Information, Computer and Network Security Terms Glossary and Dictionary

PIC: Pre-IKE Credential Provisioning Protocol

Pre-IKE Credential (PIC) Provisioning Protocol is a proposed replacement for the Internet Key Exchange (IKE) protocol. PIC presents a method to bootstrap IPSec authentication via an "Authentication Server" (AS) and legacy user authentication (e.g., RADIUS). The client machine communicates with the AS using a key exchange protocol where only the server is authenticated, and the derived keys are used to protect the legacy user authentication. Once the user is authenticated, the client machine obtains credentials from the AS that can be later used to authenticate the client in a standard IKE exchange with an IPSec-enabled security gateway. The later stage does not require user intervention. The proposed server-authenticated key exchange uses an ISAKMP-based protocol, similar to a simplified IKE exchange, and arbitrary legacy authentication is supported via the use of the EAP protocol.

Related Terms

PIC: Pre-IKE Credential Provisioning Protocol