Go to All Categories list.
Go to All Applications list.
Application: Encrypted Key Exchange
<p>\nEncrypted Key Exchange (also known as EKE) is a family of password-authenticated key agreement methods described by Steven M. Bellovin and Michael Merritt. Although several of the forms of EKE in this paper were later found to be flawed, the surviving, refined, and enhanced forms of EKE effectively make this the first method to amplify a shared password into a shared key, where the shared key may subsequently be used to provide a zero-knowledge password proof or other functions.\n</p>\n<p>\nThis application identifies randomness in a TCP and UDP sessions between an application and a peer or server. Many applications that want to evade firewall detectionâ€”including Ultrasurf, Ammy Admin, Skype, Psiphon, eMule, and otherâ€”use encrypted TCP and UDP sessions. By nature an encrypted session is just a bunch of seemingly random bytes within the transport layer payload--how the bytes are interpreted is a mystery that only the applicationâ€™s protocol designers know. For this reason, all encrypted sessions look alike at the firewall, and there is no way to identify from which application the encrypted TCP session is coming. Therefore, enabling prevention for these signatures--SID 5 for TCP, and SID 7 for UDPâ€”will necessarily block all and any encrypted sessions emanating from these evasive applications. There is no way to distinguish between them.\n</p>\n