Abstract: Standard IPSec doesn't provide any guarantees about the integrity of the endpoints when an IPSec linkage is established. And the remote attestation in trusted computing is to provide security evidence of the user for the accessed server. So it can avoid terminal security vulnerability in IPSec to introduce the remote attestation into IPSec. IKE negotianon of IPSec and remote attestation mechanism were analyzed firstly. Then taking IKE main mode based on figure signature for example, an extended IPSec protocol based on remote attestation and its security analysis were presented. In the extended IPSec protocol,remote attestation mechanism was introduced into IKE negotiation. hhis protocol can complete double authentications including identity and system integrity by using a certificate with a SKAE extension to ensure an end-to-end secure linkage. Besides, the protocol can guarantee not only information' s confidentiality, integrity and freshness,but also endpoints' privacy.

Key words: IPSec, IKE negotiation, Remote attestation, Trusted computing, Integrity measurement