In-Depth Investigation of IPsec IKE


Supervision: Dennis Felsch

Start date: Jederzeit

More details:


After the publication of the QUIC protocol and during the subsequent discussions on TLS 1.3, the IT security research community has made big advances in the understanding of real-world cryptographic handshake protocols. These advances both concern the interaction of cryptographic primitives, the state machines involved, and security requirements for implementations. However, most of this work was dedicated to TLS and related protocols like QUIC. Other handshake protocols like IPsec IKE could not yet profit from the advances made in the state-of-the art.

The goal of this thesis is to analyze common IPsec implementations for generic vulnerabilities like invalid curve attacks, small subgroup attacks, state confusion, etc. A result of this thesis should be a tool that could later be used to test any implementation of IKE for these known attacks.


  • Erfolgreiche Teilnahme an den Netzsicherheit 1/2 Vorlesungen
  • Sehr gute Programmierkenntnisse in Java
  • Kenntnisse im Umgang mit Git und Maven sind von Vorteil, aber nicht notwendig