Abstract: This paper discusses a secure transport protocol called TIPSec, which is specially designed to be: application transparent, well adapted to NAT networks, highly efficient. TIPSec works in the OS kernel to guarantee the transparency and efficiency, and performs application- payload-only encapsulation, so as to keep the original transport layer information exposed in the encrypted datastream to ease NAT processing. Performance test shows that, equipped with the same ciphers, TIPSec provides about 15% higher bandwidth than IPSec NAT-T.

Key words: TIPSec protocol, communication security, transport protocol

摘要： 介绍TIPSec安全传输协议的设计和实现，它能同时满足3个目标：应用无关性，良好的NAT网络穿越能力，较高的数据流处理效率。TIPSec工作在操作系统内核中以保证应用无关性和处理效率，采用应用层封装，保持加密数据流的原始传输层特征以便于NAT设备处理。实际测试结果表明，在采用相同加密算法的前提下，TIPSec的带宽性能比IPSec NAT-T高出15%左右。

关键词: TIPSec协议, 通信安全, 传输协议

CLC Number: 

• TP309