摘要
该文针对TCP/IP协议的特点,提出了一种基于IP的端到端加密传输机制。通过修改操作系统的IP协议软件,应用对称密码技术对IP数据报进行加密/解密处理,使得网络中传输的IP数据报只有通信双方能够识别,可以为互联网络上两台主机之间提供加密的安全通信。安全管理工作由独立的安全服务器完成,采用公钥密码技术向安全客户端传输安全通信所使用的对称密钥。与现有的安全通信技术相比,这种机制具有思想简单、易于实现,对IP以上层协议软件和应用程序完全透明等优点。
Aim at the characteristic of TCP/IP technology,this paper puts forward a End-to-End secure transmission mechanism based on IP.By modifying the Internet protocol software,it encrypts /decrypts the IP datagram using symmet-ric cryptography,in order to make sure the data transmitted can only be recognized by the sender and the receiver.This mechanism can be used to provide secure,encrypted communication between two hosts on Internet.The secure key man-agement is offered by an independent security server,which transmits the symmetric keys to its clients with asymmetric cryptography.Compared with the existing technologies,this mechanism is simpler and easier to implement.And it is abso-lutely transparent to the software and application over Internet protocol.
出处
《计算机工程与应用》
CSCD
北大核心
2002年第3期175-178,共4页
Computer Engineering and Applications
关键词
对称密码机制
公钥密码机制
密钥管理
身份认证
端到端安全传输模型
ICP/IP协议
网络通信
互联网
Symmetric Cryptography,Asymmetric Cryptography,Key Management ,Authentication,Security Client ,Security Server,Secure Transmission Protocol(STP),Secure Key Management Protocol(SKMP )
