 |
|
Previous: 10.33 Средства для борьбы со spyware
UP:
10 Приложения Next: 10.35 Программы с открытым кодом |
|
|
|
Previous: 10.33 Средства для борьбы со spyware
UP:
10 Приложения Next: 10.35 Программы с открытым кодом |
Приведенная ниже таблица взята из статьи Sindhu Xirasagar и Masoud Mojtahed, "Securing IP networks", Network Security N1, p13-17.
| Название объекта верхнего уровня | Документ стандарта |
| IPsec | RFC-2401 - Security Architecture for the Internet Protocol RFC-4301 |
| ESP | RFC=2406 и RFC-4302 - IP Encapsulating Security Payload (ESP) |
| AH | RFC-2402 и RFC-4302 - IP Authentication Header |
| Attacks on Cryptographic Hashes | RFC-4270 - Attaches on Cryptographic Hashes in Internet Protocols Draft-hoffman-ide-ipsec-hash--use-02.txt - Use of Hash Algorithms in IKE and IPsec |
| Algorithm Usage Requirement | RFC-4305 - Cryptographic Algorithm Implementation Requirements for Encapsulating Security Payload (ESP) RFC-4307 - Cryptographic Algorithm for Use in Internet Key Exchange Version (IKEv2) RFC-4308 - Cryptographic Suites for IPsec |
| Ciphers | RFC-2405 - The ESP DES-CBC Cipher Algorithm explicit IV RFC-2410 - The Null Encapsulation Algorithm and its use with IPsec RFC-2451 - The ESP CBC-Mode Cipher Algorithm (3DES) RFC-3602 - The AES CBC Cipher Algorithm and its Use with IPsec RFC-3686 - Using Advanced Encryption Standard (AES) Counter Mode With IPsec Encapsulation Security Payload (EPS) NIST, FIPS PUB 197, Advanced Encryption Standard (AES), Nov 2001 NISA, Special Publication 800-38A, Recomendation for Block Cipher Modes of Operation, Dec 2001 RFC-4309 - Using Advanced Encryption Standard (AES) CCM Mode with With IPsec Encapsulation Security Payload (EPS), Dec 2005 RFC-4106 - The Use of Galois/Counter Mode (GCM) in IPsec Encapsulation Security Payload (EPS), Jun 2005 RFC-4543 - The Use of Galois Message Authentication Code (GMAC) in IPsec ESP and AH, May 2006 NIST, The Galois/Counter Mode (GCM), May 2005 http://csrc.nist.gov/CriptoToolkit/Modes/pro posedmodes/gcm/gcm-reversed-spec.pdf NIST, FIPS 186-2, Digital Signature Standard, Jan 2000 http://csrc.nist.gov/publication/fips/fips189-2/fips186-2-change1.pdf ABSI X9.31 - RSA Digital Signature NIST, FIPS 186-2, Digital Signature Standard, Jan 2000 ANSI X9.62 - ECDSA, Elliptic Curve Digital Signature Algorithm |
| Authentic Algorithms |
RFC-2104 - HMAC: Keyed Hashing for Message Authentication, Informational Feb 1997 RFC-2403 - The Use of HMAC-MD5-96 within ASP and AH, Nov 1998 RFC-2404 - The Use of HMAC-SHA-1-96 within ASP and AH, Nov 1998 RFC-3566 - The AES-XCBC-MAC-96 Algorithm and its use with IPsec, Sep 2003 NIST, FIPS-180-2 Secure Hash Standard (SHA-1, SHA-2, SHA-384, SHA-512), Aug 2002 RFC-4231 - Ideentifiers and Test Vectors for HMAC-SHA-224, HMAC-SGA-256, HMAC-SHA-384 and HMAC-SHA-512, Dec 2005 RFC-4494 - The AES-CMAC-96 Algorithm and its use with IPsec, Jun 2006 |
| IKE и IKEv2 |
RFC-2407 - The Internet IP Security Domain of Interpretation for ISAKMP, Nov 1998 RFC-2408 - Internat Security Association and Key Management Protocol (ISAKMP), Nov 1998 RFC-2409 - The Internet Key Exchange (IKE), Nov 1998 RFC-4109 - Algorithm for Internet Key Exchange version 1 (IKEv1), May 2005 RFC-4306 - The Internet Key Exchange (IKEv2) Protocol, Dec 2005 RFC-4434 - The AES-XCBC-PRF-128 Algorithm for the Internet Key Exchange Protocol (IKE), Feb 2006 |
| NAT |
RFC-3022 - Traditional IP Network Address Translator (Traditional NAT), Jan 2001 RFC-3715 - IPsec-Network Address Translation (NAT) Compartibility Requirements, May 2004 RFC-3948 - VDP Encapsulation of IPsec ESP Packets, Jan 2005 |
| IP Protocol Numbers | www.iana.org/assignments/protocol-numbers |
| RTP и SRTP |
RFC-3550 - RTP: A Transport Protocol for Real-Time Applications, Jul 2003 RFC-3711 - The Secure Real-time Transport Protocol (SRTP), Mar 2004 RFC-3551 - RTP Profile for Audio and Video Conferences with Minimal Control, Jul 2006 RFC-4568 - Session Description Protocol (SDP) Security Descriptions for Media Streams, Jul 2006 |
| Diffie-Hellman |
RFC-2539 - Storage of Diffie-Hellman Keys in the Domain Name System (DNS), Mar 1999 RFC-2631 - Diffie-Hellman Keys Agreement Method, Jun 1999 RFC-3526 - More Modular Exponential (MODP) Diffie-Hellman groups for Internet Key Exchange (IKE), May 2003 RFC-5144 - (Jan 2008), -4754, -4753 и -4492 |
| IP | RFC-1191 - Path MTU Discovwry, Nov 1990 |
|
Previous: 10.33 Средства для борьбы со spyware
UP:
10 Приложения Next: 10.35 Программы с открытым кодом |