Internet Key Exchange (IKE)

In IPSec, a SA between any two devices will contain all relevant information such, as the cryptographic algorithm in use.

A cryptographic algorithm is the science of cryptography. This field of science includes the exact details of encryption algorithms, digital signatures, and key agreement algorithms.

A simple two-router network requires four SAs, two for each router. (IPSec requires two SAs on each router for two-way communication.)

Clearly, for a large network, this would not scale. IKE offers a scalable solution to configuration, and key exchange management.

IKE was designed to negotiate and provide authenticated keys in a secure manner.

IKE has two phases. In phase I, the cryptographic operation involves the ...

Get CCIE Security Exam Certification Guide now with the O’Reilly learning platform.

O’Reilly members experience live online training, plus books, videos, and digital content from nearly 200 publishers.