IKE

E184261

IKE (Internet Key Exchange) is a protocol used to set up secure, authenticated communication channels and negotiate cryptographic keys, most notably for IPsec VPNs.

All labels observed (1)

Label Occurrences
IKE canonical 4

How this entity was disambiguated

Statements (49)

Predicate Object
instanceOf Internet Key Exchange
key management protocol
network security protocol
abbreviation IKE self-link
basedOn IKEv1
surface form: ISAKMP
definedIn RFC 2409
domain Internet security
virtual private networks
fullName IKEv1
surface form: Internet Key Exchange
hasPhase Phase 1
Phase 2
layer control plane for IPsec
modeInPhase1 Aggressive Mode
Main Mode
modeInPhase2 Quick Mode
negotiates Diffie–Hellman key exchange
surface form: Diffie–Hellman groups

authentication methods
encryption algorithms
integrity algorithms
lifetime of Security Associations
operatesOver UDP port 4500 for NAT traversal
UDP port 500
phase1Purpose establish IKE Security Association
phase2Purpose negotiate IPsec Security Associations
standardizedBy Internet Engineering Task Force
surface form: IETF
status obsoleted by IKEv2 in many deployments
successor IKEv2
supports Diffie–Hellman key exchange
digital signatures
mutual authentication
perfect forward secrecy
pre-shared keys
public key encryption
unilateral authentication
supportsFeature NAT traversal
identity protection in Main Mode
rekeying of Security Associations
usedFor IPsec
surface form: IPsec VPNs

authentication
establishing secure communication channels
key management
security association negotiation
usedIn remote access VPNs
site-to-site VPNs
usedWith IPsec
usesProtocol ISAKMP
version IKEv1
vulnerability configuration errors can weaken security
susceptible to certain DoS attacks if not rate-limited

How these facts were elicited

Referenced by (4)

Full triples — surface form annotated when it differs from this entity's canonical label.