Modified aggressive mode of Internet Key Exchange resistant against Denial-of-Service attacks

Internet Key Exchange (IKE) is very important as an entrance to secure comm unication over the Internet. The first phase of IKE is based on Diffie-Hell man (DH) key-agreement protocol. Since DW protocol on its own is vulnerable to man-in-the-middle (MIM) attack, IKE provides authentication to protect the protocol ii om MIM. This authentication owes a lot to public-key primit ives whose implementation includes modular exponentiation. Since modular ex ponentiation is computationally ally expensive, attackers are motivated to abuse it fur Denial-of-Service (DoS) attacks; computational burden caused b y malicious requests may exhaust the CPU resource of the Larger. DoS attack ers can also abuse inappropriate use of Cookies in IKE; as an anti-clogging token, Cookie must eliminate the responder's state during initial exchange s of the protocol while IKE Cookies do not. Thus a large number of maliciou s requests may exhaust the memory resource of the target. In search of resi stance against those DoS attacks, this paper first reviews DoS-resistance o f the current version of IKE and basic ideas on DoS-protection. The paper t hen proposes a DoS-resistant version of three-pass IKE Phase 1 where attack ers are discouraged by heavy stateful computation they must do before the a ttack really burdens the target. DoS-resistance is evaluated in terms of th e computational cost and the memory cost caused by bogus requests. The resu lt shows that the proposed version gives the largest ratio of the attacker' s cost to the responder's cost.