基于标识密码的内生安全最短路径优先协议  

An intrinsic secure open shortest path first protocol based on identity cryptography

在线阅读下载全文

作  者:荀鹏[1] 陈红艳 王勇志 李世杰 XUN Peng;CHEN Hong-yan;WANG Yong-zhi;LI Shi-jie(College of Computer Science and Technology,National University of Defense Technology,Changsha 410073,China)

机构地区:[1]国防科技大学计算机学院,湖南长沙410073

出  处:《计算机工程与科学》2024年第6期1022-1031,共10页Computer Engineering & Science

摘  要:路由协议如开放的最短路径优先协议OSPFV2的安全运行对网络的连通及信息安全传输至关重要。传统OSPFV2协议在设计上缺少抵御源路由伪造或路由信息篡改的能力,致使组网易遭遇攻击,而现有的安全策略多为外挂式,易引发新的安全问题或安全效能低,为此,提出基于标识密码的内生安全OSPFV2协议,将标识密码内嵌于路由交换流程内,使网络具备高效的、内生式的抵御路由在传输过程中的篡改和伪造攻击能力。另一方面,考虑大范围部署安全OSPFV2协议存在多种限制因素,利用不透明链路状态通告,设计支持增量部署的运行机制。仿真实验表明,设计的内生安全OSPFV2协议在不损耗过多收敛时延的同时,具备抵御源路由伪造、数据篡改的安全能力。Routing protocols like Open Shortest Path First Version 2(OSPFV2)TCP/IP internet routing protocol play a crucial role in the connectivity and secure transmission of information within networks.However,traditional OSPFV2 lacks the capability to defend against source route spoofing or route information tampering,making networks vulnerable to attacks.Existing security strategies are often add-on solutions,which can lead to new security issues or have low security effectiveness.To address this,a novel OSPFV2 protocol based on identity-based cryptography is proposed.This protocol embeds identity-based cryptography within the routing exchange process,enabling networks to efficiently defend against route tampering and spoofing attacks internally.Furthermore,considering various limitations in deploying secure OSPFV2 protocols on a large scale,an operational mechanism supporting incremental deployment is designed using opaque link state advertisements.Simulation experiments demonstrate that the proposed internally secure OSPFV2 protocol possesses the capability to resist source route spoofing and data tampering while minimizing convergence delay.

关 键 词:OSPFV2协议 源路由伪造 内生安全 标识密码 

分 类 号:TP393[自动化与计算机技术—计算机应用技术]

 

参考文献:

正在载入数据...

 

二级参考文献:

正在载入数据...

 

耦合文献:

正在载入数据...

 

引证文献:

正在载入数据...

 

二级引证文献:

正在载入数据...

 

同被引文献:

正在载入数据...

 

相关期刊文献:

正在载入数据...

相关的主题
相关的作者对象
相关的机构对象