.txt) (March 1997).
  11. D. Maughan, M. Schertler, M. Schneide, and J. Turner, Internet Security Association and Key Management Protocol (ISAKMP), IETF (draft-ietf-ipsec-isakmp-08.txt) (July 1997).
  12. W. R. Cheswick and S. M. Bellovin, Firewalls and Internet Security, Repelling the Wily Hacker, Addison-Wesley Publishing Co., Reading, MA (1994).
  13. J. Kohl and B. C. Neuman, The Kerberos Network Authentication Service (V5), Internet RFC 1510 (September 1993).
  14. H. Krawczyk, "SKEME: A Versatile Secure Key Exchange Mechanism for Internet," Proceedings of the 1996 Internet Society Symposium on Network and Distributed Systems Security (February 1996), pp. 114-127.
  15. W. Diffie, P. van Oorschot, and M. Wiener, "Authentication and Authenticated Key Exchanges," Designs, Codes and Cryptography 2, 107-125 (1992).
  16. American Bankers Association, American National Standard for Financial Institution Message Authentication (Wholesale), ANSI X9.9 (1981, revised 1986).
  17. G. Tsudik, "Message Authentication with One-Way Hash Functions," Proceedings of Infocom 92 (1992), pp. 2055-2059.
  18. M. Bellare, R. Canetti, and H. Krawczyk, "Keyed Hash Functions and Message Authentication," Advances in Cryptology--Crypto '96, N. Koblitz, Editor, Lecture Notes in Computer Science No. 1109, Springer-Verlag, (1996), pp. 1-15.
  19. O. Goldreich, S. Goldwasser, and S. Micali, "How to Construct Random Functions," Journal of the ACM 33, No. 4, 210-217 (1986).
  20. R. Bird, I. Gopal, A. Herzberg, P. A. Janson, S. Kutten, R. Molva, and M. Yung, "Systematic Design of a Family of Attack-Resistant Authentication Protocols," IEEE Journal on Selected Areas in Communications 11, No. 5, 679-693 (June 1993).
  21. M. Bellare and P. Rogaway, "Entity Authentication and Key Distribution," Advances in Cryptography, Springer-Verlag, New York (August 1993), pp. 232-249.
  22. Information on the development of this standard can be found in the IPSEC home page, http://www.ietf.org/html.charters/ipsec-charter.html and the IPSEC mailing list ipsec@tis.com.
  23. M. Oehler and R. Glenn, HMAC-MD5-96 IP Authentication with Replay Prevention, IETF (draft-ietf-ipsec-ah-hmac-md5-96-00.txt) (March 1997).
  24. H. Krawczyk, M. Bellare, and R. Canetti, HMAC: Keyed-Hashing for Message Authentication, Internet RFC 2104 (February 1997).
  25. S. M. Bellovin, "Problem Areas for the IP Security Protocols," Proceedings of the 6th USENIX UNIX Security Symposium (July 1996), pp. 205-214.
  26. In other words, in the scenario in the section about the secure tunnel, either A and X or B and Y are not the same.
  27. D. B. Chapman, "Network (In)Security Through IP Packet Filtering," UNIX Security Symposium III Proceedings (1992), pp. 63-76.
  28. R. Bird, I. Gopal, A. Herzberg, P. Janson, S. Kutten, R. Molva, and M. Yung, "The KryptoKnight Family of Light-Weight Protocols for Authentication and Key Distribution," IEEE/ACM Transactions on Networking 3, No. 1, 31-41 (February 1995).
  29. W. Diffie and M. E. Hellman, "New Directions in Cryptography," IEEE Transactions on Information Theory IT-22, No. 6, 644-654 (November 1976).
  30. S. J. Leffler, W. N. Joy, R. S. Farby, and M. J. Karel, "Networking Implementation Notes, 4.3BSD Edition," UNIX System Manager's Manual, 4.3 Berkeley Software Distribution, Virtual VAX-11 Edition, USENIX Association (April 1986).
  31. H. Orman, The Oakley Key Determination Protocol, IETF (draft-ietf-ipsec-oakley-02.txt) (July 1997).
About IBM | Privacy | Legal | Contact