To secure data over the Internet, the Internet Engineering Task Force (IETF) has recommended a set of protocols for the Internet Protocol (IP). These suites of secure protocols are referred to as Internet Protocol Security (IPSEC) protocols. IPSEC is a developing standard for security at the network or packet processing layer of network communication. Earlier security approaches had inserted security at the application layer of the communications model. IPSEC is especially useful for implementing virtual private networks and for remote user access through dial-up connection to private networks. A significant advantage of IPSEC is that security arrangements can be handled without requiring changes to individual user computers.
The IPSEC protocols rely on keys to encrypt and decrypt the data. Two parties wishing to exchange data securely using IPSEC exchange IPSEC keys between them. The secure exchange of IPSEC keys is a major factor in determining the security and the integrity of a whole system. Other factors include the strength of crypto-algorithm (DES, 3 DES), procedures, etc.
For large scale deployment of IPSEC and automatic exchange of keys between parties the IETF has defined a key exchange protocol known as the IKE (Internet Key Exchange). The IKE allows two parties to exchange IPSEC keys securely and automatically over the Internet. The IPSEC keys are exchanged by IKE by negotiating Security Associations (SA's) between the two parties. Security Associations (SA's) are simplex connections that afford security services to the traffic being carried. In other words, two sides wishing to communicate using IPSecurity (as defined by the IETF) negotiate and have Security Associations among them. The SA's specify the security parameters that should be used to communicate with the other party. For bi-directional communication, each party typically has two SA's—incoming and outgoing. For added security (to avoid key compromise) and to prevent crypto analysis of the data transferred, RFC 2401 (the IPSEC RFC), recommends that an SA be valid for only a short period of time (e.g. 20 minutes) and that new keys should be exchanged at regular intervals. Accordingly, two parties need to renegotiate another set of security associations (SA's) if they wish to continue the exchange of data after the previous SA expires. The IPSEC RFC recommends two types of units to specify the life of the SA, i.e., time and/or bytes of data transferred. Thus, if the SA life is specified as 10 Mbytes then the two parties can exchange up to 10 Mbytes of data using the current SA. To send more data, the two parties should negotiate another set of SA's for every 10 Mbytes of data.
RFC 2401 specifies the SA life in time and bytes. When a SA life is specified in time units, in order to continue to send data, an initiator system has to renegotiate another set of SA's after the SA lifetime expires. While a new SA is being renegotiated, no data can flow. To prevent data flow interruption, often a system designer anticipates the expiration of a current SA. Before the current SA expires, the initiator system starts renegotiation of new SA's such that new SA's are available as soon as the current SA's expire. This prevents data flow interruptions.
The lifespans of SA's based on time units are relatively easy to renegotiate in advance. This is because the system designer can safely assume the time it might take to negotiate a set of SA's. Based on the time to renegotiate a new SA and the time left before the old SA expires, the system designer can compute the time the system can start new SA negotiations and thus prevent data interruptions. For example, if a current SA expires at T seconds and if it takes 15 seconds to negotiate a set of SA (worst case), then the system can start renegotiation T−15 seconds before the current SA expires and thus preventing data loss/interruptions.
When SA's are specified with life units based on bytes, it is not easy for a system to predict when the SA is going to expire. This is because the data flow is not always uniform. The Internet data flow is bursty in nature. That is, there could be a burst of data flow between the two systems followed by a lull and another burst. Predictability is extremely important in high-speed data communication systems where any interruption in the flow of data occurring due to SA re-negotiation can cause loss of lot of data. A need therefore exists to accurately predicting the expiry of SA's based in bytes.