摘要
分析了第二层隧道协议L 2TP的工作原理,讨论了该协议的安全缺陷,并列举了攻击者可能进行的攻击手段.针对L 2TP协议的安全漏洞,提出了增强型第二层隧道协议eL 2TP的概念.通过设计eL 2TP的报头格式,以及在第二层隧道协议中引入双向认证、有条件的不定期认证、数据加密和完整性验证等思想,形成在实现上与L 2TP兼容、在安全性能上比L 2TP更高的增强型第二层隧道协议eL 2TP.
In this paper,based on description of the Layer Two Tunneling Protocol (L2TP),the security defaults within L2TP are analyzed and the probable attacks by hackers are discussed. By means of pointing out the security holes of L2TP,a new concept is introduced,which is called enhanced Layer Two Tunneling Protocol (eL2TP). The eL2TP is produced by designing of the eL2TP's packet head, introducing two-direction anthentication, conditional random authentication, data encryption into L2TP. It shows that the security of eL2TP is better than L2TP's and the L2TP can be replaced by the eL2TP easily.
出处
《武汉理工大学学报(交通科学与工程版)》
2006年第1期25-28,共4页
Journal of Wuhan University of Technology(Transportation Science & Engineering)
基金
湖北省教育厅重点科研项目资助(批准号:2001A02010)
