Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

A way to implement quantum-safe ipsecvpn

A quantum and secure technology, applied in key distribution, can solve the problem of not considering the quantum security of data encryption, not considering quantum security, etc., and achieve the effect of good compatibility and application flexibility, good application prospects, and high security.

Active Publication Date: 2019-10-22
NO 30 INST OF CHINA ELECTRONIC TECH GRP CORP
View PDF5 Cites 1 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

This patent prioritizes the use of quantum keys to improve the update frequency of session keys; however, it does not consider the quantum security of identity authentication and message authentication in the first phase of IKE, nor does it consider the quantum security of data encryption

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A way to implement quantum-safe ipsecvpn
  • A way to implement quantum-safe ipsecvpn
  • A way to implement quantum-safe ipsecvpn

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0030] A method of implementing quantum-safe IPSec VPN, such as Figure 1 to Figure 3 shown, including the following:

[0031] VPN gateway A and VPN gateway B are respectively configured with QKD terminals or quantum key security access interfaces.

[0032]Step 1: Terminal A sends the data flow that triggers the IKE process to terminal B; VPN gateway A and VPN gateway B send instructions to negotiate quantum keys to QKDA and QKDB respectively; QKDA and QKDB perform identity authentication based on the pre-shared key, and then perform Quantum key negotiation: According to the key parameter requirements of the possible encryption algorithm, the negotiated quantum key is divided and arranged, and used as the pre-shared key and HMAC algorithm between VPN gateway A and VPN gateway B respectively shared secret key and shared session key;

[0033] Step 2: VPN gateway A and VPN gateway B negotiate an IKE phase 1 session. VPN gateway A and VPN gateway B perform identity authenticatio...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses an IPSec VPN method used for realizing quantum safety. The method is characterized by adding a safe interface of QKD in an IPSec VPN gateway; adding a quantum key access and application mechanism in an IPSec VPN safety strategy; adding a one-time pad encryption option based on a quantum key in an IPSec encryption component and adding a strategy which preferentially adopts the quantum key as a pre-shared key, and adopts a session key of a data encryption algorithm and a shared key of an HMAC algorithm; and realizing fusion application of the QKD, quantum encryption and an IPSec protocol, and increasing quantum safety of identity authentication, message authentication and data encryption of an IPSec VPN system. The safety of the system is high, application access is flexible, and a good application prospect is possessed in fields of party, government, industrial control, finance, military and the like.

Description

technical field [0001] The invention relates to a method for realizing quantum-safe IPSec VPN. Background technique [0002] At present, the world's cyberspace struggle is extremely fierce, and cyberspace security is related to national security. Every country needs to have absolutely reliable cybersecurity defense capabilities and strong cyberattack deterrence capabilities. The confidential communication system is the last line of defense for network security, and it needs to be foolproof. Since the security of traditional secure communication systems is based on certain mathematical difficulties or computational complexity, it is difficult to guarantee the security under high-performance computing conditions (especially quantum computing conditions). Using quantum computers, the Shor quantum algorithm can crack public key algorithms such as RSA / ECC in polynomial time, and the Grover quantum algorithm can reduce the security key space of private key encryption by half. Th...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L9/08H04L29/06
Inventor 陈晖何远杭樊矾黄伟徐兵杰
Owner NO 30 INST OF CHINA ELECTRONIC TECH GRP CORP
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com