论文部分内容阅读
本文研究了Internet网络层IP安全协议亟待解决的理论和技术问题,提出一种适合于非连接IP数据加密业务密码同步的滑动窗口机制,从理论上描述了安全协议的运行状态,并对安全协议进行了扩展.针对非连接IP的特点以及目前sessionlessSKIP密钥管理的弱点,本文给出了无会话密钥管理的定义,提出了一种基于椭圆曲线理论的非会话密钥管理方案,该方案与传统方案相比可减少密钥长度,提高安全性能,同时有效地减少密钥计算的时间.最后,本文描述了安全IP在UNIX内核中的实现技术,该实现技术可使安全IP跨多种平台运行.
This paper studies the theoretical and technical problems to be solved urgently in the Internet network layer IP security protocol and proposes a sliding window mechanism which is suitable for the password synchronization in the non-connected IP data encryption business. The paper describes the operation state of the security protocol theoretically and analyzes the security protocol Expanded. Aiming at the characteristics of non-connected IP and the weaknesses of the current sessionlessSKIP key management, this paper gives the definition of sessionless key management, and proposes a non-session key management scheme based on elliptic curve theory. Compared with the traditional scheme Can reduce the key length, improve the safety performance, reduce the key computation time effectively at the same time. Finally, this article describes the implementation of Secure IP in the UNIX kernel, which enables secure IP to run across multiple platforms.