Share via


IKE Authentication (Windows Embedded CE 6.0)

1/6/2010

The Windows Embedded CE implementation of IPSec supports the IPSec Internet Key Exchange (IKE) protocol. IKE is used to enhance security for virtual private network (VPN) negotiation and remote host or network access.

Specified in IETF Request for Comments (RFC) 2409, IKE defines an automatic means of negotiation and authentication for IPSec security associations (SA). Security associations are security policies defined for communication between two or more entities; the relationship between the entities is represented by a key.

The IKE protocol enhances security for SA communication without the preconfiguration that would otherwise be required.

IKE Modes

IPSec v4 supports the following IKE modes:

IKE Encryption Algorithms

IPSec supports the following IKE encryption algorithms:

  • DES
  • 3DES

IKE Authentication Algorithms

IPSec supports the following IKE authentication algorithms:

  • MD5
  • SHA-1

IKE Authentication Methods

IPSec supports the following IKE authentication methods:

  • Preshared key
  • User certificates

IKE Diffie Hellman Groups

The following list shows the Diffie-Hellman (DH) groups that IPSec supports:

  • Group 1 (DH 768)
  • Group 2 (DH 1024)
  • Group 14 (DH 2048)

Group 5 (DH 1536) is not supported in Windows Embedded CE.

See Also

Concepts

IPSec Application Development

Other Resources

Security Association