计算机工程 ›› 2008, Vol. 34 ›› Issue (14): 143-145.doi: 10.3969/j.issn.1000-3428.2008.14.051

• 安全技术 • 上一篇    下一篇

TIPSec安全传输协议的设计和实现

杨卫兵1,2,孙凝晖2   

  1. (1. 中国科学院研究生院信息科学与工程学院,北京 100049;2. 中国科学院计算技术研究所国家智能计算机研究开发中心,北京 100080)
  • 收稿日期:1900-01-01 修回日期:1900-01-01 出版日期:2008-07-20 发布日期:2008-07-20

Design and Implementation of TIPSec Secure Transport Protocol

YANG Wei-bing1,2, SUN Ning-hui2   

  1. (1. School of Information Science and Engineering, Graduate University of Chinese Academy of Sciences, Beijing 100049; 2. National Research Center for Intelligent Computing Systems, Institute of Computing Technology, Chinese Academy of Sciences, Beijing 100080)
  • Received:1900-01-01 Revised:1900-01-01 Online:2008-07-20 Published:2008-07-20

摘要: 介绍TIPSec安全传输协议的设计和实现,它能同时满足3个目标:应用无关性,良好的NAT网络穿越能力,较高的数据流处理效率。TIPSec工作在操作系统内核中以保证应用无关性和处理效率,采用应用层封装,保持加密数据流的原始传输层特征以便于NAT设备处理。实际测试结果表明,在采用相同加密算法的前提下,TIPSec的带宽性能比IPSec NAT-T高出15%左右。

关键词: TIPSec协议, 通信安全, 传输协议

Abstract: This paper discusses a secure transport protocol called TIPSec, which is specially designed to be: application transparent, well adapted to NAT networks, highly efficient. TIPSec works in the OS kernel to guarantee the transparency and efficiency, and performs application- payload-only encapsulation, so as to keep the original transport layer information exposed in the encrypted datastream to ease NAT processing. Performance test shows that, equipped with the same ciphers, TIPSec provides about 15% higher bandwidth than IPSec NAT-T.

Key words: TIPSec protocol, communication security, transport protocol

中图分类号: