| Internet网络层安全协议理论研究与实现 |
| |
| 引用本文: | 韦卫,王德杰,王行刚.Internet网络层安全协议理论研究与实现[J].计算机学报,1999,22(2):171-176. |
| |
| 作者姓名: | 韦卫 王德杰 王行刚 |
| |
| 作者单位: | 中国科学院计算技术研究所,北京,100080 |
| |
| 摘 要: | 本文研究了Internet网络层IP安全协议亟待解决的理论和技术问题,提出一种适合于非连接IP数据加密业务密码同步的滑动窗口机制,从理论上描述了安全协议的运行状态,并对安全协议进行了扩展。针对非连接IP的特点以及目前sessionlessSKIP密钥管理的弱点,本文给出了无会话密钥管理的定义,提出了一种基于椭圆曲线理论的非会话密钥管理方案,该方案与传统主案相比可减少密钥长度,提高安全性能,同时有
|
| 关 键 词: | 安全Internet协议 密钥管理 椭圆曲线公钥密码 UNIX流机制 |
| 修稿时间: | 1998年1月7日 |
THEORETIC RESEARCHES AND IMPLEMENTATION OF IP SECURING PROTOCOL VIA INTERNET NETWORK LAYER |
| |
| WEI Wei,WANG De-jie,WANG Xing-Gang.THEORETIC RESEARCHES AND IMPLEMENTATION OF IP SECURING PROTOCOL VIA INTERNET NETWORK LAYER[J].Chinese Journal of Computers,1999,22(2):171-176. |
| |
| Authors: | WEI Wei WANG De-jie WANG Xing-Gang |
| |
| Abstract: | This paper investigates the theory and technique of Internet network layer secure protocols. It can also be considered as the extension of IETF's IPSEC such as RFCs and drafts. In order to synchronize the cryptographic algorithms through the connectionless oriented Internet Protocol, a new slipping window mechanism is presented, then the state of secure IP is described on the view of theory. The Simple Key management for Internet Protocol, SKIP, is a sessionless oriented protocol adapting to the connectionless oriented protocol IP. The great disadvantage of SKIP is that the computing efficiency will decrease quickly as the key length increases, when one wants to get more security based on Diffie Hellman key agreement. So this paper suggests a new sessionless oriented scheme, the elliptic curve public key exchange. It can reduce the key size and computing time meanwhile increase the difficulty of attack comparing to D H. Finally, the implementation of secure IP in UNIX kernel is described here, which can run on various hardware platforms with UNIX operating system. |
| |
| Keywords: | Secure IP key management elliptic curve public key UNIX stream mechanism |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
|
