|国家预印本平台
首页|IKEv2协议中间人攻击的实现

IKEv2协议中间人攻击的实现

Realization Measures of Man-in-the-middle Attack on IKEv2 Protocol

中文摘要英文摘要

本文介绍了目前IPv6网络中广泛应用的密钥交换协议IKEv2的体系架构并分析了其存在的安全漏洞,重点根据协议中基于Diffie-Hellman(DH)交换和数字证书实行身份认证的安全缺陷,模拟实现了对IKEv2协议的中间人攻击,并且最后提出了防范中间人攻击的方法。

his paper introduce the system frame of IKEv2 key exchange protocol which is popular in the IPv6 network and analyse the securiy vulnerability. Model a man-in-the-middle attack for IKEv2 by the vulnerability of Diffie-Hellman (DH) exchange and Identity Authentication base on digital certificate. Finally, give some effective methods on how to prevent the man-in-the-middle attack.

田斌、朱洪亮、谢彬

通信无线通信电子对抗

IPSec VPNIKEv2协议H交换数字证书

IPSec VPNIKEv2 protocolDH exchangeDigital certificate

田斌,朱洪亮,谢彬.IKEv2协议中间人攻击的实现[EB/OL].(2011-11-21)[2025-08-02].http://www.paper.edu.cn/releasepaper/content/201111-327.点此复制

评论