Skip to main content
This is a pre-production deployment of Warehouse. Changes made here affect the production instance of PyPI (
Help us improve Python packaging - Donate today!

Minimalistic Internet Key Exchange protocol v2 (RFC 5996) library

Project Description

The goal of this project is to be a minimalistic IKEv2 (RFC 5996) implementation in Python.


This project is in early stages. Use at own risk.

It will make your IP stack talk ESP to the remote peer.

What it can do:

  • Act as an initiator
  • Authenticate itself and peer using raw RSA keys.
  • Install ESP SAs and SPD entries to use the key material via setkey command from ipsec-tools.

Limitations (hardcoded values):

  • Cipher algorithm is Camellia in CBC mode with 256 bit keys.
  • HMAC / Hash / PRF algorithm is SHA2/256.
  • IKE group is Diffie-Hellman modp 14.
  • Authentication (both own private and peer public) key file paths are hardcoded.
  • ‘setkey’ syntax is of whatever the ipsec-tools on Debian 7.1 accept.
  • Traffic selectors are myip:any:0-65535 <-> peerip:any:0-65535

Design principles

  • Minimal amount of code.
  • Support MUST features of draft-kivinen-ipsecme-ikev2-rfc5996bis-02 (RFC 5996 successor)
  • Use strongest algorithms possible.


You can read the Documentation at

What this project is NOT going to be

  • ISAKMP (IKEv1) RFC 2409 compliant
  • IPSec data plane / ESP protocol


  • MIT License
Release History

Release History

This version
History Node


History Node


History Node


History Node


History Node


History Node


History Node


Download Files

Download Files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

File Name & Checksum SHA256 Checksum Help Version File Type Upload Date
ike-0.1.0.linux-x86_64.tar.gz (27.1 kB) Copy SHA256 Checksum SHA256 any Dumb Binary Apr 8, 2014
ike-0.1.0-py3-none-any.whl (16.3 kB) Copy SHA256 Checksum SHA256 3.4 Wheel Apr 8, 2014
ike-0.1.0.tar.gz (12.0 kB) Copy SHA256 Checksum SHA256 Source Apr 8, 2014

Supported By

WebFaction WebFaction Technical Writing Elastic Elastic Search Pingdom Pingdom Monitoring Dyn Dyn DNS Sentry Sentry Error Logging CloudAMQP CloudAMQP RabbitMQ Heroku Heroku PaaS Kabu Creative Kabu Creative UX & Design Fastly Fastly CDN DigiCert DigiCert EV Certificate Rackspace Rackspace Cloud Servers DreamHost DreamHost Log Hosting