摘要
随着Internet日益普及,保障IP传输的安全性成为一个突出的问题.IPSec协议是由Internet工程任务组(IETF)开发的开放标准框架,主要在网络层对对等层设备之间传输的数据流进行保护和认证.通过IPSec可以"无缝"地为IP引入安全特性,防范数据受到来历不明的攻击.着重分析了重放攻击,研究了IPSec协议利用滑动重放窗口抗重放攻击的原理,并提出了滑动重放窗口的实现方法.结果表明,用IPSec能使接受方拒绝接受过时包或包拷贝,从而抵制重放攻击.
With the popularization of Internet day by day , the security of IP transmission becomes an outstanding prolblem.IPSec is an open standard frame that is developed by Internet Engineering Task Force(IETF),which carries on protection and authentication to the dataflow transmitted between the right reciprocity layer of equipment in the network layer.Security specialty can be imported without slot through IPSec so that the datum will not receive the unexplained attack.The paper mainly analyzes replay attack, studies the principle of the IPSec anti-replay by means of sliding-window and describles the implementation of the sliding-window.The result shows that accepter can refuse to accept the package out of date or copied so as to resist replay attack.
出处
《湖南工程学院学报(自然科学版)》
2003年第4期68-70,共3页
Journal of Hunan Institute of Engineering(Natural Science Edition)