Message processing method, server and system

A message processing and server technology, applied in the field of network communication, can solve the problems of exposing the privacy of DHCPv6 client devices, and DUID being easily monitored or stolen.

Active Publication Date: 2020-01-10
HUAWEI TECH CO LTD
4 Cites 0 Cited by

AI-Extracted Technical Summary

Problems solved by technology

[0003] However, in practical applications, the above method has at least the following problems: DUID is eas...
View more

Method used

In the message processing method provided by the present embodiment, the DHCPv6 client device carries the first random identifier when sending the first message to the DHCPv6 server; when sending the second message, it carries the first random identifier and the preset algorithm A second random identifier is generated, and the second random identifier is a different random identifier from the first random identifier. Therefore, identifying the DHCPv6 client device by means of random identification helps to protect the privacy of the DHCPv6 client device and improve the security of network transmission.
[0125] In the message processing method provided in this embodiment, after the DHCPv6 server obtains the second random identifier, and determines that the relationship between the second random identifier and the first random identifier satisfies a preset algorithm, the The DHCPv6 client device identified by the random identifier is the DHCPv6 client device identified by the first random identifier. Since the random identifiers at different stages are associated through a preset algorithm, the DHCPv6 server can analyze the algorithm and map different random identifiers to the same DHCPv6 client device, which is helpful for the DHCPv6 server to conveniently count the online duration of the DHCPv6 client device, etc. information. In this way, allowing the same DHCPv6 client device to use different random identities helps to protect the privacy of the DHCPv6 client device and improve the security of network transmission.
[0155] The message processing method provided in this embodiment ensures that the DHCPv6 client device is identified by random identification, which helps to protect the privacy of the DHCPv6 client device. At the same time, for the DHCPv6 server, by determining the relationship between the random ID 2 and the random ID 1, the relationship between the random ID n and the random ID 1 satisfies the corresponding preset algorithm, different random IDs are corresponding to the same DHCPv6 On the client device, it is beneficial for the DHCPv6 server to conveniently count information such as the online duration of the DHCPv6 client device.
[0167] The DHCPv6 client device shown in FIG. 8 can execute the corresponding steps performed by the DHCPv6 client device in the method of the above embodiment. The DHCPv6 client device carries the first random identifier when sending the first message to the DHCPv6 server; when sending the second message, it carries the second random identifier generated by using the first random identifier and a preset algorithm, and the second random The identifier is a different random identifier than the first random identifier. Therefore, identifying the DHCPv6 client device by means of random identification helps to protect the privacy of the DHCPv6 client device and improve the security of network transmission.
[0181] The DHCPv6 client device shown in FIG. 9 can execute the corresponding steps performed by the DHCPv6 client device in the method of the above embodiment. The DHCPv6 client device carries the first random identifier when sending the first message to the DHCPv6 server; when sending the second message, it carries the second random identifier generated by using the first random identifier and a preset algorithm, and the second random The identifier is a different random identifier than the first random identifier. Therefore, identifying the DHCPv6 client device by means of random identification helps to protect the privacy of the DHCPv6 client device and improve the security of network transmission.
[0191] The DHCPv6 server shown in FIG. 10 can execute the corre...
View more

Abstract

A message processing method, device and system. The method includes that the DHCPv6 client device sends a first message for requesting allocation of an IPv6 address to the DHCPv6 server, the first message includes a first random identifier for identifying the DHCPv6 client device, and the first message does not including the DUID; receiving a first response message from the DHCPv6 server including the first IPV6 address, first configuration information and the first random identifier; sending a second message to the DHCPv6 server, the second message including using A second random identifier used to identify the DHCPv6 client device generated by a preset algorithm and the first random identifier, the second random identifier is different from the first random identifier, and the second message does not include The DUID; receiving a second response message from the DHCPv6 server that includes a second IPv6 address, second configuration information, and the second random identifier. Therefore, the problem that privacy is easily monitored or stolen during the interaction process between the DHCPv6 client device and the server is solved.

Application Domain

Data taking preventionSecurity arrangement

Technology Topic

Computer securityClient +4

Image

  • Message processing method, server and system
  • Message processing method, server and system
  • Message processing method, server and system

Examples

  • Experimental program(1)

Example Embodiment

[0080] The embodiments of the present invention provide a message processing method, device, and system to protect the privacy of the DHCPv6 client device and improve the security of network transmission in a business scenario where a DHCPv6 client device interacts with a server.
[0081] Detailed descriptions are provided below through specific embodiments.
[0082] In order to make the objectives, features, and advantages of the present invention more obvious and understandable, the technical solutions in the embodiments of the present invention will be clearly described below in conjunction with the accompanying drawings in the embodiments of the present invention. It is obvious that the implementation described below The examples are only a part of the embodiments of the present invention, not all the embodiments. Based on the embodiments of the present invention, all other embodiments obtained by those of ordinary skill in the art without creative work shall fall within the protection scope of the present invention.
[0083] The terms "first", "second", "third", and "fourth" in the specification, claims and drawings of the present application are used to distinguish different objects, rather than describing a specific order. In addition, the terms "including" and "having" are not exclusive. For example, a process, method, system, product, or device that includes a series of steps or units is not limited to the listed steps or units, and may also include unlisted steps or units.
[0084] figure 1 Is a flowchart of a message processing method according to an embodiment of the present invention, such as figure 1 As shown, the method can include:
[0085] S102. The DHCPv6 client device sends a first message for requesting the allocation of an IPv6 address to the DHCPv6 server, where the first message includes a first random identification, and the first random identification is generated by the DHCPv6 client device for identification. The random identifier of the DHCPv6 client device, and the first message does not include the DUID.
[0086] For example, the DHCPv6 server is responsible for controlling a range of IPv6 addresses. When the DHCPv6 client device logs in to the DHCPv6 server, it can automatically obtain the IPv6 address assigned by the DHCPv6 server. The DHCPv6 client device may send a first message for requesting the allocation of an IPv6 address to the DHCPv6 server, and the first message is, for example, a request (REQUEST) message. The first message includes a first random identifier, and the first random identifier is a random identifier generated by a DHCPv6 client device and used to identify the DHCPv6 client device. For example, the DHCPv6 client device may obtain the first random identifier by generating a random number. The first message does not include DUID. The position of the first random identifier in the first message is not limited, as long as it can be obtained by the DHCPv6 server. Among them, the specific form of the DHCPv6 client device is not limited, and it can be, but is not limited to, a desktop computer, a portable computer, a smart phone, a tablet computer, a wearable smart device, etc.
[0087] For example, the first message may be a REQUEST message, and the REQUEST message may include a client identifier option (Client Identifier Option). Exemplarily, the client identification option may be used to carry the first random identification. See figure 2 , figure 2 It is the format of the client identification option header in the embodiment of the present invention. Among them, the client identification option header format includes an option code field, an option length field, and a random identification field. Wherein, the option code field indicates the type of message delivery. For example, for the client identification option, the value of the option code field is: OPTION_CLIENTID(1). The option length field indicates the length of the random identification field. The random identification field may be used to carry the first random identification. The random identification field is of variable length.
[0088] S104. The DHCPv6 client device receives a first response message from the DHCPv6 server, where the first response message includes a first IPV6 address, first configuration information, and the first random identifier.
[0089] For example, after receiving the first message, the DHCPv6 server generates address binding information, where the address binding information includes the binding relationship between the first random identifier and the first IPv6 address and the first configuration information. The DHCPv6 server may send a first response (REPLY) message to the DHCPv6 client device. The first response message includes a first random identifier, and a first IPv6 address and first configuration information corresponding to the first random identifier. The first configuration information may include lease term information, for example. By carrying the first random identifier in the first response message, it is ensured that the DHCPv6 client device that sends the first message can receive the first response message from the DHCPv6 server.
[0090] S106: The DHCPv6 client device sends a second message to the DHCPv6 server, the second message includes a second random identifier, and the second random identifier is the DHCPv6 client device using a preset algorithm and the A random identifier generated by the first random identifier and used to identify the DHCPv6 client device, the second random identifier is different from the first random identifier, and the second message does not include the DUID.
[0091] For example, the DHCPv6 client device may send a second message to the DHCPv6 server. For example, the DHCPv6 client device sends a second message, such as a renewal (RENEW) message, when the IPv6 address requested to be allocated reaches the lease term. For another example, the DHCPv6 client device goes offline before the IPv6 address assigned by the DHCPv6 server reaches the lease term, and then goes online again, sending a second message, such as a REQUEST message.
[0092] For example, the second message includes a second random identifier. The second random identifier is a random identifier generated by the DHCPv6 client device to identify the DHCPv6 client device, and the second random identifier is based on the preset algorithm and the first random identifier. Logo generation. That is, through the preset algorithm, the first random identifier and the second random identifier are correlated. The second random identification and the first random identification are different random identifications. Wherein, the preset algorithm is not limited, as long as the algorithm that can cause the second random identification to associate with the first random identification can be used, that is, the second random identification can pass The operation of the preset algorithm uniquely corresponds to the first random identifier.
[0093] S108. The DHCPv6 client device receives a second response message from the DHCPv6 server, where the second response message includes a second IPv6 address, second configuration information, and the second random identifier.
[0094] For example, after receiving the second message, the DHCPv6 server processes the second message. For example, the second message may be a RENEW message, and the DHCPv6 server will send a second response message including a second IPv6 address, second configuration information such as renewal information, and a second random identifier to the DHCPv6 client device, so The second IPv6 address may be an IPv6 address previously allocated by the DHCPv6 server to the DHCPv6 client device, or may be an IPv6 address re-allocated by the DHCPv6 server to the DHCPv6 client device. For example, the second message may be a REQUEST message. After the DHCPv6 server receives the REQUEST message, it will reassign the IPv6 address and configuration information to the DHCPv6 client device. By carrying the second random identifier in the second response message, it is ensured that the DHCPv6 client device that sends the second message can receive the second response message from the DHCPv6 server.
[0095] In the message processing method provided in this embodiment, the DHCPv6 client device carries a first random identifier when sending a first message to a DHCPv6 server; when sending a second message, it carries a first random identifier generated by using the first random identifier and a preset algorithm. Two random identifications, and the second random identification and the first random identification are different random identifications. Therefore, the DHCPv6 client device is identified by a random identification method, which helps protect the privacy of the DHCPv6 client device and improve the security of network transmission.
[0096] Optionally, the second message includes an identifier of the preset algorithm, and the identifier of the preset algorithm is used to identify the preset algorithm.
[0097] For example, the second message sent by the DHCPv6 client device to the DHCPv6 server includes the second random identifier. Since the second random identifier is generated by the DHCPv6 client device using the first random identifier and a preset algorithm, the DHCPv6 server also uses the same preset algorithm to determine whether the second random identifier is Whether the relationship between the first random identifier meets the preset algorithm, therefore, the DHCPv6 client device needs to inform the DHCPv6 server of the algorithm used to generate the second random identifier. If the DHCPv6 client device and the DHCPv6 server both store the corresponding relationship between the preset algorithm and the identifier, and the second message includes the identifier of the preset algorithm, the DHCPv6 server obtains the corresponding relationship by querying the locally stored corresponding relationship. The algorithm corresponding to the identifier of the preset algorithm. See image 3 , image 3 This is the implementation format of the random identification field in the client identification option in the embodiment of the present invention. image 3 The implementation format of the random identification field in can be figure 1 A specific implementation of the random identification field in the. image 3 Here, "5" represents the identifier of the random identification field. The use of "5" here is only an example. In practical applications, the identifier can be provided by the Internet Assigned Numbers Authority (full English name: Internet Assigned Numbers Authority, English abbreviation: IANA) designation. image 3 The implementation format of the content of the random identification field shown includes the algorithm identification and the random identification. When sending a message to the DHCPv6 server, it not only carries the second random identifier, but also carries the algorithm identifier, so that the DHCPv6 server can use the same algorithm as the DHCPv6 client device to determine whether the relationship between the second random identifier and the first random identifier meets the predetermined algorithm.
[0098] For example, the DHCPv6 client device may include a unique preset algorithm. Similarly, the DHCPv6 server also includes a unique preset algorithm. In this case, since the DHCPv6 client device and the DHCPv6 server use a preset algorithm, when the DHCPv6 client device sends a message to the DHCPv6 server, it does not need to carry the preset algorithm or the identifier of the preset algorithm. In this situation, image 3 The implementation format of the content of the random identification field shown may not use the identification field of the algorithm, or set the identification field of the algorithm to be empty.
[0099] Optionally, before the DHCPv6 client device sends the first message to the DHCPv6 server, the method further includes: the DHCPv6 client device obtains the preset algorithm from a portal server (Portal server) And the preset algorithm, the portal server stores a one-to-one correspondence between at least two algorithms and the algorithm identifiers, and the at least two algorithms include the preset algorithms.
[0100] For example, the portal server is responsible for authenticating the DHCPv6 client device before the interaction process between the DHCPv6 client device and the DHCPv6 server. That is, the portal server realizes the authentication of the legality of the DHCPv6 client device by processing the authentication request message sent by the DHCPv6 client device. There may be a one-to-one correspondence between at least two algorithms and algorithm identifiers in the portal server, and the DHCPv6 client device does not store algorithms in advance. Before the DHCPv6 client device sends the first message to the DHCPv6 server, in the authentication phase, the DHCPv6 client device obtains the identifier of the preset algorithm and the preset algorithm from the portal server. The preset algorithm is one of at least two algorithms stored in the portal server. In this way, when updating an algorithm library that includes at least two algorithms, only the algorithm library of the portal server needs to be updated.
[0101] For example, when the DHCPv6 client device obtains an algorithm from the portal server, a certain encryption method may be used. For example, use Internet Protocol Security (English full name: Internet Protocol Security, English abbreviation: IPsec) to encrypt the transmitted algorithm.
[0102] For example, an algorithm library including at least two algorithms may also be stored in the DHCPv6 client device in advance, and at the same time, the DHCPv6 client device also stores at least two algorithms in a one-to-one correspondence with algorithm identifiers. relationship. In this way, in the authentication phase of the DHCPv6 client device using the portal server, the DHCPv6 client device only needs to obtain the algorithm identifier from the portal server. The DHCPv6 client device obtains the algorithm corresponding to the identifier of the algorithm from a locally pre-stored algorithm library.
[0103] For example, when the second message sent by the DHCPv6 client device is a RENEW message, it means that the DHCPv6 client device has submitted a contract renewal request to the DHCPv6 server. When the lease term expires again, the DHCPv6 client device may continue to send the RENEW message to continue to request the renewal. The preset algorithm used for the random identification included in the two RENEW messages may be the same algorithm or different algorithms.
[0104] Optionally, the second message includes the preset algorithm. The preset algorithm is stored in the DHCPv6 client device in advance. Alternatively, the DHCPv6 client device obtains the preset algorithm from a portal server.
[0105] For example, according to the above explanation of this embodiment: the second message may include the identifier of the algorithm, such as image 3 In the manner shown, the DHCPv6 server obtains the algorithm corresponding to the identifier of the algorithm from the algorithm library stored locally, finds the corresponding algorithm through the algorithm identifier in the DHCPv6 server, and finds the corresponding algorithm in the DHCPv6 server Algorithm. Or, when the DHCPv6 client device and the DHCPv6 server only include one algorithm, the second message may not need to carry the identifier of the used algorithm. As an optional implementation manner, the DHCPv6 server may not store the preset algorithm in advance, but send the preset algorithm to be used to the DHCPv6 server by carrying the preset algorithm in the second message.
[0106] For example, when the preset algorithm is sent through the second message, a certain encryption method may be used. For example, use the IPsec protocol to encrypt the transmitted algorithm.
[0107] Optionally, the preset algorithm includes a magnification, the first random identifier is less than the magnification, and the magnification is greater than zero.
[0108] For example, the preset algorithm includes a magnification factor, and the first random identifier is made smaller than the magnification factor. The magnification is used to generate a second random identification. The magnification is variable. Optionally, the algorithms that use the same operation rules but different magnifications can be considered as different algorithms. For example: Algorithm 1, using the remainder algorithm, and the magnification is A; Algorithm 2, using the remainder algorithm, and the magnification is B. There is no limitation on the sequence of the first random identification and the determination of the magnification factor. For example, the magnification may be determined first, and then a first random identifier smaller than the magnification may be randomly generated. For another example, any first random identification may be generated first, and then a magnification greater than the first random identification may be determined.
[0109] Optionally, the second random identification is equal to a random number multiplied by the amplification factor and added to the first random identification, and the random number is a positive integer.
[0110] For example, the preset algorithm is a remainder algorithm. For the DHCPv6 client device, the implementation of the remainder algorithm is: RandomIDn=Random*magnification+RandomID1, where RandomID1 is the first random identifier, RandomIDn is the second random identifier, and Random is a random number. For example, the magnification factor is 2 100 (Ie 2 to the power of 100), then the remainder algorithm is: RandomIDn=Random*2 100 +RandomID1.
[0111] For example, the preset algorithm is not limited, and any algorithm can be used as long as it can generate an association relationship between the second random identifier and the first random identifier. In other words, other algorithms can be used, for example, the number of bits remainder algorithm. For the DHCPv6 client device side, the implementation of the number of bits remainder algorithm is: second random identification=Random*10 m +The first random identification, where Random is a random number, m is the number of digits of the first random identification, 10 m (Ie 10 to the power of m) represents the magnification. For example, if the first random identification is 1234, then the number of digits of the first random identification is 4, then the magnification can be 10 4 (That is, 10 to the 4th power).
[0112] For example, a simpler algorithm may also be used to implement the preset algorithm, for example, a multiplication algorithm. For the DHCPv6 client device side, the implementation of the multiplication algorithm is: second random identification=Random*magnification factor*first random identification, where Random is a random number.
[0113] For example, a non-mathematical algorithm can also be used to implement the preset algorithm, for example, the exchange digit algorithm. The implementation of the exchange digit algorithm is: second random identification=Random*first random identification after the exchange digit, Among them, Random is a random number, and the rule for swapping digits is to swap positions from high to low. When the number of digits of the first random identification is odd, the lowest digit is not exchanged. For example, the first random identifier is 1234, and the first random identifier after digits is changed is 2143; for another example, the first random identifier is 12345, and the first random identifier after digits is 21435, and the number "5" is not changed. Therefore, the preset algorithm can be implemented in a variety of specific forms, which will not be repeated here.
[0114] In a usual implementation that does not adopt the solution of the embodiment of the present invention, the DHCPv6 client device uses the DUID as a unique identifier during the interaction process between the DHCPv6 client device and the DHCPv6 server. The DUID is used as the identification of the DHCPv6 client device when sending messages to the DHCPv6 server in the REQUEST phase, the RENEW phase and the REQUEST phase of re-online. It is easy to be monitored or stolen during message transmission. Due to the uniqueness and stability of the DUID, it is easy to expose the privacy of the DHCPv6 client device. For example, by intercepting the REQUEST message, the DUID can be obtained from the message, thereby obtaining the privacy of the DHCPv6 client device, such as location information, according to the DUID. For another example, in the REQUEST phase, the RENEW phase, the re-launched REQUEST phase, or the DHCPv6 client device in a different network environment (for example, different wireless fidelity of the same operator (full English name: Wireless-Fidelity, English abbreviation: WIFI) ) Both use DUID as the identification of the DHCPv6 client device, so that criminals can easily monitor the whereabouts of the DHCPv6 client device through the DUID of the DHCPv6 client device.
[0115] In the technical solution provided by the embodiment of the present invention, the DHCPv6 client device carries the first random identifier when sending the first message to the DHCPv6 server; when sending the second message, it carries the first random identifier generated by using a preset algorithm and the first random identifier. Two random identifications, and the second random identification and the first random identification are different random identifications. Thereby, the DHCPv6 client device is identified by means of random identification. Even if the random identification is intercepted during the transmission, the random identification cannot be matched to the corresponding DHCPv6 client device. Different random identifications are used at different stages, and criminals cannot monitor the whereabouts of the DHCPv6 client device through random identifications. As for the DHCPv6 server, since the random identifiers at different stages identify the same terminal device or not can be determined by a preset algorithm, the DHCPv6 server can determine which different random identifiers correspond to the same terminal device.
[0116] Figure 4 It is a flowchart of a message processing method executed by a DHCPv6 server in an embodiment of the present invention. This embodiment of the present invention describes the message processing method from the perspective of a DHCPv6 server. Such as Figure 4 As shown, the DHCPv6 server stores a first random identifier, and the method includes:
[0117] S402: The DHCPv6 server receives a message from a DHCPv6 client device, the message includes a second random identifier, the second random identifier is used to identify the DHCPv6 client device, and the second random identifier is connected to the first random identifier. A random identifier is different, and the message does not include the DUID.
[0118] For example, the DHCPv6 server receives a message from a DHCPv6 client device, the message includes a second random identifier, the second random identifier is generated by the DHCPv6 client device, and the second random identifier is identical to the first random identifier. The random identification is a different random identification, and the message does not include the DUID.
[0119] S404: The DHCPv6 server determines whether the relationship between the second random identifier and the first random identifier satisfies a preset algorithm.
[0120] For example, according to the description of this embodiment, the second random identifier may be generated by the DHCPv6 client device using a preset algorithm and the first random identifier. Therefore, after obtaining the second random identifier, the DHCPv6 server also uses the same preset algorithm to determine whether the relationship between the second random identifier and the first random identifier satisfies the preset algorithm.
[0121] S406: When the DHCPv6 server determines that the relationship between the second random identifier and the first random identifier satisfies the preset algorithm, determine the DHCPv6 client device identified by the second random identifier Is the DHCPv6 client device identified by the first random identifier.
[0122] For example, if the DHCPv6 server determines that the relationship between the second random identifier and the first random identifier satisfies a preset algorithm, it can determine that the DHCPv6 client device identified by the second random identifier and the first random identifier The DHCPv6 client device identified by the random identifier is the same DHCPv6 client device.
[0123] S408: The DHCPv6 server sends a response message to the DHCPv6 client device identified by the second random identifier, where the response message includes an IPv6 address, configuration information, and the second random identifier.
[0124] For example, after receiving the message, the DHCPv6 server processes the message. For example, the message may be a RENEW message, and the DHCPv6 server will send a response message including an IPv6 address, configuration information such as renewal information, and a second random identifier to the DHCPv6 client device. The IPv6 address may be before the DHCPv6 server. The IPv6 address allocated to the DHCPv6 client device may also be an IPv6 address re-allocated to the DHCPv6 client device by the DHCPv6 server. For example, the message may be a REQUEST message. After receiving the REQUEST message, the DHCPv6 server will re-allocate the IPv6 address and configuration information to the DHCPv6 client device.
[0125] In the message processing method provided in this embodiment, after obtaining the second random identifier, the DHCPv6 server determines that the relationship between the second random identifier and the first random identifier satisfies a preset algorithm, and then determines the location of the second random identifier. The identified DHCPv6 client device is the DHCPv6 client device identified by the first random identification. Since the random identifiers at different stages are associated through a preset algorithm, the DHCPv6 server can analyze the algorithm and map different random identifiers to the same DHCPv6 client device, which helps the DHCPv6 server to facilitate statistics on the online time of the DHCPv6 client device, etc. information. In this way, allowing the same DHCPv6 client device to use different random identifiers helps to protect the privacy of the DHCPv6 client device and improve the security of network transmission.
[0126] Optionally, when the DHCPv6 server determines that the relationship between the second random identifier and the first random identifier does not satisfy the preset algorithm, it is the DHCPv6 identified by the second random identifier The client device allocates an IPv6 address, and saves the correspondence between the IPv6 address and the second random identifier.
[0127] For example, if the DHCPv6 server determines that the relationship between the second random identifier and the first random identifier does not satisfy a preset algorithm, it indicates that the DHCPv6 client device identified by the second random identifier and the first random identifier The identified DHCPv6 client devices are not the same DHCPv6 client device. In other words, the DHCPv6 client device identified by the second random identifier is another DHCPv6 client device, and the corresponding message is a REQUEST message relative to the other DHCPv6 client device. After receiving the message, the DHCPv6 server generates address binding information, where the address binding information includes the binding relationship between the second random identifier and the IPv6 address and configuration information. Allocate an IPv6 address to the other DHCPv6 client device, and record the correspondence between the IPv6 address and the second random identifier.
[0128] Optionally, the preset algorithm includes a magnification factor. The DHCPv6 server determining whether the relationship between the second random identifier and the first random identifier satisfies a preset algorithm includes: the DHCPv6 server determining that the second random identifier performs a remainder of the amplification factor Whether the result of the operation is equal to the first random identifier. When the DHCPv6 server determines that the result of the remainder of the magnification by the second random identifier is equal to the first random identifier, it determines the difference between the second random identifier and the first random identifier The relationship satisfies the preset algorithm.
[0129] For example, according to the remainder algorithm described in the foregoing embodiment, the implementation of the remainder algorithm adopted by the DHCPv6 server may be: F=(RandomIDn)% magnification, where RandomIDn is the second random identifier, and% is the remainder operation symbol. If the above calculation result F=RandomID1, where RandomID1 is the first random identifier, it indicates that the relationship between the second random identifier and the first random identifier satisfies the preset algorithm. For example, suppose the first random identifier is 1234, and the magnification factor is 2 100 (That is, 2 to the 100th power). After the DHCPv6 server obtains the second random identifier, calculates using a corresponding preset algorithm: F=second random identifier% 2 100 , The result of the operation is obviously 1234, that is, F=1234. Therefore, the relationship between the second random identifier and the first random identifier satisfies a preset algorithm. It can be determined that the DHCPv6 client device identified by the second random identifier and the DHCPv6 client device identified by the first random identifier are the same DHCPv6 client device.
[0130] For example, the specific implementation of the preset algorithm is not limited, that is, multiple different algorithms can be used for implementation. For example, it is implemented according to the digit remainder algorithm described in the foregoing embodiment. The implementation of the number of bits remainder algorithm can be: F = second random identification %10 x-y , Where x is the number of digits of the second random identification, y is the number of digits of Random, and% is the remainder operator. For example, according to the example of the foregoing embodiment, the first random identifier is 1234, the random number is, for example, 65, and the calculated second random identifier is 651234. When the DHCPv6 server obtains the second random identifier, it uses the corresponding preset algorithm to calculate: F=651234% 10 6-2 = 1234. Therefore, the relationship between the second random identifier and the first random identifier satisfies a preset algorithm. When the number of bits remainder algorithm is used, the message sent by the DHCPv6 client device received by the DHCPv6 server includes a random number Random.
[0131] To illustrate, for another example, implement the multiplication algorithm described in the foregoing embodiment. The implementation manner of the adopted multiplication algorithm may be: F=second random identification/Random/magnification, where Random is a random number. When the calculation result F=the first random identifier, it can be determined that the relationship between the second random identifier and the first random identifier satisfies a preset algorithm. When the multiplication algorithm is used, the message sent by the DHCPv6 client device received by the DHCPv6 server includes the random number Random.
[0132] For example, it is also implemented according to the exchange digit algorithm described in the foregoing embodiment. The implementation of the adopted exchange digit algorithm can be: F=(second random identification/Random) exchange digits, that is, the second random identification is divided by Random to exchange digits, where Random is a random number, and the rule for exchange digits is from The positions of the high bit to the low bit are swapped in pairs. When the number of the digits of the second random identification is odd, the lowest bit is not swapped. For example, according to the example of the foregoing embodiment, the first random identifier is 1234, the random number is for example 8, and the calculated second random identifier is 17144. When the DHCPv6 server obtains the second random identifier, it uses the corresponding preset algorithm to calculate: F=(17144/8) exchange digit=1234. Therefore, the relationship between the second random identifier and the first random identifier satisfies a preset algorithm. When using the exchange digit algorithm, the message sent by the DHCPv6 client device received by the DHCPv6 server includes a random number Random.
[0133] Optionally, the message further includes an identifier of the preset algorithm, and the DHCPv6 server obtains the preset algorithm according to the identifier of the preset algorithm.
[0134] For example, the message sent by the DHCPv6 client device to the DHCPv6 server includes the second random identifier. Since the second random identifier is generated by the DHCPv6 client device using the first random identifier and a preset algorithm, the DHCPv6 server also uses the same preset algorithm to determine whether the second random identifier is Whether the relationship between the first random identifier meets the preset algorithm, therefore, the DHCPv6 client device needs to inform the DHCPv6 server of the algorithm used to generate the second random identifier. If the DHCPv6 client device and the DHCPv6 server both store the corresponding relationship between the preset algorithm and the identifier, and the second message includes the identifier of the preset algorithm, the DHCPv6 server obtains the corresponding relationship by querying the locally stored corresponding relationship. The algorithm corresponding to the identifier of the preset algorithm. See for details image 3 As with the corresponding description in the foregoing embodiment, it will not be repeated here.
[0135] For example, the DHCPv6 client device may include a unique preset algorithm. Similarly, the DHCPv6 server also includes a unique preset algorithm. In this case, since the DHCPv6 client device and the DHCPv6 server use a preset algorithm, when the DHCPv6 client device sends a message to the DHCPv6 server, it does not need to carry the preset algorithm or the identifier of the preset algorithm. In this situation, image 3 The implementation format of the content of the random identification field shown may not use the identification field of the algorithm, or set the identification field of the algorithm to be empty.
[0136] Optionally, the DHCPv6 server stores a one-to-one correspondence between at least two algorithms and algorithm identifiers, and the at least two algorithms include the preset algorithm.
[0137] For example, according to the description of the foregoing embodiment, the DHCPv6 client device may pre-store at least two one-to-one correspondences between algorithms and algorithm identities, or obtain at least two algorithms and algorithm identities from the portal server. Correspondingly, when multiple algorithms are used, the DHCPv6 server stores a one-to-one correspondence between at least two algorithms and algorithm identifiers. The DHCPv6 server may obtain the algorithm corresponding to the preset algorithm identifier by obtaining the algorithm identifier sent by the DHCPv6 client device, and by querying the correspondence relationship stored locally.
[0138] Optionally, the DHCPv6 server obtains the algorithm corresponding to the identifier of the preset algorithm from the portal server, the portal server stores a one-to-one correspondence between at least two algorithms and the identifier of the algorithm, and the at least two algorithms include The preset algorithm.
[0139] For example, according to the description of the foregoing embodiment, the DHCPv6 client device may pre-store at least two one-to-one correspondences between algorithms and algorithm identities, or obtain at least two algorithms and algorithm identities from the portal server. In the same way, the DHCPv6 server may not store the algorithm in advance, and the one-to-one correspondence between at least two algorithms and the algorithm identifiers is stored on the portal server. After the DHCPv6 server receives the message from the DHCPv6 client device, it obtains the algorithm identifier, and obtains the algorithm corresponding to the preset algorithm identifier from the portal server based on the algorithm identifier.
[0140] Figure 5 It is a flowchart of a method for communicating with a DHCPv6 client device executed by a portal server in an embodiment of the present invention. This embodiment of the present invention describes the method of communicating with the DHCPv6 client device executed by the portal server from the perspective of the portal server. Such as Figure 5 As shown, the portal server stores a one-to-one correspondence between at least two algorithms and algorithm identifiers, and the method includes:
[0141] S502: The portal server receives an authentication request message from the DHCPv6 client device.
[0142] For example, the portal server is used to authenticate the legality of the DHCPv6 client device. The DHCPv6 client device needs to use the portal server for authentication during the interaction process of the DHCPv6 server. In other words, after the DHCPv6 client device is online, before sending a REQUEST message requesting the allocation of an IPv6 address to the DHCPv6 server, the portal server needs to be used to authenticate the legality of the DHCPv6 client device. For the authentication process of the portal server, the DHCPv6 client device needs to send an authentication request message to the portal server, and the portal server receives the authentication request message.
[0143] S504: The portal server authenticates the DHCPv6 client device.
[0144] For example, after receiving the authentication request message from the DHCPv6 client device, the portal server performs legality authentication on the DHCPv6 client device according to the authentication request message. For example, the user name and password of the DHCPv6 client device are used for legality authentication.
[0145] S506: When the portal server passes the authentication of the DHCPv6 client device, the portal server sends an authentication pass message to the DHCPv6 client device, where the authentication pass message includes an identifier of a preset algorithm. The algorithm assumed is the algorithm of the at least two algorithms.
[0146] For example, when the portal server passes the authentication of the DHCPv6 client device, the portal server sends an authentication pass message to the DHCPv6 client device. Since the portal server stores a one-to-one correspondence between at least two algorithms and algorithm identifiers, the portal server can determine the preset algorithm used in the interaction process between the DHCPv6 client device and the DHCPv6 server according to the control policy. After determining the preset algorithm, the portal server makes the authentication passed message include the identifier of the preset algorithm. In this way, after the DHCPv6 client device receives the authentication pass message, on the one hand, it can confirm the legitimacy of the DHCPv6 client device; on the other hand, by obtaining the preset algorithm in the authentication pass message The identifier of can determine the preset algorithm used in the interaction process between the DHCPv6 client device and the DHCPv6 server. Wherein, the control strategy is not limited. The control strategy can be set according to business requirements, for example, the preset algorithm is determined in a random manner, the preset algorithm is recycled in a sequential manner, the preset algorithm is determined according to the cycle, and the IPv6 address managed by the DHCPv6 server is used. The number determines the preset algorithm (for example, if the number of IPv6 addresses managed by the DHCPv6 server is large, then a complex algorithm with low probability of calculation repetition is selected) and so on.
[0147] For example, according to the description of the foregoing embodiment, the DHCPv6 client device can store at least two algorithms and the one-to-one correspondence between the algorithm identifiers, that is, the DHCPv6 client device saves the algorithm in advance, and the DHCPv6 client device only needs to download from The portal server only needs to obtain the identifier of the preset algorithm. The DHCPv6 client device may not pre-store the one-to-one correspondence between at least two algorithms and the algorithm identifiers. The DHCPv6 client device obtains the preset algorithm identifier from the received authentication pass message, and communicates with the DHCPv6 client device through the DHCPv6 client device. The communication link of the portal server obtains the preset algorithm from the portal server.
[0148] In the method for communicating with a DHCPv6 client device performed by a portal server provided in this embodiment, the portal server stores at least two algorithms and a one-to-one correspondence between algorithm identifiers. In the process of authenticating the DHCPv6 client device, the portal server carries the identification of the preset algorithm in the authentication passed message, so that the DHCPv6 client device can determine the corresponding preset algorithm according to the identification of the algorithm, Used to generate a second random identifier. It helps the DHCPv6 client device to generate a random identifier and use it for message interaction between the terminal device and the DHCPv6 server, and protect the privacy of the terminal device.
[0149] Optionally, the authentication passed message includes attribute information, and the attribute information includes an identifier of the preset algorithm.
[0150] For example, the authentication passed message includes attribute information, and the attribute information may be used to carry the identifier of the preset algorithm. See Image 6 , Image 6 It is the attribute information in the authentication passed message in the embodiment of the present invention. Such as Image 6 As shown, the attribute information includes: attribute type, attribute length, and attribute value. The attribute type identifies the type of attribute information; the attribute length represents the total length of the attribute type, the attribute length, and the attribute value. The attribute value is of variable length and can be used to carry the identifier of a preset algorithm.
[0151] Figure 7 It is a schematic diagram of an interaction scenario between a DHCPv6 client device and a DHCPv6 server in an embodiment of the present invention.
[0152] For example, according to the description of the foregoing embodiment, the DHCPv6 client device generates a random identifier 1 when it goes online and sends a REQUEST message to the DHCPv6 server. The REQUEST message includes the random identifier 1. After receiving the REQUEST message, the DHCPv6 server generates address binding information according to the random identifier 1, and then sends a REPLY message to the DHCPv6 client device. The REPLY message includes the IPv6 address and configuration assigned to the DHCPv6 client device. Information and random identification 1.
[0153] For example, when the lease term expires, the DHCPv6 client device generates a random identifier 2 using a preset algorithm and a random identifier 1, and sends a RENEW message carrying the random identifier 2 to the DHCPv6 server. After receiving the RENEW message, the DHCPv6 server determines whether the relationship between the random identifier 2 and the random identifier 1 satisfies the corresponding preset algorithm. When it is determined that the relationship between the random identification 2 and the random identification 1 satisfies the corresponding preset algorithm, it is explained that the random identification 2 and the random identification 1 identify the same DHCPv6 client device. The DHCPv6 server sends a REPLY message to the DHCPv6 client device, and the REPLY message includes lease update information.
[0154] For example, when the DHCPv6 client device goes online next time, it can use the random identifier 1 and a preset algorithm to generate a random identifier n, and send a REQUEST message carrying the random identifier n to the DHCPv6 server. After receiving the REQUEST message, the DHCPv6 server determines whether the relationship between the random identifier n and the random identifier 1 satisfies the corresponding preset algorithm. When it is determined that the relationship between the random identifier n and the random identifier 1 satisfies the corresponding preset algorithm, it is explained that the random identifier n and the random identifier 1 identify the same DHCPv6 client device. The DHCPv6 server sends a REPLY message to the DHCPv6 client device, where the REPLY message includes an IPv6 address allocated for the DHCPv6 client device and the random identifier n of configuration information. The IPv6 address allocated to the DHCPv6 client device this time may be an IPv6 address previously used for the DHCPv6 client device obtained according to the address binding information, or may be a re-allocated IPv6 address. Wherein, the preset algorithm used by the DHCPv6 client device when it goes online again may be the same as the preset algorithm used when it went online last time, or it may be different from the preset algorithm used when it went online last time.
[0155] The message processing method provided in this embodiment ensures that the DHCPv6 client device is identified by means of random identification, which helps protect the privacy of the DHCPv6 client device. At the same time, for the DHCPv6 server, by determining the relationship between random identification 2 and random identification 1, and the relationship between random identification n and random identification 1 satisfy the corresponding preset algorithm, different random identifications are corresponding to the same DHCPv6 On the client device, it is helpful for the DHCPv6 server to conveniently count the online time and other information of the DHCPv6 client device.
[0156] Figure 8 Is a schematic structural diagram of a DHCPv6 client device according to an embodiment of the present invention, Figure 8 The DHCPv6 client device shown can execute the corresponding steps performed by the DHCPv6 client device in the method of the foregoing embodiment. Such as Figure 8 As shown, the DHCPv6 client device includes a processing unit 802, a sending unit 804, and a receiving unit 806:
[0157] The processing unit 802 is configured to generate a first random identifier for identifying the DHCPv6 client device.
[0158] The sending unit 804 is configured to send a first message for requesting allocation of an IPv6 address to the DHCPv6 server, where the first message carries a first random identifier, and the first message does not include the DUID.
[0159] The receiving unit 806 is configured to receive a first response message from the DHCPv6 server, where the first response message includes a first IPV6 address, first configuration information, and the first random identifier.
[0160] The processing unit 802 is further configured to use a preset algorithm and the first random identifier to generate a second random identifier for identifying the DHCPv6 client device, and the second random identifier is identical to the first random identifier. different.
[0161] The sending unit 804 is further configured to send a second message to the DHCPv6 server, where the second message carries a second random identifier, and the second message does not include the DUID.
[0162] The receiving unit 806 is further configured to receive a second response message from the DHCPv6 server, where the second response message includes a second IPv6 address, second configuration information, and the second random identifier.
[0163] Optionally, the second message includes an identifier of the preset algorithm, and the identifier of the preset algorithm is used to identify the preset algorithm.
[0164] Optionally, before the sending unit 802 sends the first message, the receiving unit 804 is further configured to obtain the identifier of the preset algorithm and the preset algorithm from the portal server, and the portal server A one-to-one correspondence between at least two algorithms and algorithm identifiers is stored, and the at least two algorithms include the preset algorithm.
[0165] Optionally, the preset algorithm includes a magnification, the first random identifier is less than the magnification, and the magnification is greater than zero.
[0166] Optionally, the second random identifier is equal to a random number multiplied by the magnification factor plus the first random identifier, and the random number is a positive integer.
[0167] Figure 8 The DHCPv6 client device shown can execute the corresponding steps performed by the DHCPv6 client device in the method of the foregoing embodiment. The DHCPv6 client device carries a first random identifier when sending the first message to the DHCPv6 server; when sending the second message, it carries a second random identifier generated by using the first random identifier and a preset algorithm, and the second random identifier is The identifier and the first random identifier are different random identifiers. Therefore, the DHCPv6 client device is identified by a random identification method, which helps protect the privacy of the DHCPv6 client device and improve the security of network transmission.
[0168] Picture 9 Is a schematic diagram of the hardware structure of a DHCPv6 client device according to an embodiment of the present invention, Picture 9 The corresponding DHCPv6 client device can execute the corresponding steps performed by the DHCPv6 client device in the method of the foregoing embodiment.
[0169] Such as Picture 9 As shown, the DHCPv6 client device includes a processor 901, a memory 902, an interface 903, and a bus 904. The interface 903 can be implemented in a wireless or wired manner. Specifically, it can be an element such as a network card. The processor 901 and the memory 902 And the interface 903 is connected through the bus 904.
[0170] The memory 902 stores program codes and transmits the program codes to the processor 901. Optionally, the memory 902 is used to store a preset algorithm.
[0171] The processor 901 generates a first random identification for identifying the DHCPv6 client device.
[0172] The interface 903 sends a first message for requesting allocation of an IPv6 address to a DHCPv6 server, where the first message carries a first random identifier, and the first message does not include a DUID.
[0173] The interface 903 receives a first response message from the DHCPv6 server, where the first response message includes a first IPV6 address, first configuration information, and the first random identifier.
[0174] The processor 901 further uses a preset algorithm and the first random identifier to generate a second random identifier for identifying the DHCPv6 client device, where the second random identifier is different from the first random identifier.
[0175] The interface 903 further sends a second message to the DHCPv6 server, the second message carries a second random identifier, and the second message does not include the DUID.
[0176] The interface 903 also receives a second response message from the DHCPv6 server, where the second response message includes a second IPv6 address, second configuration information, and the second random identifier.
[0177] Optionally, the second message includes an identifier of the preset algorithm, and the identifier of the preset algorithm is used to identify the preset algorithm.
[0178] Optionally, before sending the first message, the interface 903 also obtains the identifier of the preset algorithm and the preset algorithm from a portal server, and the portal server stores at least two algorithms and algorithms The at least two algorithms include the preset algorithm.
[0179] Optionally, the preset algorithm includes a magnification, the first random identifier is less than the magnification, and the magnification is greater than zero.
[0180] Optionally, the second random identifier is equal to a random number multiplied by the magnification factor plus the first random identifier, and the random number is a positive integer.
[0181] Picture 9 The DHCPv6 client device shown can execute the corresponding steps performed by the DHCPv6 client device in the method of the foregoing embodiment. The DHCPv6 client device carries a first random identifier when sending the first message to the DHCPv6 server; when sending the second message, it carries a second random identifier generated by using the first random identifier and a preset algorithm, and the second random identifier is The identifier and the first random identifier are different random identifiers. Therefore, the DHCPv6 client device is identified by a random identification method, which helps protect the privacy of the DHCPv6 client device and improve the security of network transmission.
[0182] Picture 10 Is a schematic structural diagram of a DHCPv6 server according to an embodiment of the present invention, Picture 10 The DHCPv6 server shown can execute the corresponding steps performed by the DHCPv6 server in the method of the foregoing embodiment. Such as Picture 10 As shown, the DHCPv6 server includes a storage unit 1002, a receiving unit 1004, a processing unit 1006, and a sending unit 1008:
[0183] The storage unit 1002 is used to store the first random identification.
[0184] The receiving unit 1004 is configured to receive a message from a DHCPv6 client device, the message includes a second random identifier for identifying the DHCPv6 client device, the second random identifier is different from the first random identifier , The message does not include DUID.
[0185] The processing unit 1006 is configured to determine whether the relationship between the second random identifier and the first random identifier satisfies a preset algorithm, and when it is determined that there is a relationship between the second random identifier and the first random identifier When the relationship of satisfies the preset algorithm, it is determined that the DHCPv6 client device identified by the second random identifier is the DHCPv6 client device identified by the first random identifier.
[0186] The sending unit 1008 is configured to send a response message to the DHCPv6 client device identified by the second random identifier, where the response message includes an IPv6 address, configuration information, and the second random identifier.
[0187] Optionally, the processing unit 1006 is further configured to determine that the relationship between the second random identifier and the first random identifier does not satisfy the preset algorithm, and is identified by the second random identifier The DHCPv6 client device allocates an IPv6 address, and saves the correspondence between the allocated IPv6 address and the second random identifier.
[0188] Optionally, the preset algorithm includes the magnification. The processing unit 1006 is specifically configured to determine whether the result of the remainder operation of the second random identifier on the magnification is equal to the first random identifier. When the DHCPv6 server determines that the result of the remainder of the magnification by the second random identifier is equal to the first random identifier, it determines the difference between the second random identifier and the first random identifier The relationship satisfies the preset algorithm.
[0189] Optionally, the message further includes an identifier of the preset algorithm, and the processing unit 1006 is further configured to obtain the preset algorithm according to the identifier of the preset algorithm.
[0190] Optionally, the storage unit 1002 is further configured to store a one-to-one correspondence between at least two algorithms and algorithm identifiers, and the at least two algorithms include the preset algorithm.
[0191] Picture 10 The DHCPv6 server shown can execute the corresponding steps performed by the DHCPv6 server in the method of the foregoing embodiment. After obtaining the second random identifier, the DHCPv6 server determines whether the relationship between the second random identifier and the first random identifier satisfies the preset algorithm. When determining that the relationship between the second random identifier and the first random identifier satisfies the preset In the algorithm of, it is determined that the DHCPv6 client device identified by the second random identifier is the DHCPv6 client device identified by the first random identifier. Since the random identifiers at different stages are associated through a preset algorithm, the DHCPv6 server can analyze the algorithm and map different random identifiers to the same DHCPv6 client device, which is helpful for the DHCPv6 server to facilitate statistics on the online time of the DHCPv6 client device, etc. information. In this way, allowing the same DHCPv6 client device to use different random identifiers helps protect the privacy of the DHCPv6 client device and improve the security of network transmission.
[0192] Picture 11 Is a schematic diagram of the hardware structure of a DHCPv6 server according to an embodiment of the present invention, Picture 11 The DHCPv6 server shown can execute the corresponding steps performed by the DHCPv6 server in the method of the foregoing embodiment.
[0193] Such as Picture 11 As shown, the DHCPv6 server includes a processor 1101, a memory 1102, an interface 1103, and a bus 1104. The interface 1103 can be implemented in a wireless or wired manner. Specifically, it can be components such as a network card. The processor 1101, the memory 1102, and the interface 1103 is connected via bus 1104.
[0194] The memory 1102 stores the program code and the first random identifier, and transmits the program code and the first random identifier to the processor 1101. Optionally, the memory 1102 is used to store a preset algorithm.
[0195] The interface 1103 receives a message from a DHCPv6 client device, the message includes a second random identifier for identifying the DHCPv6 client device, the second random identifier is different from the first random identifier, and the The message does not include DUID;
[0196] The processor 1101 determines whether the relationship between the second random identifier and the first random identifier satisfies a preset algorithm, and when determining the relationship between the second random identifier and the first random identifier When the preset algorithm is satisfied, determining that the DHCPv6 client device identified by the second random identifier is the DHCPv6 client device identified by the first random identifier;
[0197] The interface 1103 is configured to send a response message to the DHCPv6 client device identified by the second random identifier, where the response message includes an IPv6 address, configuration information, and the second random identifier.
[0198] Optionally, when the processor 1101 determines that the relationship between the second random identifier and the first random identifier does not satisfy the preset algorithm, the processor 1101 is the The DHCPv6 client device allocates an IPv6 address, and saves the correspondence between the allocated IPv6 address and the second random identifier.
[0199] Optionally, the preset algorithm includes the magnification factor, and the processor 1101 specifically determines whether the result of the remainder of the magnification factor by the second random identifier is equal to the first random identifier. When the DHCPv6 server determines that the result of the remainder of the magnification by the second random identifier is equal to the first random identifier, it determines the difference between the second random identifier and the first random identifier The relationship satisfies the preset algorithm.
[0200] Optionally, the message further includes an identifier of the preset algorithm, and the processor 1101 obtains the preset algorithm according to the identifier of the preset algorithm.
[0201] Optionally, the memory 1102 stores a one-to-one correspondence between at least two algorithms and algorithm identifiers, and the at least two algorithms include the preset algorithm.
[0202] Picture 11 The DHCPv6 server shown can execute the corresponding steps performed by the DHCPv6 server in the method of the foregoing embodiment. After obtaining the second random identifier, the DHCPv6 server determines whether the relationship between the second random identifier and the first random identifier satisfies the preset algorithm. When it is determined that the relationship between the second random identifier and the first random identifier satisfies the preset In the algorithm, it is determined that the DHCPv6 client device identified by the second random identifier is the DHCPv6 client device identified by the first random identifier. Since the random identifiers at different stages are associated through a preset algorithm, the DHCPv6 server can analyze the algorithm and map different random identifiers to the same DHCPv6 client device, which is helpful for the DHCPv6 server to facilitate statistics on the online time of the DHCPv6 client device, etc. information. In this way, allowing the same DHCPv6 client device to use different random identifiers helps protect the privacy of the DHCPv6 client device and improve the security of network transmission.
[0203] Picture 12 Is a schematic diagram of a portal server structure according to an embodiment of the present invention, Picture 12 The illustrated portal server can execute the corresponding steps performed by the portal server in the method of the foregoing embodiment. Such as Picture 12 As shown, the portal server includes a storage unit 1202, a receiving unit 1204, an authentication unit 1206, and a sending unit 1208:
[0204] The storage unit 1202 is configured to store a one-to-one correspondence between at least two algorithms and algorithm identifiers.
[0205] The receiving unit 1204 is configured to receive an authentication request message from the DHCPv6 client device.
[0206] The authentication unit 1206 is configured to authenticate the DHCPv6 client device.
[0207] The sending unit 1208 is configured to send an authentication passed message to the DHCPv6 client device when the authentication unit 1206 passes the authentication of the DHCPv6 client device, where the authentication passed message includes the identifier of the preset algorithm, The preset algorithm is an algorithm among the at least two algorithms.
[0208] Optionally, the authentication passed message includes attribute information, and the attribute information includes an identifier of the preset algorithm.
[0209] Picture 12 The illustrated portal server can execute the corresponding steps performed by the portal server in the method of the foregoing embodiment. The portal server stores a one-to-one correspondence between at least two algorithms and algorithm identifiers. In the process of authenticating the DHCPv6 client device, the portal server carries the identification of the preset algorithm in the authentication passed message, so that the DHCPv6 client device can determine the corresponding preset algorithm according to the identification of the algorithm, Used to generate a second random identifier. It helps the DHCPv6 client device to generate a random identifier and use it for message interaction between the terminal device and the DHCPv6 server, and protect the privacy of the terminal device.
[0210] Figure 13 Is a schematic diagram of the hardware structure of a portal server according to an embodiment of the present invention, Figure 13 The illustrated portal server can execute the corresponding steps performed by the portal server in the method of the foregoing embodiment.
[0211] Such as Figure 13 As shown, the portal server includes a processor 1301, a memory 1302, an interface 1303, and a bus 1304. The interface 1303 can be implemented in a wireless or wired manner. Specifically, it can be an element such as a network card. The processor 1301, the memory 1302, and the interface 1303 is connected by bus 1304.
[0212] The memory 1302 stores program codes and a one-to-one correspondence between at least two algorithms and algorithm identifiers. Optionally, the memory 1302 is used to store preset algorithms
[0213] The interface 1303 receives an authentication request message from the DHCPv6 client device;
[0214] The processor 1301 authenticates the DHCPv6 client device;
[0215] When the processor 1301 authenticates the DHCPv6 client device, the processor 1301 sends an authentication pass message to the DHCPv6 client device through the interface 1303, the authentication pass message including a preset algorithm , The preset algorithm is an algorithm of the at least two algorithms.
[0216] Optionally, the authentication passed message includes attribute information, and the attribute information includes an identifier of the preset algorithm.
[0217] Figure 13 The illustrated portal server can execute the corresponding steps performed by the portal server in the method of the foregoing embodiment. The portal server stores a one-to-one correspondence between at least two algorithms and algorithm identifiers. In the process of authenticating the DHCPv6 client device, the portal server carries the identification of the preset algorithm in the authentication passed message, so that the DHCPv6 client device can determine the corresponding preset algorithm according to the identification of the algorithm, Used to generate a second random identifier. It helps the DHCPv6 client device to generate a random identifier and use it for message interaction between the terminal device and the DHCPv6 server, and protect the privacy of the terminal device.
[0218] Figure 14 It is a system corresponding to the message processing method of the embodiment of the present invention. The system provided by the embodiment of the present invention may include the aforementioned Figure 8 or Picture 9 The DHCPv6 client device provided by the corresponding embodiment, and Picture 10 or Picture 11 For the DHCPv6 server provided in the corresponding embodiment, the DHCPv6 client device and the DHCPv6 server will not be repeated here.
[0219] Optionally, the system further includes the aforementioned Picture 12 or Figure 13 The portal server provided in the corresponding embodiment will not be described in detail here.
[0220] A person of ordinary skill in the art can understand that all or part of the steps in the above method embodiments can be implemented by a program instructing relevant hardware. The foregoing program can be stored in a computer readable storage medium. When the program is executed, the program is executed. Including the steps of the foregoing method embodiment; and the foregoing storage medium includes: random access memory (full English name: Random access memory, English abbreviation: RAM), read-only memory (full English name: Read-only memory, English abbreviation: ROM), Erasable programmable read only memory (English full name: Erasable programmable read only memory, English abbreviation: EPROM), magnetic disks or optical disks and other media that can store program codes.
[0221] Finally, it should be noted that the above embodiments are only used to illustrate the technical solutions of the application, not to limit them; although the application has been described in detail with reference to the foregoing embodiments, those of ordinary skill in the art should understand that: The technical solutions recorded in the foregoing embodiments are modified, or some of the technical features are equivalently replaced; these modifications or replacements do not cause the essence of the corresponding technical solutions to deviate from the scope of the technical solutions of the embodiments of the present application.

PUM

no PUM

Description & Claims & Application Information

We can also present the details of the Description, Claims and Application information to help users get a comprehensive understanding of the technical details of the patent, such as background art, summary of invention, brief description of drawings, description of embodiments, and other original content. On the other hand, users can also determine the specific scope of protection of the technology through the list of claims; as well as understand the changes in the life cycle of the technology with the presentation of the patent timeline. Login to view more.
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products