《電子技術(shù)應(yīng)用》
您所在的位置:首頁(yè) > 其他 > 設(shè)計(jì)應(yīng)用 > 基于國(guó)密算法的IPSec VPN設(shè)計(jì)與實(shí)現(xiàn)
基于國(guó)密算法的IPSec VPN設(shè)計(jì)與實(shí)現(xiàn)
《信息技術(shù)與網(wǎng)絡(luò)安全》2020年第6期
張 堯,劉笑凱
華北計(jì)算機(jī)系統(tǒng)工程研究所,北京100083
摘要: 基于國(guó)家安全和經(jīng)濟(jì)發(fā)展的客觀需求,在安全產(chǎn)品中采用國(guó)密算法,確保網(wǎng)絡(luò)通信自主安全十分必要。通過(guò)將IPSec協(xié)議中的默認(rèn)非對(duì)稱協(xié)商算法、哈希算法和對(duì)稱加密算法分別采用國(guó)密SM2、SM3、SM4算法替代,設(shè)計(jì)并實(shí)現(xiàn)基于Linux系統(tǒng)內(nèi)核協(xié)議棧的IPSec VPN系統(tǒng)。實(shí)踐表明,采用國(guó)密算法能夠有效滿足IPSec VPN的需求。
中圖分類號(hào): TP393.08
文獻(xiàn)標(biāo)識(shí)碼: A
DOI: 10.19358/j.issn.2096-5133.2020.06.009
引用格式: 張堯,劉笑凱. 基于國(guó)密算法的IPSec VPN設(shè)計(jì)與實(shí)現(xiàn)[J].信息技術(shù)與網(wǎng)絡(luò)安全,2020,39(6):49-52.
Design and implementation of IPSec VPN based on national secret algorithm
Zhang Yao,Liu Xiaokai
National Computer System Engineering Research Institute of China,Beijing 100083,China
Abstract: Based on the objective needs of national security and economic development, it is necessary to use national secret algorithms in security products to ensure autonomous and controllable network communications. By replacing the default asymmetric negotiation algorithm, hash algorithm, and symmetric encryption algorithm in the IPSec protocol with the national secret SM2, SM3, and SM4 algorithms, the IPSec VPN system based on the Linux system kernel protocol stack is designed and implemented. Practice has shown that the use of national secret algorithms can effectively meet the needs of IPSec VPN.
Key words : IPSec;VPN;cyber security

IPSec VPN是一種常見(jiàn)的VPN技術(shù),具有速度快、安全可信等特點(diǎn)。由于IPSec國(guó)際協(xié)議中的標(biāo)準(zhǔn)算法可能存在算法安全性和協(xié)議安全性等問(wèn)題,因此國(guó)家密碼管理局制定了國(guó)家密碼算法標(biāo)準(zhǔn)以及VPN技術(shù)規(guī)范?;趪?guó)家技術(shù)標(biāo)準(zhǔn)的指導(dǎo),采用國(guó)密算法實(shí)現(xiàn)改進(jìn)的IPSec協(xié)議,能夠提高IPSec VPN的安全性,滿足安全產(chǎn)品自主安全的需要。

 


本文詳細(xì)內(nèi)容請(qǐng)下載: http://ihrv.cn/resource/share/2000003193

作者信息:

張  堯,劉笑凱

(華北計(jì)算機(jī)系統(tǒng)工程研究所,北京100083)

 


此內(nèi)容為AET網(wǎng)站原創(chuàng),未經(jīng)授權(quán)禁止轉(zhuǎn)載。