UNLIMITED FREE
ACCESS TO THE WORLD'S BEST IDEAS

SUBMIT
Already a GlobalSpec user? Log in.

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.

Customize Your GlobalSpec Experience

Select Your Free Newsletters

Industry Newsletters

Select Your Free Product Alerts

Finish!
Privacy Policy

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.

IETF RFC 8247

Algorithm Implementation Requirements and Usage Guidance for the Internet Key Exchange Protocol Version 2 (IKEv2)

active, Most Current
Buy Now
Organization: IETF
Publication Date: 1 September 2017
Status: active
Page Count: 19
scope:

The IPsec series of protocols makes use of various cryptographic algorithms in order to provide security services. The Internet Key Exchange (IKE) protocol is used to negotiate the IPsec Security Association (IPsec SA) parameters, such as which algorithms should be used. To ensure interoperability between different implementations, it is necessary to specify a set of algorithm implementation requirements and usage guidance to ensure that there is at least one algorithm that all implementations support. This document updates RFC 7296 and obsoletes RFC 4307 in defining the current algorithm implementation requirements and usage guidance for IKEv2, and does minor cleaning up of the IKEv2 IANA registry. This document does not update the algorithms used for packet encryption using IPsec Encapsulating Security Payload (ESP).

Document History

IETF RFC 8247
September 1, 2017
Algorithm Implementation Requirements and Usage Guidance for the Internet Key Exchange Protocol Version 2 (IKEv2)
The IPsec series of protocols makes use of various cryptographic algorithms in order to provide security services. The Internet Key Exchange (IKE) protocol is used to negotiate the IPsec Security...

References

This document references:
IEEE 802.15.4 - Low-Rate Wireless Networks Amendment 2: Low Power Wide Area Network (LPWAN) Extension to the Low-Energy Critical Infrastructure Monitoring (LECIM) Physical Layer (PHY)
Published by IEEE on June 4, 2020
A description is not available for this item.
This document references:
802.15.9 - Transport of Key Management Protocol (KMP) Datagrams
Published by IEEE on June 16, 2021
This standard defines security key management extensions to address session key generation (both 128-bit and 256-bit key lengths), the creation and/or transport of broadcast/multicast keys, and...
This document references:
IETF RFC 4106 - The Use of Galois/Counter Mode (GCM) in IPsec Encapsulating Security Payload (ESP)
Published by IETF on June 1, 2005
This memo describes the use of the Advanced Encryption Standard (AES) in Galois/Counter Mode (GCM) as an IPsec Encapsulating Security Payload (ESP) mechanism to provide confidentiality and data...
This document references:
IETF RFC 5282 - Using Authenticated Encryption Algorithms with the Encrypted Payload of the Internet Key Exchange version 2 (IKEv2) Protocol
Published by IETF on August 1, 2008
An authenticated encryption algorithm combines encryption and integrity into a single operation; such algorithms may also be referred to as combined modes of an encryption cipher or as combined mode...
This document is referenced by:
1588A - A Precision Clock Synchronization Protocol for Networked Measurement and Control Systems Amendment 3: Precision Time Protocol (PTP) Enhancements for Best Master Clock Algorithm (BMCA) Mechanisms
Published by IEEE on September 21, 2023
Updates to information and messages for the Enhanced Accuracy TLV are provided in this amendment to IEEE 1588-2019. This amendment also clarifies the operation of the best master clock algorithm...
This document is referenced by:
RFC 8994 - An Autonomic Control Plane (ACP)
Published by IETF on May 1, 2021
Applicability and Scope Please see the following Terminology section (Section 2) for explanations of terms used in this section. The design of the ACP as defined in this document is considered to be...
This document is referenced by:
61588 - Precision Clock Synchronization Protocol for Networked Measurement and Control Systems
Published by IEC on June 1, 2021
This standard defines a network protocol, the Precision Time Protocol (PTP), enabling accurate and precise synchronization of the real-time clocks of devices in networked distributed systems. The...
This document is referenced by:
RFC 9061 - A YANG Data Model for IPsec Flow Protection Based on Software‑Defined Networking (SDN)
Published by IETF on July 1, 2021
Abstract This document describes how to provide IPsec-based flow protection (integrity and confidentiality) by means of an Interface to Network Security Function (I2NSF) Controller. It considers two...
This document is referenced by:
BS IEC 61588 - Precision clock synchronization protocol for networked measurement and control systems
Published by BSI on June 30, 2009
A description is not available for this item.
This document supersedes:
IETF RFC 4307 - Cryptographic Algorithms for Use in the Internet Key Exchange Version 2 (IKEv2)
Published by IETF on December 1, 2005
The IPsec series of protocols makes use of various cryptographic algorithms in order to provide security services. The Internet Key Exchange (IKE (RFC 2409) and IKEv2) provide a mechanism to...
This document supersedes:
IETF RFC 4307 - Cryptographic Algorithms for Use in the Internet Key Exchange Version 2 (IKEv2)
Published by IETF on December 1, 2005
The IPsec series of protocols makes use of various cryptographic algorithms in order to provide security services. The Internet Key Exchange (IKE (RFC 2409) and IKEv2) provide a mechanism to...
View Less
View All
Advertisement