Secure neighbor discovery between hosts connected through a proxy

A technology of neighbor discovery and proxy connection, applied in security devices, wireless communication, network data management, etc., can solve the problems of RSA signature invalidation, discarding, insecurity, etc.

Inactive Publication Date: 2010-09-22
TELEFON AB LM ERICSSON (PUBL)
View PDF3 Cites 12 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Proxy operations invalidate RSA signatures, causing SEND-capable nodes receiving ND messages to discard such messages, or deem them insecure

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Secure neighbor discovery between hosts connected through a proxy
  • Secure neighbor discovery between hosts connected through a proxy
  • Secure neighbor discovery between hosts connected through a proxy

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0035] The innovative teachings of the present invention are described below with specific reference to various exemplary uses and aspects of the preferred embodiment. It should be understood, however, that this embodiment provides only a number of examples of the many advantageous uses of the innovative teachings of the present invention. In general, statements made in the specification of the present application do not necessarily limit any of the various claimed aspects of the invention. Additionally, some statements may apply to some inventive features but not to others. In the description of the figures, like reference numerals refer to like elements of the invention.

[0036] According to the invention, the roles of address ownership and address advertisement are clearly separated. The normal operation of a standard Neighbor Discovery (ND) proxy is defined in Internet Task Engineering Task Force (IETF) Request for Comments (RFC) number 4389. The present invention prov...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

A method, a proxy and a host are provided for securing neighbor discovery (ND) signaling between hosts when the hosts are connected through the proxy. A first host sends an original ND message comprising a first signature based on an address of the first host. The proxy removes the address of the first host and substitutes its own address in a modified ND message. The proxy then places a copy of the address of the first host in a new field and builds a proxy signature based on the own address of the proxy and on the new field. The new field and the proxy signature are added to the modified ND message. A second host receives the modified ND message from the proxy and verifies the proxy signature. The second host reconstructs the original ND message content and then verifies the first signature.

Description

technical field [0001] The present invention relates to a method, proxy and host for securely proxying discovery messages. Background technique [0002] In packet-switched computer networks, nodes such as hosts and routers use neighbor discovery (ND) signaling to determine the link-layer addresses of neighbors known to be on attached links. To allow networks to exist beyond a single link, bridges are often used to connect subnets that do not share a common link. ND Proxy provides a method for bridging multiple links into a single network. To do this, they modify the ND signaling through them. The Internet Task Engineering Team (IETF) published a Request for Comments (RFC) RFC4389 entitled "Neighbor Discovery Proxies (ND Proxy)" ('Neighbor Discovery Proxies (ND Proxy)), which describes a method by which Method bridges multiple link-layer segments into a single segment through a proxy. RFC4389 specifies the Internet Control Message Protocol (ICMP) Neighbor Solicitation (Ne...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06G06F21/00G06F21/64
CPCH04L63/0823H04L63/1441H04L63/126H04W12/10H04W80/04H04W88/182H04L63/0281H04W8/26H04L63/162H04W12/106
Inventor S·克里什南
Owner TELEFON AB LM ERICSSON (PUBL)
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap