As might have become clear by now, IKE is a complex protocol, perhaps overly so. As we are implementing security, complexity is not something well looked upon. Complex protocols are implemented with complex programs which tend to have more bugs, and some bugs might just happen to be security breaches. Modular design with clear APIs internally helps reduce complexity and allows for easier auditing, but there is still a lot more risk with complex programs than with simple ones. There are simpler alternatives to IKE, more limited in functionality, but likely more secure [13].