FPGA-based key index negotiation device, system and method

A key index and key technology, which is applied in the transmission system, digital transmission system, secure communication device, etc., can solve the problems of high cost, heavy workload of modifying the mapping table, and inflexibility of the prefabricated mapping table, so as to improve flexibility , the effect of small address conflict cost

Active Publication Date: 2018-09-04
北京赛博兴安科技有限公司
View PDF9 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] In view of the above analysis, the present invention aims to provide an FPGA-based key index negotiation device, system and method, which solves the

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • FPGA-based key index negotiation device, system and method
  • FPGA-based key index negotiation device, system and method
  • FPGA-based key index negotiation device, system and method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0059] Such as figure 1 As shown, this embodiment relates to the key agreement device at the terminal 1, which is the communication initiator. FPGA1 and CPU1 are set at terminal 1; FPGA1 includes on-chip RAM1.

[0060] FPGA1 is used to search the table entry whose peer address is IP2 in the mapping table when receiving the data packet to be sent. If it is not found, notify CPU1 to create a new key index; it is also used to obtain the second frame sent by terminal 2, and Save in the on-chip RAM1 data area, and notify CPU1 to process;

[0061] CPU1 is used to execute: after creating a new key index, send the first frame to Terminal 2, the first frame includes the key index value, frame count, IP1 and IP2 of Terminal 1; when receiving the processing notification, read out the first frame In the second frame, add or update the state of the entry whose peer address is IP2 to FIN, and at the same time update the key index field of the entry to the key index value in the second fra...

Embodiment 2

[0084] Such as figure 2 As shown, this embodiment relates to the key agreement method implemented at the communication sending end, that is, the terminal 1 .

[0085] Including the following steps:

[0086] Step S201, after receiving the data packet to be sent, search for the entry whose peer address is IP2 in the mapping table;

[0087] Step S202, if not found, create a new key index; otherwise, end.

[0088] Step S203, sending a first frame to terminal 2, the first frame including key index value, frame count, IP1 and IP2 of terminal 1;

[0089] Step S204, obtaining the second frame sent by the terminal 2, and saving it;

[0090] Step S205, read the second frame, add or update the state of the entry whose peer address is IP2 to FIN, and update the key index field of the entry to the key index value in the second frame;

[0091] Step S206, sending a third frame to Terminal 2, where the third frame includes the key index value of Terminal 1, frame count, IP1 and IP2.

[...

Embodiment 3

[0094] This embodiment relates to the key agreement device at the terminal 2 which is the receiving end of the communication. FPGA2 and CPU2 are set at the terminal 2, and FPGA2 includes an on-chip RAM2 data area.

[0095] specifically,

[0096] FPGA2 is used to capture the first frame sent by terminal 1 and save it in the on-chip RAM2 data area; it is also used to capture the third frame sent by terminal 1 and save it in the on-chip RAM2 data area;

[0097] CPU2, to execute:

[0098] Read the first frame, find the entry whose peer address is IP1, add or update the state of the entry to ACK, and update the key index field of the entry to the key index value in the first frame;

[0099] sending a second frame to terminal 1, the second frame including key index value, frame count, IP1 and IP2 of terminal 2;

[0100] Read the third frame, add or update the state of the entry whose peer address is IP1 to FIN, and update the key index field of the entry to the key index value in...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention belongs to the field of communication, and relates to a key index negotiation device, system and method. The method comprises the following steps: receiving a data packet to be sent, andsearching mapping tables for table items with an opposite address as IP1; if the table items are not found, newly establishing a key index; sending a first frame to a terminal 2; acquiring a second frame sent by the terminal 2, and saving the second frame in an on-chip RAM; updating statuses of table items with an opposite address as IP2 in the second frame to FIN, and updating key index fields of corresponding table items in the terminal 1 to key index values in the second frame; and sending a third frame to the terminal 2. The device, system and method provided by the invention has the advantages that required key index negotiation can be completed according to data streams in a current network under the condition of extremely low network expenses; and the key index use flexibility canbe greatly improved, and affects from a network topology can be avoided, that is, the key index can be dynamically regenerated even if the whole network topology changes.

Description

technical field [0001] The invention relates to the technical field of point-to-point encrypted communication, in particular to an FPGA-based key index negotiation device, system and method. Background technique [0002] Throughout the history of the development of cryptography, the security protection of data is increasingly showing a new feature based on key secrecy rather than algorithm secrecy. Therefore, the management and use of keys has become the focus of ensuring data security. As for key management, there are special discussions in many documents and books, so I won’t go into details here, and the method of using keys is still at a relatively traditional stage. , there is enough research value and room for improvement. [0003] The main problem of using the key is the key index, that is, how to determine which set of keys should be used for the encryption and decryption of a certain terminal address data packet. The current general method is to prefabricate the t...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L9/08
CPCH04L9/0891H04L9/0894
Inventor 郑重
Owner 北京赛博兴安科技有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap