Security processing method, device and processing chip, network equipment

A technology of processing method and processing device, which is applied in the communication field and can solve problems such as low processing efficiency

Active Publication Date: 2011-11-30
BEIJING XINWANG RUIJIE NETWORK TECH CO LTD
View PDF2 Cites 6 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0023] Embodiments of the present invention provide a security processing method, device, processing chip, and network equ...

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Security processing method, device and processing chip, network equipment
  • Security processing method, device and processing chip, network equipment
  • Security processing method, device and processing chip, network equipment

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0039] Such as Figure 4 As shown, it is a schematic flow diagram of the security processing method proposed in Embodiment 1 of the present invention, and its specific processing flow is as follows:

[0040] Step 41, obtaining the security processing method of the IPsec data that needs security processing;

[0041] The processing chip obtains from the IPsec upper layer processing unit the IPsec data that requires security processing and the processing parameters when performing security processing on the IPsec data. The above processing parameters include the security processing method and the security processing key. If encryption is required processing, the security processing key contains the encryption key; if authentication processing is required, the security processing key contains the authentication key; if encryption processing is required first, and then authentication processing is performed, the security processing key The key contains both the encryption key and ...

Embodiment 2

[0073] Such as Figure 6 As shown, the security processing method of IPsec data a is AES+AH, and the security processing method of IPsec data b is DES+AH, wherein, the authentication processing method corresponding to the AES algorithm is the software authentication processing method, and the authentication processing method corresponding to the DES algorithm is The method is the hardware authentication processing method. After the processing chip performs PD processing on the IPsec data a, the corresponding PD table is obtained, and then the PD table of the IPsec data a is put into the hardware encryption processing queue corresponding to the hardware AES unit, and the hardware AES unit is placed in the hardware encryption processing queue according to the The time points are sequentially extracted from the hardware encryption processing queue in order of first arrival, and then the hardware encryption processing is performed on the IPsec data corresponding to the extracted P...

Embodiment 3

[0075] Embodiment 3 of the present invention provides a security processing device, the structure of which is as follows Figure 7 shown, including:

[0076] A security processing mode obtaining module 71, configured to obtain the security processing mode of the IPsec data requiring security processing;

[0077] An authentication processing determination module 72, configured to determine that the IPsec data needs to be encrypted and then authenticated according to the security processing method obtained by the security processing method obtaining module 71;

[0078] An encryption algorithm obtaining module 73, configured to obtain an encryption algorithm for encrypting the IPsec data;

[0079] An authentication processing method determining module 74, configured to determine an authentication processing method for performing authentication processing on the IPsec data according to the encryption algorithm obtained by the encryption algorithm obtaining module 73, the authenti...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a security processing method, a security processing device, a processing chip and network equipment. The method comprises the following steps of: obtaining a security processing way for Internet protocol security (IPsec) data requiring security processing; if authentication processing is determined to be required after encryption processing is performed on the IPsec data according to the security processing way, obtaining an encryption algorithm for the encryption processing of the IPsec data; determining an authentication processing way for the authentication processing of the IPsec data according to the obtained encryption algorithm, wherein the authentication processing way comprises a software authentication processing way and a hardware authentication processing way; performing hardware encryption processing on the IPsec data according to the obtained encryption algorithm; and performing the authentication processing on the hardware-encrypted IPsec data according to the determined authentication processing way. By the technical scheme provided by the invention, the problem of relatively lower processing efficiency in the authentication processing of the IPsec data in the prior art is solved.

Description

technical field [0001] The present invention relates to the technical field of communications, in particular to a security processing method, device, processing chip, and network equipment. Background technique [0002] Internet Protocol Security (IPsec, Internet Protocol security) is a three-layer tunnel encryption protocol formulated by the Internet Engineering Task Force (IETF, Internet Engineering Task Force). Confidential and secure communication over the Internet. [0003] The processing chip provides two mechanisms for performing security processing on IPsec data: encryption processing and authentication processing. Encryption processing and authentication processing on IPsec data are collectively referred to as performing security processing. When performing security processing on IPsec data, the algorithms adopted include Data Encryption Standard (DES, Data Encryption Standard) algorithm, Advanced Encryption Standard (AES, Advanced Encryption Standard) algorithm an...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/06H04L9/06
Inventor 汪星星
Owner BEIJING XINWANG RUIJIE NETWORK TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap