Binary Information Press
In this paper, the authors introduce IKEv2 protocol and points out some defects about it in security and identity protection, etc. Aiming to these defects, this paper designs an Advanced Dynamic Key Exchange protocol (AIKE). AIKE protocol is based on IKEv2, and makes security modification to IKEv2 initial exchange; and it has integrally kept the IKEv2 CREATE-CHILD-SA exchange and informational exchange. AIKE has effectively solved some remaining secure problems such as the man-in-the-middle attack in the process of key generation; DoS attack based on IP fragmented data packets, and strengthened identity protection to the initiator and responder to prevent the phishing attack from the forgery responder.