Author(s)

Hossein Fereidooni, Hassan Taheri, Mehran Mahramian

Electrical Engineering Department, Amirkabir University of Technology, Tehran, Iran.
Informatics Services Corporation, Tehran, Iran.

Accelerating methods are used to enhance TCP performance over satellite links by employing Performance Enhancement Proxies (PEPs). However, providing a secure connection through the PEPs seems to be impossible. In this paper an appropriate method is proposed in order to provide an accelerated secure E2E connection. We show an efficient secure three-party protocol, based on public key infrastructure (PKI), which provides security against spiteful adversaries. Our construction is based on applying asymmetric cryptography techniques to the original IKE protocol. Security protocols use cryptography to set up private communication channels on an insecure network. Many protocols contain flaws, and because security goals are seldom specified in detail, we cannot be certain what constitute a flaw. Proofing security properties is essential for the development of secure protocol. We give a logic analysis of the proposed protocol with the BAN-logic and discuss the security of the protocol. The result indicates that the protocol is correct and satisfies the security requirements of Internet key exchange. Based on the results of this preliminary analysis, we have implemented a prototype of our security protocol and evaluated its performance and checked safety properties of security protocol, and the results show that the protocol is robust and safe against major security threats.

Virtual Private Networks (VPNs); Public Key Infrastructure; Authentication; Internet Key Exchange (IKE); BAN-Logic

H. Fereidooni, H. Taheri and M. Mahramian, "E2E KEEP: End to End Key Exchange and Encryption Protocol for Accelerated Satellite Networks," International Journal of Communications, Network and System Sciences, Vol. 5 No. 4, 2012, pp. 228-237. doi: 10.4236/ijcns.2012.54030.