摘要： 针对软件加密解密时发送和接收数据包速率较低的问题，利用IPSec协议和密码卡相结合，提出一种高速、高性能和适应于各种安全需求的网络安全系统，包括标准IPSec的本地化改造，ESP协议和IKE协议自由使用密码卡上的专用算法等关键技术。测试和分析结果表明，该系统与软件加密系统相比具有比较明显的优势。

关键词: 网络安全, 保密数据传输, Internet密钥交换协议, 虚拟专用网络

Abstract: Aiming at encryption and decryption used by software sending and receiving data packets at lower rate, an implementary scheme with the properties of high speed, high performance and flexibility to all kinds of secure system is proposed by exploiting IPSec protocol, including ESP and IKE which can freely use special algorithm within the crypto card. The implementary IPSec models and data transmission system are tested and analyzed. Results indicate that the system proposed is distinct advantage than software encryption system .

Key words: network security, secret data transmission, Internet Key Exchange(IKE) protocol, Virtual Private Network(VPN)

中图分类号: 

• TP393.08