An Authenticated Key Exchange Protocol in IPv6
FhG Fokus
This document proposes an authenticated key exchange scheme enabling two nodes to establish a security association in a way robust to man in the middle attacks. The scheme is based on owner-bound IP addresses and DNS lookups. The proposed scheme relies on the fact that an attacker cannot timely produce a piece of information to match the output of a one way function.