International Business Machines Corporation
GENERATION OF A SECURE KEY EXCHANGE AUTHENTICATION RESPONSE IN A COMPUTING ENVIRONMENT

Abstract:

Aspects of the invention include generation of a secure key exchange (SKE) authentication response by a responder node of a computing environment. A computer-implemented method includes receiving an authentication request message at a responder channel on the responder node from an initiator channel on an initiator node to establish a secure communication, the receiving at a local key manager (LKM) executing on the responder node. A state check is performed based on a security association of the initiator node and the responder node. A validation of the authentication request message is performed. A proposal list of the authentication request message is checked. An authentication response message is built based at least in part on a successful state check, a successful validation, and selecting an encryption algorithm from the proposal list. The authentication response message is sent from the LKM to the responder channel.