previous up next index search

Previous: 10.33 Средства для борьбы со spyware    UP: 10 Приложения
    Next: 10.35 Программы с открытым кодом

10.34 Алгоритмы и протоколы сетевой безопасности
Семенов Ю.А. (ГНЦ ИТЭФ)

Приведенная ниже таблица взята из статьи Sindhu Xirasagar и Masoud Mojtahed, "Securing IP networks", Network Security N1, p13-17.

Название объекта верхнего уровня Документ стандарта
IPsecRFC-2401 - Security Architecture for the Internet Protocol
RFC-4301
ESPRFC=2406 и RFC-4302 - IP Encapsulating Security Payload (ESP)
AHRFC-2402 и RFC-4302 - IP Authentication Header
Attacks on Cryptographic HashesRFC-4270 - Attaches on Cryptographic Hashes in Internet Protocols
Draft-hoffman-ide-ipsec-hash--use-02.txt - Use of Hash Algorithms in IKE and IPsec
Algorithm Usage Requirement RFC-4305 - Cryptographic Algorithm Implementation Requirements for Encapsulating Security Payload (ESP)
RFC-4307 - Cryptographic Algorithm for Use in Internet Key Exchange Version (IKEv2)
RFC-4308 - Cryptographic Suites for IPsec
Ciphers RFC-2405 - The ESP DES-CBC Cipher Algorithm explicit IV
RFC-2410 - The Null Encapsulation Algorithm and its use with IPsec
RFC-2451 - The ESP CBC-Mode Cipher Algorithm (3DES)
RFC-3602 - The AES CBC Cipher Algorithm and its Use with IPsec
RFC-3686 - Using Advanced Encryption Standard (AES) Counter Mode With IPsec Encapsulation Security Payload (EPS)
NIST, FIPS PUB 197, Advanced Encryption Standard (AES), Nov 2001
NISA, Special Publication 800-38A, Recomendation for Block Cipher Modes of Operation, Dec 2001
RFC-4309 - Using Advanced Encryption Standard (AES) CCM Mode with With IPsec Encapsulation Security Payload (EPS), Dec 2005
RFC-4106 - The Use of Galois/Counter Mode (GCM) in IPsec Encapsulation Security Payload (EPS), Jun 2005
RFC-4543 - The Use of Galois Message Authentication Code (GMAC) in IPsec ESP and AH, May 2006
NIST, The Galois/Counter Mode (GCM), May 2005
http://csrc.nist.gov/CriptoToolkit/Modes/pro posedmodes/gcm/gcm-reversed-spec.pdf
NIST, FIPS 186-2, Digital Signature Standard, Jan 2000
http://csrc.nist.gov/publication/fips/fips189-2/fips186-2-change1.pdf
ABSI X9.31 - RSA Digital Signature
NIST, FIPS 186-2, Digital Signature Standard, Jan 2000
ANSI X9.62 - ECDSA, Elliptic Curve Digital Signature Algorithm
Authentic Algorithms RFC-2104 - HMAC: Keyed Hashing for Message Authentication, Informational Feb 1997
RFC-2403 - The Use of HMAC-MD5-96 within ASP and AH, Nov 1998
RFC-2404 - The Use of HMAC-SHA-1-96 within ASP and AH, Nov 1998
RFC-3566 - The AES-XCBC-MAC-96 Algorithm and its use with IPsec, Sep 2003
NIST, FIPS-180-2 Secure Hash Standard (SHA-1, SHA-2, SHA-384, SHA-512), Aug 2002
RFC-4231 - Ideentifiers and Test Vectors for HMAC-SHA-224, HMAC-SGA-256, HMAC-SHA-384 and HMAC-SHA-512, Dec 2005
RFC-4494 - The AES-CMAC-96 Algorithm and its use with IPsec, Jun 2006
IKE и IKEv2 RFC-2407 - The Internet IP Security Domain of Interpretation for ISAKMP, Nov 1998
RFC-2408 - Internat Security Association and Key Management Protocol (ISAKMP), Nov 1998
RFC-2409 - The Internet Key Exchange (IKE), Nov 1998
RFC-4109 - Algorithm for Internet Key Exchange version 1 (IKEv1), May 2005
RFC-4306 - The Internet Key Exchange (IKEv2) Protocol, Dec 2005
RFC-4434 - The AES-XCBC-PRF-128 Algorithm for the Internet Key Exchange Protocol (IKE), Feb 2006
NAT RFC-3022 - Traditional IP Network Address Translator (Traditional NAT), Jan 2001
RFC-3715 - IPsec-Network Address Translation (NAT) Compartibility Requirements, May 2004
RFC-3948 - VDP Encapsulation of IPsec ESP Packets, Jan 2005
IP Protocol Numbers www.iana.org/assignments/protocol-numbers
RTP и SRTP RFC-3550 - RTP: A Transport Protocol for Real-Time Applications, Jul 2003
RFC-3711 - The Secure Real-time Transport Protocol (SRTP), Mar 2004
RFC-3551 - RTP Profile for Audio and Video Conferences with Minimal Control, Jul 2006
RFC-4568 - Session Description Protocol (SDP) Security Descriptions for Media Streams, Jul 2006
Diffie-Hellman RFC-2539 - Storage of Diffie-Hellman Keys in the Domain Name System (DNS), Mar 1999
RFC-2631 - Diffie-Hellman Keys Agreement Method, Jun 1999
RFC-3526 - More Modular Exponential (MODP) Diffie-Hellman groups for Internet Key Exchange (IKE), May 2003
RFC-5144 - (Jan 2008), -4754, -4753 и -4492
IP RFC-1191 - Path MTU Discovwry, Nov 1990

Previous: 10.33 Средства для борьбы со spyware    UP: 10 Приложения
    Next: 10.35 Программы с открытым кодом