Key determination protocol based on the Diffie-Hellman algorithm that provides added security, including authentication. Oakley was the key-exchange algorithm mandated for use with the initial version of ISAKMP, although various algorithms can be used. Oakley describes a series of key exchanges called "modes" and details the services provided by each; for example, Perfect Forward Secrecy for keys, identity protection, and authentication. See also ISAKMP.