IKEv2协议中间人攻击的实现
Realization Measures of Man-in-the-middle Attack on IKEv2 Protocol
本文介绍了目前IPv6网络中广泛应用的密钥交换协议IKEv2的体系架构并分析了其存在的安全漏洞,重点根据协议中基于Diffie-Hellman(DH)交换和数字证书实行身份认证的安全缺陷,模拟实现了对IKEv2协议的中间人攻击,并且最后提出了防范中间人攻击的方法。
his paper introduce the system frame of IKEv2 key exchange protocol which is popular in the IPv6 network and analyse the securiy vulnerability. Model a man-in-the-middle attack for IKEv2 by the vulnerability of Diffie-Hellman (DH) exchange and Identity Authentication base on digital certificate. Finally, give some effective methods on how to prevent the man-in-the-middle attack.
田斌、朱洪亮、谢彬
通信无线通信电子对抗
IPSec VPNIKEv2协议H交换数字证书
IPSec VPNIKEv2 protocolDH exchangeDigital certificate
田斌,朱洪亮,谢彬.IKEv2协议中间人攻击的实现[EB/OL].(2011-11-21)[2025-08-02].http://www.paper.edu.cn/releasepaper/content/201111-327.点此复制
评论