摘要
目前,加密报文回收设计多采用连续序列号回收或基于时间戳的报文回收方法,但这两种方法都存在明显缺陷,不能很好满足软件设计的需求。连续序列号回收方法要求硬件安全可靠,严格按照报文顺序处理、回送报文,否则易导致IPSec逻辑错误。基于时间戳的报文回收方法消耗系统资源较多,同时报文超时时间不易设定,因此,有必要设计一种稳定高效的加密报文回收方法。通过对加密报文回收设计的研究,在加密报文中加入特定的报文序列号,有效解决了上述两种方法的缺陷,并可通过设定解锁次数合理设定报文超时时间,满足了软件稳定、高效的运行需求。
Nowadays consecutive serial number callback or message callback based on time stamp is usually adopted in the design of encrypted message callback. However these two callbacks feature obvious defects and could not well meet the demand of software design. The continuous sequence number callback method requires fairly high hardware safety and reliability ,process and send back the message in strict accordance with the message sequence, otherwise would easily lead to IPSec logic error. The callback method based on time stamp may consume more system resources and at the same time, it is not easy to set up the message timeout. Therefore, it is necessary to design a stable and efficient eneryption packet callback method. The research on the design of encrypted packet callback indicates that by adding a specific message sequence number to the encrypted packet head, the defects of the above two methods could be effectively solved, thus satisfying the demand for stable, efficient operation of software.
出处
《通信技术》
2015年第4期473-477,共5页
Communications Technology
