作者投稿和查稿 主编审稿 专家审稿 编委审稿 远程编辑

计算机工程 ›› 2011, Vol. 37 ›› Issue (5): 152-154. doi: 10.3969/j.issn.1000-3428.2011.05.051

• 安全技术 • 上一篇    下一篇

基于可重构密码模块的VPN安全网关

褚有睿1,王志远2,欧阳旦2   

  1. (1. 解放军信息工程大学电子技术学院,郑州 450004;2. 空军电子技术研究所,北京 100089)
  • 出版日期:2011-03-05 发布日期:2012-10-31
  • 作者简介:褚有睿(1983-),男,硕士研究生,主研方向:可重构密码处理,网络安全;王志远,博士;欧阳旦,高级工程师

VPN Security Gateway Based on Reconfigurable Cipher Module

CHU You-rui 1, WANG Zhi-yuan  2, OUYANG Dan  2   

  1. (1. Institute of Electronic Technology, PLA Information Engineering University, Zhengzhou 450004, China; 2. Air Force Graduate School of Electronic Technology, Beijing 100089, China)
  • Online:2011-03-05 Published:2012-10-31

摘要: 结合片上可编程系统和IPSec技术,设计一种基于可重构密码处理模块的虚拟专用网安全网关。该网关采用双处理器结构,主处理器完成系统芯片的初始化配置、系统控制、管理和数据包的预处理,协处理器完成IPSec处理功能,可重构密码处理模块加速加解密处理,从而提高算法执行效率,同时扩展IPSec协议的安全性。实验结果表明,该网关具有较高的吞吐率,能满足中低端网络安全的需求。

关键词: 虚拟专用网安全网关, NIOSⅡ处理器, 片上可编程系统, 可重构密码处理

Abstract: By combining the System On a Programmable Chip(SOPC) and the IPSec technology, this paper designs a virtual private security gateway based on reconfigurable cipher processing module. A-two CPU architecture is adopted, one CPU is used as main processor and the other is used as IPSec coprocessor. The main processor mainly finishes the following task, which initializing configuration of the chip, controlling the system, management and the preprocessing of the data. The IPSec coprocessor mainly performs the IPSec processing function. The reconfigurable cipher processing module is used to accelerate the encryption and the decryption, so the cipher algorithm is processed faster than before and the security of the IPSec protocol is better at this gateway. Experimental result shows that this gateway has higher processing rate and can satisfy the security demand of small network.

Key words: Virtual Private Network(VPN) security gateway, NIOSⅡ processor, System On a Programmable Chip(SOPC), reconfigurable cipher processing

中图分类号: