Message anti-replay method, message anti-replay device and network device

An anti-replay and message technology, applied in the direction of data exchange network, digital transmission system, electrical components, etc., can solve the problems of low processing efficiency and complex processing, so as to improve processing efficiency, reduce system overhead, and reduce processing complexity Effect

Active Publication Date: 2012-11-07
RUIJIE NETWORKS CO LTD
View PDF4 Cites 22 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0017] In view of this, the embodiment of the present invention provides an IPSec-based anti-replay method and device, and network equipment to solve the problems of complex processing and low processing efficiency in the existing technology of anti-replay processing through sliding windows

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Message anti-replay method, message anti-replay device and network device
  • Message anti-replay method, message anti-replay device and network device
  • Message anti-replay method, message anti-replay device and network device

Examples

Experimental program
Comparison scheme
Effect test

example 1

[0070] Example 1, the serial number N=WT+1 of the currently received IPSec message, that is, a=1, at this time, a Figure 5b shown; and add 1 to the sequence number corresponding to each bit in the shifted sliding window; mark the bit corresponding to the shifted WT' as 1.

[0071] Example two, the serial number N=WT+6 of the currently received IPSec message, that is, a=6, according to the embodiment of the present invention, the processing of cyclic shift is provided, that is, the processing of the above-mentioned steps 310 to 314, such as Figure 5cAs shown, aMT-WT=7-5=2, determine the bit b beyond the right boundary of the receiving window after the sliding window is shifted, b=WT+a-MT=5+6-7= 4. Determine the right boundary WT' of the shifted sliding window, WT'=MB-1+b=0-1+4=3, that is, take bit3 of Block0 as the right boundary WT' of the shifted sliding window, and determine the shifted The left boundary WB' of the sliding window after the bit, WB'=WB+6, that is, the left b...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a message anti-replay method, a message anti-replay device and a network device which are based on IPSec (internet protocol security). The method includes: comparing a serial number of an IPSec message with a preset serial number range corresponding to a sliding window in a receiving window, and filtering the replay message by means of cyclic shift of the sliding window in the receiving window according to a comparison result. Sliding shift of the sliding window can be achieved only by cyclic shift of the sliding window in the receiving window, and the replay message can be filtered by means of cyclic shift of the sliding window, so that processing complexity of shift of the sliding window can be lowered, system overhead is reduced, and processing efficiency is improved. Therefore, the problems of processing complexity and low processing efficiency due to the fact that message anti-replay processing is performed by shifting the sliding window by means of sequential shift in the prior art are solved.

Description

technical field [0001] The invention relates to a data communication system, in particular to an IPSec-based message anti-replay method and device, and network equipment. Background technique [0002] IPSec (IP Security) is a three-layer tunnel encryption protocol formulated by IETF, which provides high-quality, interoperable, and cryptographic-based security guarantees for data transmitted on the Internet. IPSec provides communication parties with security services such as encryption and data source authentication, including anti-replay (Anti-Replay), that is, IPSec receivers can detect and refuse to receive outdated or duplicate packets. [0003] Replay means that the attacker intercepts and records the information during the protocol operation, and retransmits the recorded information to the same information receiver in the future protocol operation to obtain the corresponding secret information. The attacker does not need to know the replayed information. Put the specif...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L12/56
Inventor 黄志忠
Owner RUIJIE NETWORKS CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap