Securing the internet: A cryptographic viewpoint of IP security


Ran Canetti
IBM, TJ Watson

Providing data integrity and confidentiality over the Internet is an important task. Arguably, the network (IP) layer protocol is a good candidate for addressing these security concerns. In particular, providing security in the IP layer will free higher layer protocols and applications (such as TCP, HTTP, firewalls) from dealing with many of the security concerns.

The IPSEC working group of the IETF has been chartered to develop ``A security protocol in the network layer... ...to provide cryptographic security services that will flexibly support combinations of authentication, integrity, access control, and confidentiality''. After several years of extensive work, it finally seems that the group is converging to a small set of agreed solutions.

The talk presents the security concerns and issues encountered in developing this protocol, and surveys the proposed solutions. The solutions can be thought of as consisting of two parts: first, the communicating endpoints agree on a shared session key; next, the key is used to authenticate and perhaps also to encrypt individual packets. We first address the second, relatively simpler part; next we address the first part, namely key management.

The talk takes a primarily cryptographic viewpoint, concentrating on the various security concerns and the quality of proposed solutions, especially the key management protocols and cryptographic functions.