@techreport{harkins-ipsra-crack-00, number = {draft-harkins-ipsra-crack-00}, type = {Internet-Draft}, institution = {Internet Engineering Task Force}, publisher = {Internet Engineering Task Force}, note = {Work in Progress}, url = {https://datatracker.ietf.org/doc/draft-harkins-ipsra-crack/00/}, author = {Dan Harkins and Derrell Piper}, title = {{IKE Challenge/Response for Authenticated Cryptographic Keys (Revised) }}, pagetotal = 20, year = 2000, month = aug, day = 25, abstract = {This memo describes a new IKE authentication method ({[}HC98{]}) which provides for mutual authentication when one side is using a legacy- based secret-key authentication technique such as RADIUS, SecurID, or OTP and the other side is using public-key authentication, with optional digital certificates. The generic protocol described herein is an open-ended IKE phase 1 exchange ({[}HC98{]}). The result of this exchange is a mutually authenticated IKE security association ({[}HC98{]}). The keys that are derived from this SA are also authenticated and thereby convey this state to any SA's created from it for any other security service, such as IPsec {[}Pip98{]}.}, }