Skip to main content
Springer Nature Link
Log in

IPSec Support in NAT-PT Scenario for IPv6 Transition

  • Conference paper
Information Security (ISC 2005)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 3650))

Included in the following conference series:

Abstract

Applying IPSec in NAT-PT environment for end-to-end security fails due to the problems caused by the IP header conversion in NAT-PT server. The IP header conversion causes the receiver to fail to verify the TCP/UDP checksum and the ICV value of the AH header. This study analyses potential problems in applying the IPSec between the IPv6-only node and an IPv4-only node, and proposes a solution to enable the receiver successfully ver-ify the IPSec packet. We also analyze that why the existing NAT-traversal so-lutions in IPv4 fails in NAT-PT environment.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. Tsirtsis, G., Srisuresh, P.: Network Address Translation Protocol Translation (NAT-PT), RFC 2766, 2 (2000)

    Google Scholar 

  2. Satapati, S.: NAT-PT Applicability, draft-satapati-v6ops-natpt-applicability-00 (October 2003)

    Google Scholar 

  3. Egevang, K., Francis, P.: The IP Network Address Translator (NAT), RFC 1631, 5 (1994)

    Google Scholar 

  4. Kivinen, T.: Negotiation of NAT-Traversal in the IKE, draft-ietf-IPSec-nat-t-ike-08 (February 2004)

    Google Scholar 

  5. Huttunen, A., et al.: UDP Encapsulation of IPSec Packets, draft-ietf-IPSec-udp-encaps-6.txt (January 2003)

    Google Scholar 

  6. Montenegro, G., Borella, M.: RSIP Support for End-to-end IPSec, RFC 3104 (October 2001)

    Google Scholar 

  7. Nordmark, E.: Stateless IP/ICMP Translation Algorithm (SIIT), RFC 2765 (February 2000)

    Google Scholar 

  8. Kent, S., Atkinson, R.: Security Architecture for the Internet Protocol, RFC 2401 (November 1998)

    Google Scholar 

  9. Kent, S., Atkinson, R.: IP Encapsulating Security Payload (ESP), RFC 2406 (November 1998)

    Google Scholar 

  10. Kent, S., Atkinson, R.: IP Authentication Header, RFC 2402 (November 1998)

    Google Scholar 

  11. Harkins, D., Carrel, D.: The Internet Key Exchange (IKE), RFC 2409 (November 1998)

    Google Scholar 

  12. Aboba, B., et al.: IPSec-Network Address Translation (NAT) Compatibility Requirements, RFC 3715 (March 2004)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. School of Electronic Engineering, Soongsil University, 1-1, Sangdo-dong, Dongjak-ku, Seoul, 156-743, Korea

    Souhwan Jung, Jaeduck Choi & Younghan Kim

  2. Telecommunication R&D Center Samsung Electronics Co. Ltd, 416, Maetan-3dong, Yeongtong-gu, Suwon-si, Gyeonggi-do, 442-600, Korea

    Sungi Kim

Authors
  1. Souhwan Jung
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Jaeduck Choi
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Younghan Kim
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Sungi Kim
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Cryptography and Security Department Institute for Infocomm Research, Singapore

    Jianying Zhou

  2. Department of Information and Communication Technologies, University of A Coruña, Spain

    Javier Lopez

  3. School of Information Systems, Singapore Management University, Singapore

    Robert H. Deng

  4. Institute for Infocomm Research, 119613, Singapore

    Feng Bao

Rights and permissions

Reprints and permissions

Copyright information

© 2005 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Jung, S., Choi, J., Kim, Y., Kim, S. (2005). IPSec Support in NAT-PT Scenario for IPv6 Transition. In: Zhou, J., Lopez, J., Deng, R.H., Bao, F. (eds) Information Security. ISC 2005. Lecture Notes in Computer Science, vol 3650. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11556992_14

Download citation

  • DOI: https://doi.org/10.1007/11556992_14

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-29001-8

  • Online ISBN: 978-3-540-31930-6

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics