IPSec Key Management

• Both AH and ESP presume a secret key shared by the two parties

• To establish this key, a key management protocol called ISAKMP/IKE is defined

  • Diffie-Hellman key exchanges signed with RSA, etc
  • lots and lots of options to please everybody

• Manual key establishment is still possible if you don’t want all that complexity

Previous slide

Next slide

Back to first slide

View graphic version