THEORETIC RESEARCHES AND IMPLEMENTATION OF IP SECURING PROTOCOL VIA INTERNET NETWORK LAYER
This paper investigates the theory and technique of Internet network layer secure protocols. It can also be considered as the extension of IETF's IPSEC such as RFCs and drafts. In order to synchronize the cryptographic algorithms through the connectionless oriented Internet Protocol, a new slipping window mechanism is presented, then the state of secure IP is described on the view of theory. The Simple Key management for Internet Protocol, SKIP, is a sessionless oriented protocol adapting to the connectionless oriented protocol IP. The great disadvantage of SKIP is that the computing efficiency will decrease quickly as the key length increases, when one wants to get more security based on Diffie Hellman key agreement. So this paper suggests a new sessionless oriented scheme, the elliptic curve public key exchange. It can reduce the key size and computing time meanwhile increase the difficulty of attack comparing to D H. Finally, the implementation of secure IP in UNIX kernel is described here, which can run on various hardware platforms with UNIX operating system.