Unlock instant, AI-driven research and patent intelligence for your innovation.

Desktop type IPSecVPN cryptographic machine and networking method

A cipher machine, desktop technology, applied in network interconnection, user identity/authority verification, data exchange through path configuration, etc., can solve the problems of encrypted products that cannot be protected by end users, large product size, and difficult to implement. , to achieve the effect of low power consumption, small size and fast transmission speed

Inactive Publication Date: 2013-08-28
CHANGCHUN INST OF OPTICS FINE MECHANICS & PHYSICS CHINESE ACAD OF SCI
View PDF3 Cites 2 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0006] The present invention provides a desktop IPSec VPN cipher machine and a networking scheme to solve the problems that the existing encryption products cannot be protected and used for end users, and the products are large in size, expensive in price, and difficult to implement.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Desktop type IPSecVPN cryptographic machine and networking method
  • Desktop type IPSecVPN cryptographic machine and networking method
  • Desktop type IPSecVPN cryptographic machine and networking method

Examples

Experimental program
Comparison scheme
Effect test

specific Embodiment approach 1

[0016] Specific implementation mode 1. Combination figure 1 Description of this embodiment, the desktop IPSec VPN cipher machine includes a plug-and-play smart cipher key for user identity authentication, a USB interface chip, an encryption and decryption algorithm chip SSX30 approved by the State Secrets Bureau, and a security key produced by the State Secrets Bureau. Memory chip SSX43, embedded processor, Ethernet interface chip, network filter, network interface. The client computer is connected to the embedded processor through the USB interface chip, mainly for the transmission of interactive data, and the communication speed is required to meet the normal Internet access requirements; the algorithm chip and the security chip are connected to the embedded processor through the bus and mainly used for device key storage And data encryption and decryption operations; the embedded processor converts data into network packets through the Ethernet interface chip, and further c...

specific Embodiment approach 2

[0025] Specific embodiment two, combine figure 2 and image 3 This embodiment is described. This embodiment is the networking method of the desktop IPSecVPN encryption machine described in Embodiment 1. After the user logs in to the device through the smart encryption key and the PIN password, the encryption machine automatically reads out the settings configured by the administrator. , and save it to the security policy database.

[0026] When an IP packet is sent from the user computer to the Internet, the outbound processing module first inquires whether there is a corresponding security association in the security association database, if not, the security association module can initiate IKE according to the "connect" command issued by the user negotiate. Before IKE negotiation, it is necessary to check whether there is a corresponding policy entry in the security policy database. If no rule is found, the negotiation will be rejected; if there is a corresponding securit...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention provides a desktop type IPSecVPN cryptographic machine and a networking method, and relates to the virtual private network technology. By means of the desktop type IPSecVPN cryptographic machine and the networking method, the problems that end users can not use the an existing encryption product protectively and the existing encryption product is large in size, expensive and not easy to implement are solved. The desktop type IPSecVPN cryptographic machine comprises an intelligent cipher key, a USB interface chip, an encryption and decryption algorithm chip, a secure storage chip, an embedded processor and an Ethernet interface chip. According to the networking method, a client-side computer is connected to the embedded processor through the USB interface chip, the transmission of interactive data is achieved; the encryption and decryption algorithm chip and the secure storage chip are connected to the embedded processor through buses, the equipment secret key storage and the data encryption and decryption algorithm are achieved; the embedded processor converts the data into a network packet through the Ethernet interface chip and transmits the network packet to an external internet. The cryptographic machine is small in size, low in consumption, convenient to connect, plug and play and suitable for portable use. The networking scheme based on the cryptographic machine is high in transmission speed.

Description

technical field [0001] The present invention relates to a low-cost, high-safety, and small-sized cipher device with high security that provides secure communication services for terminal users under the application of virtual private network technology, and proposes the most complex cipher device protected by the cipher machine Networking scheme. Background technique [0002] At present, virtual private network (VPN) is the most widely used network security technology, which provides a whole set of economical and security solutions. So far, based on the virtual private network, there are mainly three types of products that implement encrypted communication in accordance with the "IPSecVPN Technical Specifications" of the State Secrets Bureau: [0003] 1. The software encryption method based on the terminal operating system. Because this encrypted communication method is based on the design of the operating system, there are inevitably loopholes. Once a hacker successfully...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L12/46H04L9/32
Inventor 隋永新杨怀江娄洪伟章明朝周影
Owner CHANGCHUN INST OF OPTICS FINE MECHANICS & PHYSICS CHINESE ACAD OF SCI