| Security has become a key issue for further popularization of the Internet. The concept of security not as past that only focused on the use of various filtering mechanisms to prevent hackers from gaining access,but also requires a higher access control and more comprehensive in-depth safety protection. But the IPSec protocol and IKE protocol based on password is a valid means to solve IP data delivers the safety on public networks. How to construct a key exchange system which satisfies the request of IKE protocol is the goal of this design.IKE protocol is an important part of the IPSec protocol suite. IKE protocol serves as dynamic consultation and manager of security association. IKE is a hybrid protocol which consisted of ISAKMP protocol,OAKLEY protocol and SKEME protocol. IKE protocol provids the security performance with four aspects: identity authentication, confidentiality, integrity and key management.The thesis first introduces the IPSec protocol. And then provides in-depth analysis of IKE protocol, including components of the protocol, the consultation process of IKE, the format of IKE messages, and the security of the protocol. Based on the existing protocol, a new practical project for realizing the IKE, as well as a new mode, is proposed. The design principles and the functionalities of each component are then described. The main data structure and the procedures are also discussed. Meanwhile, the thesis provides a complete analysis of the message mechanism under Windows system, which describes how the application communicates with the kernel.The thesis finally tests the secret key exchange module on IKE, and analyses the test result. |
PDF Full Text Request