IPSec data stream high-speed processing system and method based on FPGA

A technology of high-speed processing and data flow, applied in the field of network communication, it can solve the problems of low processing speed, fixed algorithm, unable to support dynamic expansion, etc., and achieve the effect of high processing speed and high integration.

Active Publication Date: 2017-09-15
THE 41ST INST OF CHINA ELECTRONICS TECH GRP
View PDF5 Cites 8 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

The software-based form has the advantages of flexibility and low cost, but the processing speed is low and cannot support high-speed encrypted communication needs; while the hardware-based form is more expensive than the software-based form, but the processing speed is fast and can meet High-speed encrypted communication requires
Hardware-based forms mainly include dedicated security processing chips, which are currently the mainstream high-speed encrypted communication solutions. However, one disadvantage of this type of chip is that the algorithm is fixed and cannot support dynamic expansion.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • IPSec data stream high-speed processing system and method based on FPGA
  • IPSec data stream high-speed processing system and method based on FPGA

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0041] The following will clearly and completely describe the technical solutions in the embodiments of the present invention with reference to the accompanying drawings in the embodiments of the present invention. Obviously, the described embodiments are only some, not all, embodiments of the present invention. Based on the embodiments of the present invention, all other embodiments obtained by persons of ordinary skill in the art without making creative efforts belong to the protection scope of the present invention.

[0042] Such as figure 1 As shown, the FPGA-based IPSec data flow high-speed processing system of the present invention includes a key agreement module and an FPGA.

[0043] In view of the fact that the key agreement module does not require very high processing speed, the present invention completes this part in the main control CPU as software, and specific encryption / decryption, authentication and other related processing are completed by FPGA to achieve high...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides an IPSec data stream high-speed processing system based on an FPGA. The system comprises a key negotiation module and the FPGA. The key negotiation module is finished in a master control CPU in a software mode. The FPGA part comprises an input processing module, an output processing module, an SADB module, an SPDB module and an encryption / decryption and authentication processing module. The encryption / decryption and authentication processing module comprises an authentication processing module and an ESP encryption / decryption processing module. The authentication processing module comprises an ESP authentication processing module and an AH authentication processing module. According to the IPSec data stream high-speed processing system and method based on the FPGA, a processing rate is high, the integration degree is high and the expansion of an algorithm is supported.

Description

technical field [0001] The invention relates to the field of network communication, in particular to an FPGA-based IPSec data flow high-speed processing system, and also relates to an FPGA-based IPSec data flow high-speed processing method. Background technique [0002] Security is very important to network communication. IPSec is a protocol framework for secure data transmission at the IP layer. Its processing flow mainly includes key negotiation, SA (Security Association), SP (Security Policy) management, and AH (Authentication Header), ESP (Encapsulating Security Payload) protocol processing. Among them, the key agreement and the management of SA and SP are not required for each communication data message, so they are not the key to affect the processing speed of IPSec; while AH and ESP protocols must be processed for each communication data message, so The processing speed of AH and ESP is the bottleneck that affects the processing speed of IPSec. [0003] AH provides ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L9/14
CPCH04L9/14H04L63/0485
Inventor 袁海军吴恒奎
Owner THE 41ST INST OF CHINA ELECTRONICS TECH GRP
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap