Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Main-mode IKE negotiation method

A main mode, negotiating message technology, applied in the field of network communication, can solve the problem of uncertain ip address, unable to confirm the negotiation key of user identity, etc.

Inactive Publication Date: 2012-09-26
OPZOON TECH
View PDF5 Cites 2 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, in the main mode, the user identity information of the local end is only carried when the information is negotiated for the third time in IKE, and because the key must be determined before the second IKE mutual negotiation in the main mode, only the information of the packet can be used in the negotiation in the main mode. ip address, but cannot use the user identity to confirm the negotiation key configured in advance at the local end
The advantage is that the main mode is much stronger in terms of security than the aggressive mode, but when the ip address is uncertain (for example, the ip address after network address translation NAT), and the more secure main mode needs to be used for IKE tunnel establishment , it will not be possible to complete

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Main-mode IKE negotiation method
  • Main-mode IKE negotiation method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0022] The specific implementation manners of the present invention will be further described in detail below in conjunction with the accompanying drawings and embodiments. The following examples are used to illustrate the present invention, but are not intended to limit the scope of the present invention.

[0023] figure 1 It is a flow chart of the IKE main mode negotiation method according to an embodiment of the present invention; refer to figure 1 , the method includes:

[0024] When the front end initiates the first stage of IKE main mode negotiation to the opposite end, the said current end and the opposite end carry respective user identity information in the message sent during the first interactive negotiation;

[0025] The front end and the opposite end send DH encrypted information to each other during the second interactive negotiation;

[0026] The front end and the opposite end select corresponding keys according to the user identity information of the other p...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a main-mode IKE (Internet Key Exchange) negotiation method, which belongs to the field of network communication technology. The method comprises the following steps: embedding respective user identity information in a sending message at a first stage of the main-mode IKE negotiation initiated by the current end to the opposite end, when the current end and the opposite end are in first interaction negotiation; sending DH encryption information to the opposite end when the current end and the opposite end are in second interaction negotiation; and selecting corresponding secret key according to the user identity information of the opposite party and the DH encryption information when the current end and the opposite end are in third interaction negotiation. According to the invention, the respective user identity information is embedded in the sending message, when the current end and the opposite end are in first interaction negotiation, so that the method provided by the invention can be also realized when the ip address is uncertain.

Description

technical field [0001] The invention relates to the technical field of network communication, in particular to an IKE main mode negotiation method. Background technique [0002] The IKE negotiation method is divided into two modes: the main mode and the aggressive mode. In the aggressive mode, the corresponding key can be configured according to the user identity, and then the IKE negotiation interaction can be performed through this key. Aggressive mode can use the key corresponding to the user identity, because the user identity in the aggressive mode carries the local user identity information in the first negotiation packet, so after the peer end receives the negotiation packet, it can The user identity is matched to find the key corresponding to the user identity configured in advance on the local end. However, in the main mode, the user identity information of the local end is only carried when the information is negotiated for the third time in IKE, and because the k...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L29/06
Inventor 陈海滨
Owner OPZOON TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com