作者投稿和查稿 主编审稿 专家审稿 编委审稿 远程编辑

计算机工程 ›› 2008, Vol. 34 ›› Issue (2): 100-102. doi: 10.3969/j.issn.1000-3428.2008.02.033

• 安全技术 • 上一篇    下一篇

基于潜信道的IPSec密钥恢复方案

李 蕾,谷大武   

  1. (上海交通大学信息安全工程学院,上海 200240)
  • 收稿日期:1900-01-01 修回日期:1900-01-01 出版日期:2008-01-20 发布日期:2008-01-20

Key Recovery Scheme of IPSec Based on Subliminal Channel

LI Lei, GU Da-wu   

  1. (School of Information and Security Engineering, Shanghai Jiaotong University, Shanghai 200240)
  • Received:1900-01-01 Revised:1900-01-01 Online:2008-01-20 Published:2008-01-20

摘要: 传统密钥恢复协议采取增加密钥恢复字段的方法,恶意攻击者容易辨别具备密钥恢复功能的数据包,并进行过滤阻挠。该文将潜信道密钥恢复与具体协议相结合,提出基于IPSec协议的密钥恢复方案。该方案易于实施,数据包具有不可过滤性,可避免恶意攻击者的过滤阻挠,进行有效的网络监控。

关键词: 密钥恢复, 潜信道, 密钥管理

Abstract: The key recovery schemes available usually use the method of adding a key recovery field at the end of the protocol packet. So the intruder can easily distinguish the data packet with key recovery functions from the others and filtrate them in order to prevent key recovery. The paper describes an IPSec key recovery scheme based on subliminal channel. The scheme is easy to implement, and the packets are not filterable which can avoid the intruder’s filtration. This scheme provides efficient network monitor and control.

Key words: key recovery, subliminal channel, key management

中图分类号: