[go: up one dir, main page]

CN103259768B - A kind of message authentication method, system and device - Google Patents

A kind of message authentication method, system and device Download PDF

Info

Publication number
CN103259768B
CN103259768B CN201210036909.3A CN201210036909A CN103259768B CN 103259768 B CN103259768 B CN 103259768B CN 201210036909 A CN201210036909 A CN 201210036909A CN 103259768 B CN103259768 B CN 103259768B
Authority
CN
China
Prior art keywords
timestamp
receiving
time stamp
message
transmitting terminal
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Fee Related
Application number
CN201210036909.3A
Other languages
Chinese (zh)
Other versions
CN103259768A (en
Inventor
韦银星
夏正雪
万长胜
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
ZTE Corp
Original Assignee
ZTE Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by ZTE Corp filed Critical ZTE Corp
Priority to CN201210036909.3A priority Critical patent/CN103259768B/en
Publication of CN103259768A publication Critical patent/CN103259768A/en
Application granted granted Critical
Publication of CN103259768B publication Critical patent/CN103259768B/en
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Landscapes

  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

本发明公开了一种消息认证方法、系统和装置,方法包括:发送端和接收端为每个建立的连接保存初始化的时间戳,并定期更新该时间戳,该时间戳包括发送时间戳和接收时间戳;在需要通过该连接发送数据时,发送端依据待发送的数据报文、保存的发送时间戳和密钥材料,生成消息认证码,并将生成的消息认证码随同发送数据的消息一起发送给接收端;接收端收到该消息时,依据保存的接收时间戳、密钥材料和消息中的数据报文,认证消息认证码的正确性。通过本发明,能够解决现有传输控制协议认证选项(TCP‑AO)技术中存在的重放攻击问题。

The invention discloses a message authentication method, system and device. The method includes: the sending end and the receiving end save the initialized time stamp for each established connection, and periodically update the time stamp. The time stamp includes sending time stamp and receiving time stamp Timestamp; when data needs to be sent through this connection, the sender generates a message authentication code based on the data message to be sent, the saved sending timestamp and key material, and sends the generated message authentication code together with the message to send the data Send to the receiving end; when receiving the message, the receiving end will verify the correctness of the message authentication code according to the saved receiving time stamp, key material and data message in the message. The invention can solve the replay attack problem existing in the existing transmission control protocol authentication option (TCP-AO) technology.

Description

一种消息认证方法、系统和装置Method, system and device for message authentication

技术领域technical field

本发明涉及通信网络中的路由安全技术,尤其涉及一种消息认证方法、系统和装置。The invention relates to routing security technology in a communication network, in particular to a message authentication method, system and device.

背景技术Background technique

现有数据网络大多以互联网协议(IP,Internet Protocol)技术为基础,路由器是以IP技术为基础的网络上的核心设备,它通过运行在其上的路由协议,维护一套路由表,并根据路由表转发接收到的IP数据包。发送者发出的IP数据包经多个路由器转发后,被传输到目的地。为了维护一套路由表,不同路由器上的路由协议之间需要交互路由消息,以实现路由表信息的创建、更新、学习功能。由于路由消息在公共网络中传输,其信道由多个网络节点共享,因此攻击者可以很容易的拦截并伪造或篡改路由消息。路由器一旦接收这种错误的路由消息,将产生错误的路由表;路由协议根据错误的路由表转发IP数据包时,将无法把数据包传输到目的地。为解决这一问题,必须为路由协议提供完整性保护机制,以防止攻击者伪造或篡改路由消息。完整性保护机制的基本思路是使用密钥材料为路由消息生成消息认证码(这一过程通常使用单向函数或限门单向函数),并将消息认证码随同消息一起发送给接收者,接收者收到路由消息和认证码后,使用对应的密钥材料对消息和其认证码进行验证,只有通过验证的路由消息才是未被攻击者篡改的正确消息。由于攻击者没有密钥材料,其将无法伪造、篡改消息,并生成正确的消息认证码。这种机制使得只有拥有密钥材料的路由器生成的路由消息才能通过验证,没有密钥材料的攻击者生成的路由消息将无法通过验证,从而有效防止了攻击者伪造和篡改路由消息。Most of the existing data networks are based on Internet Protocol (IP, Internet Protocol) technology. The router is the core device on the network based on IP technology. It maintains a set of routing tables through the routing protocol running on it, and according to the The routing table forwards received IP packets. The IP data packet sent by the sender is transmitted to the destination after being forwarded by multiple routers. In order to maintain a set of routing tables, routing protocols on different routers need to exchange routing messages to realize the functions of creating, updating, and learning routing table information. Since the routing message is transmitted in the public network, and its channel is shared by multiple network nodes, an attacker can easily intercept and forge or tamper with the routing message. Once the router receives this wrong routing message, it will generate a wrong routing table; when the routing protocol forwards the IP data packet according to the wrong routing table, it will not be able to transmit the data packet to the destination. To solve this problem, an integrity protection mechanism must be provided for routing protocols to prevent attackers from forging or tampering with routing messages. The basic idea of the integrity protection mechanism is to use the key material to generate a message authentication code for the routing message (this process usually uses a one-way function or a threshold one-way function), and send the message authentication code to the receiver along with the message. After receiving the routing message and authentication code, the attacker uses the corresponding key material to verify the message and its authentication code. Only the routing message that passes the verification is the correct message that has not been tampered by the attacker. Since the attacker has no key material, he will not be able to forge, tamper with the message, and generate the correct message authentication code. This mechanism makes only the routing message generated by the router with the key material pass the verification, and the routing message generated by the attacker without the key material will not pass the verification, thus effectively preventing the attacker from forging and tampering with the routing message.

传输控制协议认证选项(TCP-AO,Transmission Control ProtocolAuthentication Option)是很多路由协议如边界网关协议(BGP,Border GatewayProtocol)、路径计算单元(PCE,Path Computation Element)、标签分发协议(LDP,LabelDistribution Protocol)、组播源发现协议(MSDP,Multicast Source DiscoveryProtocol)等的完整性保护机制。它定义了一个新的TCP选项:authentication(认证)选项。路由协议将生成的消息认证码存储在该选项中,随着路由协议一起传输给对端,对端则通过验证authentication选项的正确性来判断路由协议数据是否被修改了。Transmission Control Protocol Authentication Option (TCP-AO, Transmission Control Protocol Authentication Option) is a lot of routing protocols such as Border Gateway Protocol (BGP, Border Gateway Protocol), Path Computation Element (PCE, Path Computation Element), Label Distribution Protocol (LDP, LabelDistribution Protocol) , Multicast Source Discovery Protocol (MSDP, Multicast Source Discovery Protocol) and other integrity protection mechanisms. It defines a new TCP option: authentication (authentication) option. The routing protocol stores the generated message authentication code in this option, and transmits it to the peer end together with the routing protocol, and the peer end judges whether the routing protocol data has been modified by verifying the correctness of the authentication option.

TCP-AO技术采用sequence number(序列号)来防止replay(重放)攻击。TCP协议头有一个序列号(sequence number)字段,该字段长度为32bit。在建立连接时,TCP协议会随机生成一个初始序列号,之后每次收发数据序列号都会相应的增加。这样每次发送路由协议数据包时,TCP的序列号都不同。TCP-AO就是利用这种机制防止重放攻击的。然而,这种基于序列号的技术存在如下问题:TCP-AO technology uses sequence number (serial number) to prevent replay (replay) attack. The TCP protocol header has a sequence number (sequence number) field with a length of 32 bits. When establishing a connection, the TCP protocol will randomly generate an initial sequence number, and the sequence number will increase accordingly each time the data is sent and received. In this way, each time a routing protocol packet is sent, the TCP sequence number is different. TCP-AO uses this mechanism to prevent replay attacks. However, this serial number-based technique has the following problems:

一、当sequence number在序列号取值范围中取遍所有的值时,TCP-AO协议将会重复使用之前的序列号,此时攻击者将可使用之前相同序列号的数据包对路由协议执行重放攻击;1. When the sequence number takes all the values in the sequence number value range, the TCP-AO protocol will reuse the previous sequence number. At this time, the attacker can use the same sequence number before the packet to execute the routing protocol. replay attack;

二、当路由器之间的TCP连接断开后又重新连接时,断链前后的序列号可能有重叠部分,此时攻击者也可能实行重放攻击;2. When the TCP connection between the routers is disconnected and then reconnected, the sequence numbers before and after the disconnection may overlap, and the attacker may also implement a replay attack at this time;

三、当路由器重启时,重启前后建立的TCP连接的序列号也可能重叠,此时攻击者也可能实行重放攻击。3. When the router is restarted, the serial numbers of the TCP connections established before and after the restart may also overlap, and at this time, the attacker may also implement a replay attack.

也就是说,当sequence number重复出现时,攻击者可以用具有同样sequencenumber的旧的数据报文代替新的数据报文,发起重放攻击。由于报文中包含有路由协议数据,接收者将会收到一个旧的路由协议数据;而如果这个旧的路由协议数据是一个路由更新消息,则接收者将使用旧的路由更新消息来取代目前的路由信息,即路由协议将采用过时的路由信息进行路由,从而导致路由失败。由此可以看出,解决重放攻击的问题,对路由协议的安全非常关键。That is to say, when the sequence number appears repeatedly, the attacker can replace the new data packet with the old data packet with the same sequence number to launch a replay attack. Since the message contains routing protocol data, the receiver will receive an old routing protocol data; and if the old routing protocol data is a routing update message, the receiver will use the old routing updating message to replace the current Routing information, that is, the routing protocol will use outdated routing information for routing, resulting in routing failure. It can be seen that solving the problem of replay attacks is very critical to the security of routing protocols.

目前解决此问题的一种方法是增加sequence number字段的长度,以减少sequence number字段的重叠。从理论上说,只要sequence number字段足够长,就不会有sequence number重叠的问题,也就不会出现重放攻击的安全隐患。然而,无限制的增大sequence number字段将会增加通信开销。而在实际应用中,由于sequence number不可能真正无限大,因此,理论上说,增大sequence number字段并不能从根本上解决重放攻击的问题。A current solution to this problem is to increase the length of the sequence number field to reduce the overlap of the sequence number field. Theoretically, as long as the sequence number field is long enough, there will be no problem of sequence number overlap, and there will be no security risks of replay attacks. However, increasing the sequence number field without limit will increase the communication overhead. In practical applications, since the sequence number cannot be truly infinite, theoretically speaking, increasing the sequence number field cannot fundamentally solve the problem of replay attacks.

发明内容Contents of the invention

有鉴于此,本发明的主要目的在于提供一种消息认证方法、系统和装置,以解决现有TCP-AO技术中存在的重放攻击问题。In view of this, the main purpose of the present invention is to provide a message authentication method, system and device to solve the replay attack problem existing in the existing TCP-AO technology.

为达到上述目的,本发明的技术方案是这样实现的:In order to achieve the above object, technical solution of the present invention is achieved in that way:

本发明提供了一种消息认证方法,该方法包括:The present invention provides a message authentication method, the method comprising:

发送端和接收端为每个建立的连接保存初始化的时间戳,并定期更新所述时间戳,所述时间戳包括发送时间戳和接收时间戳;The sending end and the receiving end save the initial timestamp for each established connection, and periodically update the timestamp, and the timestamp includes a sending timestamp and a receiving timestamp;

在需要通过所述连接发送数据时,发送端依据待发送的数据报文、保存的发送时间戳和密钥材料,生成消息认证码,并将生成的消息认证码随同发送数据的消息一起发送给接收端;When data needs to be sent through the connection, the sending end generates a message authentication code based on the data message to be sent, the saved sending time stamp and key material, and sends the generated message authentication code to the Receiving end;

接收端收到所述消息时,依据保存的接收时间戳、密钥材料和消息中的数据报文,认证所述消息认证码的正确性。When receiving the message, the receiving end verifies the correctness of the message authentication code according to the saved receiving time stamp, key material and data packets in the message.

所述发送端和接收端为每个建立的连接保存初始化的时间戳,具体为:The sending end and the receiving end save the initial timestamp for each established connection, specifically:

所述发送端和接收端通过三次握手协议的流程建立连接,并交互各自的时间戳;The sending end and the receiving end establish a connection through the flow of the three-way handshake protocol, and exchange their respective time stamps;

交互完毕后,所述发送端和接收端为建立的连接保存初始化的时间戳,且发送端保存的发送时间戳的取值与接收端保存的接收时间戳的取值相同,发送端保存的接收时间戳的取值与接收端保存的发送时间戳的取值相同。After the interaction is completed, the sending end and the receiving end save the initialized time stamp for the established connection, and the value of the sending time stamp saved by the sending end is the same as the value of the receiving time stamp saved by the receiving end, and the received time stamp saved by the sending end The value of the time stamp is the same as the value of the sending time stamp saved by the receiving end.

所述定期更新时间戳具体为:The regularly updated timestamp is specifically:

所述发送端和接收端的其中一方在设置的定时器到期时,发起时间戳的更新过程,在更新过程中,所述发送端和接收端交互各自的新时间戳;One of the sending end and the receiving end initiates a time stamp update process when the set timer expires, and during the updating process, the sending end and the receiving end exchange their respective new time stamps;

交互完毕后,所述发送端和接收端更新各自保存的时间戳,且所述发送端的新的发送时间戳的取值与接收端的新的接收时间戳的取值相同,发送端的新的接收时间戳的取值与接收端的新的发送时间戳的取值相同。After the interaction is completed, the sending end and the receiving end update the time stamps saved respectively, and the value of the new sending time stamp of the sending end is the same as the value of the new receiving time stamp of the receiving end, and the new receiving time stamp of the sending end The value of the stamp is the same as the value of the new sending timestamp of the receiving end.

本发明还提供了一种消息认证系统,该系统包括:发送端和接收端,The present invention also provides a message authentication system, the system includes: a sending end and a receiving end,

发送端和接收端,用于为每个建立的连接保存初始化的时间戳,并定期更新所述时间戳,所述时间戳包括发送时间戳和接收时间戳;The sending end and the receiving end are configured to store an initialized timestamp for each established connection, and periodically update the timestamp, where the timestamp includes a sending timestamp and a receiving timestamp;

发送端还用于,在需要通过所述连接发送数据时,依据待发送的数据报文、保存的发送时间戳和密钥材料,生成消息认证码,并将生成的消息认证码随同发送数据的消息一起发送给接收端;The sending end is also used to generate a message authentication code according to the data message to be sent, the saved sending time stamp and key material when it is necessary to send data through the connection, and send the generated message authentication code together with the The message is sent to the receiver together;

接收端还用于,在收到所述消息时,依据保存的接收时间戳、密钥材料和消息中的数据报文,认证所述消息认证码的正确性。The receiving end is further configured to, when receiving the message, verify the correctness of the message authentication code according to the stored receiving time stamp, key material and data packets in the message.

所述发送端和接收端进一步用于,通过三次握手协议的流程建立连接,并交互各自的时间戳;The sending end and the receiving end are further used to establish a connection through the process of the three-way handshake protocol, and exchange respective time stamps;

交互完毕后,所述发送端和接收端为建立的连接保存初始化的时间戳,且发送端保存的发送时间戳的取值与接收端保存的接收时间戳的取值相同,发送端保存的接收时间戳的取值与接收端保存的发送时间戳的取值相同。After the interaction is completed, the sending end and the receiving end save the initialized time stamp for the established connection, and the value of the sending time stamp saved by the sending end is the same as the value of the receiving time stamp saved by the receiving end, and the received time stamp saved by the sending end The value of the time stamp is the same as the value of the sending time stamp saved by the receiving end.

所述发送端和接收端的其中一方在设置的定时器到期时,发起时间戳的更新过程,在更新过程中,所述发送端和接收端交互各自的新时间戳;One of the sending end and the receiving end initiates a time stamp update process when the set timer expires, and during the updating process, the sending end and the receiving end exchange their respective new time stamps;

交互完毕后,所述发送端和接收端更新各自保存的时间戳,且所述发送端的新的发送时间戳的取值与接收端的新的接收时间戳的取值相同,发送端的新的接收时间戳的取值与接收端的新的发送时间戳的取值相同。After the interaction is completed, the sending end and the receiving end update the time stamps saved respectively, and the value of the new sending time stamp of the sending end is the same as the value of the new receiving time stamp of the receiving end, and the new receiving time stamp of the sending end The value of the stamp is the same as the value of the new sending timestamp of the receiving end.

本发明还提供了一种消息认证装置,包括:The present invention also provides a message authentication device, including:

时间戳处理模块,用于为每个建立的连接保存初始化的时间戳,并定期更新所述时间戳,所述时间戳包括发送时间戳和接收时间戳;A time stamp processing module, configured to store an initialized time stamp for each established connection, and periodically update the time stamp, the time stamp includes a sending time stamp and a receiving time stamp;

发送处理模块,用于在所述装置作为发送端需要通过所述连接发送数据时,依据待发送的数据报文、保存的发送时间戳和密钥材料,生成消息认证码,并将生成的消息认证码随同发送数据的消息一起发送给接收端;A sending processing module, configured to generate a message authentication code according to the data message to be sent, the saved sending time stamp and key material when the device as the sending end needs to send data through the connection, and send the generated message The authentication code is sent to the receiving end together with the message of sending data;

接收处理模块,用于在所述装置作为接收端收到来自发送端的消息时,依据保存的接收时间戳、密钥材料和消息中的数据报文,认证消息认证码的正确性。The receiving processing module is used to verify the correctness of the message authentication code according to the stored receiving time stamp, key material and data message in the message when the device as the receiving end receives the message from the sending end.

发送端的时间戳处理模块与接收端的时间戳处理模块,通过三次握手协议的流程建立连接,并交互各自的时间戳;The timestamp processing module at the sending end and the timestamp processing module at the receiving end establish a connection through the process of the three-way handshake protocol and exchange their respective timestamps;

交互完毕后,发送端的时间戳处理模块和接收端的时间戳处理模块为建立的连接保存初始化的时间戳,且发送端的时间戳处理模块保存的发送时间戳的取值与接收端的时间戳处理模块保存的接收时间戳的取值相同,发送端的时间戳处理模块保存的接收时间戳的取值与接收端的时间戳处理模块保存的发送时间戳的取值相同。After the interaction is completed, the timestamp processing module of the sending end and the timestamp processing module of the receiving end save the initialized timestamp for the established connection, and the value of the sending timestamp saved by the timestamp processing module of the sending end is the same as that saved by the timestamp processing module of the receiving end. The value of the received timestamp is the same, and the value of the received timestamp saved by the timestamp processing module of the sending end is the same as the value of the sent timestamp saved by the timestamp processing module of the receiving end.

发送端和接收端的时间戳处理模块的其中一方在设置的定时器到期时,发起时间戳的更新过程,在更新过程中,发送端和接收端的时间戳处理模块交互各自的新时间戳;One of the time stamp processing modules of the sending end and the receiving end initiates the update process of the time stamp when the set timer expires, and during the update process, the time stamp processing modules of the sending end and the receiving end exchange their respective new time stamps;

交互完毕后,发送端和接收端的时间戳处理模块更新各自保存的时间戳,且发送端的新的发送时间戳的取值与接收端的新的接收时间戳的取值相同,发送端的新的接收时间戳的取值与接收端的新的发送时间戳的取值相同。After the interaction is completed, the timestamp processing modules of the sending end and the receiving end update their respective saved timestamps, and the value of the new sending timestamp of the sending end is the same as the value of the new receiving timestamp of the receiving end, and the new receiving time stamp of the sending end The value of the stamp is the same as the value of the new sending timestamp of the receiving end.

本发明所提供的一种消息认证方法、系统和装置,利用时间戳的不同来防止sequence number重复出现时带来的重放攻击问题;由于时间戳定期更新,因此即使sequence number相同,而由于时间戳不同,生成的消息认证码也会不同,从而可以很好的解决现有TCP-AO技术中存在的重放攻击问题。A message authentication method, system and device provided by the present invention utilize the difference in time stamps to prevent the replay attack problem caused by sequence number repetitions; since the time stamps are updated regularly, even if the sequence numbers are the same, due to time Different stamps will generate different message authentication codes, which can well solve the replay attack problem existing in the existing TCP-AO technology.

附图说明Description of drawings

图1为本发明实施例的一种消息认证方法的流程图;FIG. 1 is a flowchart of a message authentication method according to an embodiment of the present invention;

图2为本发明实施例中为建立的连接保存初始化的时间戳的流程图;FIG. 2 is a flowchart of saving an initialized timestamp for an established connection in an embodiment of the present invention;

图3为本发明实施例中定期更新时间戳的流程图。Fig. 3 is a flow chart of periodically updating a time stamp in an embodiment of the present invention.

具体实施方式Detailed ways

下面结合附图和具体实施例对本发明的技术方案进一步详细阐述。The technical solutions of the present invention will be further elaborated below in conjunction with the accompanying drawings and specific embodiments.

本发明实施例提供的一种消息认证方法,如图1所示,主要包括:A message authentication method provided by an embodiment of the present invention, as shown in Figure 1, mainly includes:

步骤101,发送端和接收端为每个建立的连接保存初始化的时间戳,并定期更新该时间戳,该时间戳包括发送时间戳和接收时间戳。In step 101, the sending end and the receiving end save an initialized timestamp for each established connection, and periodically update the timestamp, which includes a sending timestamp and a receiving timestamp.

本发明的实施例扩展TCP协议,定义了一种新的TCP-AO时间戳选项,如下表1所示:Embodiments of the present invention extend the TCP protocol and define a new TCP-AO timestamp option, as shown in Table 1 below:

Kind kind Length Length Data Data

表1Table 1

其中,Kind为选项的类型定义,长度为一个字节,目前50以后的类型定义都没有定义,因此,本发明实施例定义新的TCP-AO时间戳选项内容如下:Wherein, Kind is the type definition of the option, and the length is one byte. At present, the type definition after 50 is not defined. Therefore, the embodiment of the present invention defines the content of the new TCP-AO timestamp option as follows:

TCP_AO_T的取值为50,用以标识该类型为TCP-AO时间戳选项;The value of TCP_AO_T is 50, which is used to identify this type as the TCP-AO timestamp option;

Length为TCP-AO时间戳选项的数据段长度,本发明实施例中定义TCP-AO时间戳选项的数据段长度为10字节;Length is the length of the data segment of the TCP-AO timestamp option, and the length of the data segment defining the TCP-AO timestamp option is 10 bytes in the embodiment of the present invention;

Data字段包含两个时间数据,Time1和Time2,其中,Time1为发送时间戳,Time2为接收时间戳。Time1和Time2的时间格式可以取任意不超过5字节长度的标识形式,例如,取1979年1月1日到当前的时间的秒数等等。任何时间格式的Time1和Time2都属于本发明的保护范围。The Data field contains two time data, Time1 and Time2, where Time1 is the sending timestamp and Time2 is the receiving timestamp. The time formats of Time1 and Time2 can be in any identification form with a length of no more than 5 bytes, for example, the number of seconds from January 1, 1979 to the current time, and so on. Time1 and Time2 in any time format belong to the protection scope of the present invention.

如此一来,TCP-AO时间戳选项的基本形式如下表2所示:In this way, the basic form of the TCP-AO timestamp option is shown in Table 2 below:

50 50 10 10 Time1 Time1 Time2 Time2

表2Table 2

本发明的实施例不重用现有的TCP时间戳选项,而是定义新的TCP-AO时间戳选项,目的是防止现有TCP协议栈在进行往返时间测量(RTTM,Round Trip Time Measurement)和防止序号环绕(PAWS,Protection Against Wrapped Sequence number)过程时引起TCP-AO的处理流程,而导致路由协议的TCP-AO处理流程出错。本发明的实施例定义了TCP-AO时间戳选项后,TCP-AO的防重放攻击技术就会与现有的RTTM和PAWS过程完全区分开来,这样就不用再改动现有的TCP协议栈代码了,向后兼容性好。Embodiments of the present invention do not reuse the existing TCP timestamp option, but define a new TCP-AO timestamp option, with the purpose of preventing the existing TCP protocol stack from performing round-trip time measurement (RTTM, Round Trip Time Measurement) and preventing The sequence number wrapping (PAWS, Protection Against Wrapped Sequence number) process causes the TCP-AO processing flow, which leads to an error in the TCP-AO processing flow of the routing protocol. After the embodiment of the present invention defines the TCP-AO timestamp option, the anti-replay attack technology of TCP-AO will be completely distinguished from the existing RTTM and PAWS processes, so that there is no need to change the existing TCP protocol stack The code is updated, and the backward compatibility is good.

当然,如果采用另一种方式,即修改现有的TCP时间戳选项定义,使其区分现有时间戳的用处,然后修改TCP协议栈的处理流程,使其能按照不同的方式处理TCP时间戳选项。这种方式也是可行的,但这种方式对现有TCP协议改动较大,会带来兼容性问题。本发明的实施例也涵盖这种方式。Of course, if another method is used, that is, modify the existing TCP timestamp option definition to distinguish the usefulness of the existing timestamp, and then modify the processing flow of the TCP protocol stack so that it can process TCP timestamps in different ways option. This method is also feasible, but this method greatly changes the existing TCP protocol, which will cause compatibility problems. Embodiments of the present invention also cover this approach.

本发明的实施例还定义了TCP-AO的时间戳数据结构,即在每个路由器上为每个TCP连接建立两个时间戳存储空间,一个是发送数据的时间戳,一个是接收数据的时间戳,如下表3所示:The embodiment of the present invention also defines the timestamp data structure of TCP-AO, that is, two timestamp storage spaces are established for each TCP connection on each router, one is the timestamp of sending data, and the other is the time of receiving data Stamp, as shown in Table 3 below:

源端口号 source port number 目的端口号 destination port number 发送时间戳(SendT) Send Timestamp (SendT) 接收时间戳(RecvT) Receive Timestamp (RecvT)

表3table 3

其中,源端口号和目的端口号都是16位的数字,用于标识一对TCP连接,SendT和RecvT的格式说明与表2中的Time1和Time2分别相同,分别表示发送时间戳和接收时间戳。Among them, the source port number and the destination port number are both 16-bit numbers, which are used to identify a pair of TCP connections. The format descriptions of SendT and RecvT are the same as Time1 and Time2 in Table 2, which represent the sending timestamp and receiving timestamp respectively. .

需要说明的是,本发明的实施例定义了TCP-AO的时间戳数据结构的格式,而实际应用中,也可以将SendT和RecvT字段合并在TCPCB数据结构中。本发明的实施例涵盖这种方式。It should be noted that the embodiment of the present invention defines the format of the timestamp data structure of TCP-AO, but in practical applications, the SendT and RecvT fields may also be combined in the TCPCB data structure. Embodiments of the present invention encompass this approach.

时间戳选项和时间戳数据结构的区别在于:时间戳选项是用来发送时间戳的,时间戳数据结构是TCP-AO用来生成消息认证码的。The difference between the timestamp option and the timestamp data structure is that the timestamp option is used to send a timestamp, and the timestamp data structure is used by TCP-AO to generate a message authentication code.

步骤102,在需要通过该连接发送数据时,发送端依据待发送的数据报文、保存的发送时间戳和密钥材料,生成消息认证码,并将生成的消息认证码随同发送数据的消息一起发送给接收端。Step 102, when data needs to be sent through the connection, the sending end generates a message authentication code based on the data message to be sent, the saved sending time stamp and key material, and sends the generated message authentication code together with the message sending the data sent to the receiving end.

步骤103,接收端收到该消息时,依据保存的接收时间戳、密钥材料和消息中的数据报文,认证消息认证码的正确性。Step 103, when the receiving end receives the message, it verifies the correctness of the message authentication code according to the saved receiving time stamp, key material and data packets in the message.

上述步骤103中,发送端和接收端为每个建立的连接保存初始化的时间戳,具体可采用以下方式:In the above step 103, the sending end and the receiving end save the initialized timestamp for each established connection, and the following methods can be used specifically:

发送端和接收端通过三次握手协议的流程建立连接,并交互各自的时间戳;The sending end and the receiving end establish a connection through the process of the three-way handshake protocol, and exchange their respective timestamps;

交互完毕后,发送端和接收端为建立的连接保存初始化的时间戳,且发送端保存的发送时间戳的取值与接收端保存的接收时间戳的取值相同,发送端保存的接收时间戳的取值与接收端保存的发送时间戳的取值相同。After the interaction is completed, the sending end and the receiving end save the initial timestamp for the established connection, and the value of the sending timestamp saved by the sending end is the same as the value of the receiving timestamp saved by the receiving end, and the receiving timestamp saved by the sending end The value of is the same as the value of the sending timestamp saved by the receiving end.

下面以TCP客户端和TCP服务器的交互为例进行说明,当TCP连接建立时,初始化本发明实施例中的时间戳数据结构的具体流程如图2所示,主要包括:The following takes the interaction between the TCP client and the TCP server as an example for illustration. When the TCP connection is established, the specific flow of initializing the timestamp data structure in the embodiment of the present invention is shown in FIG. 2, which mainly includes:

步骤201,TCP客户端向TCP服务器发送同步(SYN)包,同时发送自身的时间戳。该时间戳可以从系统时钟获取。In step 201, the TCP client sends a synchronization (SYN) packet to the TCP server, and at the same time sends its own timestamp. This timestamp can be obtained from the system clock.

其中,Syn=j,TCP客户端发送Syn包(Syn=j)到TCP服务器时,序列号的值j是0-232之间随机产生的一个数据;TCP客户端发送的TCP-AO-T选项(TCP-AO-T1)中的Time1为TCP客户端发送SYN包时的当前时间,Time2的值为0。TCP客户端发送完后,进入SYN_SEND状态,等待TCP服务器确认。Wherein, Syn=j, when the TCP client sends the Syn packet (Syn=j) to the TCP server, the value j of the serial number is a data randomly generated between 0-232 ; the TCP-AO-T sent by the TCP client Time1 in the option (TCP-AO-T1) is the current time when the TCP client sends the SYN packet, and the value of Time2 is 0. After the TCP client finishes sending, it enters the SYN_SEND state and waits for the TCP server to confirm.

步骤202,TCP服务器向TCP客户端返回确认,包含以下内容:Ack=j+1,Syn=k,TCP-AO-T2,TCP-AO。其中,Ack=j+1表示TCP服务器确认TCP客户端的Syn;Syn=k表示TCP服务器自己也发送一个SYN包,其中的序列号的值k是0-232之间随机产生的一个数;TCP-AO-T2是一个TCP-AO-T选项,该选项中的Time1为TCP服务器返回确认时的当前时间,Time2的取值与步骤201中TCP-AO-T选项(TCP-AO-T1)的Time1字段的取值相同。Step 202, the TCP server returns an acknowledgment to the TCP client, including the following content: Ack=j+1, Syn=k, TCP-AO-T2, TCP-AO. Among them, Ack=j+1 means that the TCP server confirms the Syn of the TCP client; Syn=k means that the TCP server itself also sends a SYN packet, and the value k of the sequence number is a number randomly generated between 0-232 ; -AO-T2 is a TCP-AO-T option, Time1 in this option is the current time when the TCP server returns confirmation, and the value of Time2 is the same as that of the TCP-AO-T option (TCP-AO-T1) in step 201 The value of the Time1 field is the same.

TCP服务器返回确认后,进入SYN_RECV状态,等待TCP客户端的确认。After the TCP server returns confirmation, it enters the SYN_RECV state and waits for the confirmation from the TCP client.

步骤203,TCP客户端向TCP服务器返回确认,包含以下内容:Ack=k+1,TCP-AO-T3,TCP-AO。其中,Ack=k+1表示TCP客户端确认TCP服务器的Syn;TCP-AO-T3是一个TCP-AO-T选项,该选项中的Time1为0,Time2的取值与步骤202中TCP-AO-T选项(TCP-AO-T2)的Time1字段的取值相同。Step 203, the TCP client returns an acknowledgment to the TCP server, including the following content: Ack=k+1, TCP-AO-T3, TCP-AO. Wherein, Ack=k+1 represents that the TCP client confirms the Syn of the TCP server; TCP-AO-T3 is a TCP-AO-T option, and Time1 in this option is 0, and the value of Time2 is the same as that of TCP-AO in step 202 The value of the Time1 field of the -T option (TCP-AO-T2) is the same.

TCP客户端返回确认后,进入ESTABLISHED状态,完成握手过程。之后双方就可以交互路由协议数据了。After the TCP client returns the confirmation, it enters the ESTABLISHED state and completes the handshake process. The two parties can then exchange routing protocol data.

TCP客户端和TCP服务器交互的时间戳,在得到确认后,将被保存到各自的数据结构(表3所示)中,TCP客户端和TCP服务器的序列号则保存在TCPCB数据结构的对应字段中。The time stamp of the interaction between the TCP client and the TCP server will be saved in their respective data structures (shown in Table 3) after being confirmed, and the serial numbers of the TCP client and TCP server will be saved in the corresponding fields of the TCPCB data structure middle.

本实施例在TCP连接建立时,初始化时间戳信息,从而为解决如下问题做准备:路由器之间的TCP连接重新建立前后、或者路由器重启前后,序列号sequence number可能重复,存在重放攻击的危险。In this embodiment, when the TCP connection is established, the timestamp information is initialized, so as to prepare for solving the following problem: before and after the TCP connection between the routers is re-established, or before and after the router is restarted, the sequence number may be repeated, and there is a risk of replay attack .

另外,当TCP连接很长时间时,sequence number可能重复,一旦重复则将可能带来重放攻击的隐患。因此,本申请的实施例需要定期更新时间戳,具体可以采用以下方式:发送端和接收端的其中一方在设置的定时器到期时,发起时间戳的更新过程,在更新过程中,发送端和接收端交互各自的新时间戳;交互完毕后,发送端和接收端更新各自保存的时间戳,且发送端的新的发送时间戳的取值与接收端的新的接收时间戳的取值相同,发送端的新的接收时间戳的取值与接收端的新的发送时间戳的取值相同。In addition, when the TCP connection lasts for a long time, the sequence number may be repeated, and once it is repeated, it may cause the hidden danger of replay attack. Therefore, the embodiment of the present application needs to update the time stamp regularly. Specifically, the following method can be adopted: when the set timer expires, one of the sending end and the receiving end initiates the updating process of the time stamp. During the updating process, the sending end and the receiving end The receiving end interacts with their new timestamps; after the interaction is completed, the sending end and the receiving end update their respective saved timestamps, and the value of the new sending timestamp of the sending end is the same as the value of the new receiving timestamp of the receiving end. The value of the new receiving timestamp at the receiving end is the same as the value of the new sending timestamp at the receiving end.

下面以TCP客户端和TCP服务器的交互为例进行说明,定期更新时间戳的具体流程如图3所示,主要包括:The following takes the interaction between the TCP client and the TCP server as an example to illustrate. The specific process of periodically updating the timestamp is shown in Figure 3, which mainly includes:

步骤301,TCP客户端向TCP服务器发送路由协议数据,同时发送自己的新时间戳。In step 301, the TCP client sends routing protocol data to the TCP server, and at the same time sends its own new time stamp.

其中,TCPHD为TCP协议头,一般包含sequence number;TCP-AO为TCP认证选项;RPD为路由协议的数据,也就是TCP协议承载的路由协议数据。TCP-AO-T4是一个TCP-AO-T选项,该选项中的Time1为TCP客户端发送时的当前时间,Time2的值为0。Among them, TCPHD is a TCP protocol header, which generally includes a sequence number; TCP-AO is a TCP authentication option; RPD is routing protocol data, that is, routing protocol data carried by the TCP protocol. TCP-AO-T4 is a TCP-AO-T option. Time1 in this option is the current time when the TCP client sends, and the value of Time2 is 0.

步骤302,TCP服务器应答TCP客户端的新时间戳,同时发送自己的新时间戳。In step 302, the TCP server responds to the new time stamp of the TCP client and sends its own new time stamp at the same time.

其中,TCPHD为TCP协议头,一般包含sequence number;TCP-AO为TCP认证选项;RPD为路由协议的数据,也就是TCP协议承载的路由协议数据;TCP-AO-T5是一个TCP-AO-T选项,该选项中的Time1为TCP服务器应答时的当前时间,Time2的值为步骤301中TCP-AO-T选项(TCP-AO-T4)的Time1字段的值。Among them, TCPHD is the TCP protocol header, which generally includes sequence number; TCP-AO is the TCP authentication option; RPD is the data of the routing protocol, that is, the routing protocol data carried by the TCP protocol; TCP-AO-T5 is a TCP-AO-T option, Time1 in this option is the current time when the TCP server responds, and the value of Time2 is the value of the Time1 field of the TCP-AO-T option (TCP-AO-T4) in step 301.

步骤303,TCP客户端应答TCP服务器的新时间戳。In step 303, the TCP client replies with the new time stamp of the TCP server.

其中,TCPHD为TCP协议头,一般包含sequence number;TCP-AO为TCP认证选项;RPD为路由协议的数据,也就是TCP协议承载的路由协议数据;TCP-AO-T6是一个TCP-AO-T选项,该选项中的Time1为0,Time2的值为步骤302中TCP-AO-T选项(TCP-AO-T5)的Time1字段的值。Among them, TCPHD is the TCP protocol header, generally including the sequence number; TCP-AO is the TCP authentication option; RPD is the data of the routing protocol, that is, the routing protocol data carried by the TCP protocol; TCP-AO-T6 is a TCP-AO-T option, in which Time1 is 0, and the value of Time2 is the value of the Time1 field of the TCP-AO-T option (TCP-AO-T5) in step 302.

需要说明的是,上述实施例中定期更新时间戳数据结构的操作是从TCP客户端发起的,当然,实际应用中也可以先从TCP服务器发起。操作的触发条件可以是定时器,在发起方设置定时器,当定时器到期时,发起方向对端发送时间戳更新的选项。定时器的时间可以由运营商自行配置调整。It should be noted that, in the above embodiment, the operation of regularly updating the time stamp data structure is initiated from the TCP client, of course, it may also be initiated from the TCP server in practical applications. The trigger condition of the operation can be a timer. The timer is set on the initiator. When the timer expires, the initiator sends the option of updating the timestamp to the peer. The time of the timer can be configured and adjusted by the operator.

TCP客户端和TCP服务器交互的时间戳,在得到确认后,将被保存到各自的数据结构(表3所示)中。更新时间戳数据结构的过程对sequence number的处理没有影响。The timestamps of the interaction between the TCP client and the TCP server will be saved in their respective data structures (shown in Table 3) after being confirmed. The process of updating the timestamp data structure has no effect on the processing of sequence numbers.

本实施例更新各路由器的时间戳,能有效避免以下问题:路由器之间的TCP连接保持很长时间后,sequence number重复情况,会带来重放攻击隐患。This embodiment updates the time stamps of each router, which can effectively avoid the following problem: after the TCP connection between routers is maintained for a long time, the sequence number repeats, which will bring hidden dangers of replay attacks.

前述实施例的主要目的是为了维护一个TCP-AO的时间戳数据结构,维护此TCP-AO的时间戳数据结构用以完成路由协议的完整性保护。The main purpose of the aforementioned embodiments is to maintain a TCP-AO timestamp data structure, and maintaining the TCP-AO timestamp data structure is used to complete the integrity protection of the routing protocol.

发送端在需要通过建立的连接发送数据时,其生成消息认证码的方法如下:When the sender needs to send data through the established connection, the method for generating the message authentication code is as follows:

MAC=MAC_alg(traffic_key,message,SendT)MAC = MAC_alg(traffic_key, message, SendT)

其中,MAC表示发送端计算所得的消息认证码,MAC_alg表示消息认证码的计算方法,traffic_key表示密钥材料,message表示TCP数据报文,SendT表示发送端保存的对应该连接的发送时间戳。Among them, MAC indicates the message authentication code calculated by the sender, MAC_alg indicates the calculation method of the message authentication code, traffic_key indicates the key material, message indicates the TCP data message, and SendT indicates the sending timestamp corresponding to the connection saved by the sender.

接收端验证消息认证码正确性的方法如下:The method for the receiver to verify the correctness of the message authentication code is as follows:

MAC=MAC_alg(traffic_key,message,RecvT)MAC = MAC_alg(traffic_key, message, RecvT)

其中,MAC表示接收端计算所得的消息认证码,MAC_alg表示消息认证码的计算方法,traffic_key表示密钥材料,message表示TCP数据报文,RecvT表示接收端保存的对应该连接的接收时间戳。经过图2和图3所示的实施例后,可以保证发送端保存的SendT与接收端保存的RecvT相同。Among them, MAC represents the message authentication code calculated by the receiving end, MAC_alg represents the calculation method of the message authentication code, traffic_key represents the key material, message represents the TCP data message, and RecvT represents the receiving timestamp corresponding to the connection saved by the receiving end. After the embodiments shown in FIG. 2 and FIG. 3 , it can be guaranteed that the SendT saved at the sending end is the same as the RecvT saved at the receiving end.

将接收端计算所得的消息验证码与发送端发送的消息验证码进行比较,如果两者一致,则验证正确;否则,验证错误。Compare the message verification code calculated by the receiving end with the message verification code sent by the sending end. If the two are consistent, the verification is correct; otherwise, the verification is wrong.

由此可以看出,本发明的实施例可以很好的解决现有TCP-AO技术的以下几个问题:It can be seen from this that the embodiments of the present invention can well solve the following problems of the existing TCP-AO technology:

一、当TCP连接重启时(包括路由器系统重启和TCP连接断开后重连两种情况),sequence number可能会重叠,引起重放攻击;1. When the TCP connection is restarted (including router system restart and TCP connection disconnection and reconnection), the sequence numbers may overlap, causing replay attacks;

二、当TCP连接时间过长时,sequence number可能会重叠,引起重放攻击。2. When the TCP connection time is too long, the sequence numbers may overlap, causing replay attacks.

对于第一个问题,根据本发明的实施例,由于每次重新建立TCP连接时,都会重新取当前的系统时间为时间戳,而每次取得系统时间是不同的,且必然会递增。因此,将时间戳加入到生成消息认证码的过程中后,就算sequence number重叠,由于时间戳不同,生成的消息认证码也不同。这样就可以很好的解决TCP连接重启时的重放攻击问题。Regarding the first problem, according to the embodiment of the present invention, since the current system time is taken as the time stamp every time the TCP connection is re-established, the system time is different each time and must be incremented. Therefore, after the timestamp is added to the process of generating message authentication codes, even if the sequence numbers overlap, the generated message authentication codes will be different due to different timestamps. In this way, the replay attack problem when the TCP connection is restarted can be well solved.

对于第二个问题,根据本发明的实施例,当TCP连接时间过长时会更新时间戳,只要在sequence number出现重叠前更新时间戳,生成的消息认证码就会不同,从而解决了TCP连接时间过长时的重放攻击问题。For the second problem, according to the embodiment of the present invention, when the TCP connection time is too long, the time stamp will be updated. As long as the time stamp is updated before the sequence number overlaps, the generated message authentication code will be different, thereby solving the TCP connection problem. Replay attack problem when the time is too long.

另外,在本发明的实施例中,时间戳只会定期更新并通过TCP-AO时间戳选项发送,因此,本发明的实施例可以节省传输的开销。In addition, in the embodiment of the present invention, the time stamp is only updated periodically and sent through the TCP-AO time stamp option. Therefore, the embodiment of the present invention can save transmission overhead.

在本发明的实施例中,TCP-AO自身设计的基于sequence number的防重放攻击机制并没有被丢弃,因此本发明的实施例是对现有TCP-AO机制的增强,而不会对现有TCP-AO机制造成太大影响。In the embodiment of the present invention, the sequence number-based anti-replay attack mechanism designed by TCP-AO itself has not been discarded, so the embodiment of the present invention is an enhancement to the existing TCP-AO mechanism without affecting the existing There is too much impact on the TCP-AO mechanism.

本本发明的实施例只改变消息认证码的生成机制,而不改变增加TCP-AO时间戳选项后的TCP协议交互流程,因此添加本实施例的功能后,TCP协议在使用TCP-AO选项时的做法与现有标准没有区别。The embodiment of the present invention only changes the generation mechanism of the message authentication code, but does not change the TCP protocol interaction process after adding the TCP-AO timestamp option. Therefore, after adding the functions of this embodiment, the TCP protocol when using the TCP-AO option The approach does not differ from existing standards.

本发明的实施例使得消息认证码的值不仅由sequence number和路由协议信息决定,还由时间戳决定,从而防止了sequence number重复时的重放攻击问题。综上所述,本发明的实施例可以解决现有技术存在的问题,使得Internet安全关联和密钥管理协议(ISAKMP,Internet Security Association and Key Management Protocol)可以借助EAP(身份验证)协议和diameter协议进行多种方式的认证过程,以满足不同拓扑结构的路由器网络进行密钥管理的需要。The embodiment of the present invention makes the value of the message authentication code not only determined by the sequence number and routing protocol information, but also determined by the time stamp, thereby preventing the problem of replay attack when the sequence number is repeated. In summary, the embodiments of the present invention can solve the problems existing in the prior art, so that the Internet Security Association and Key Management Protocol (ISAKMP, Internet Security Association and Key Management Protocol) can use the EAP (identity authentication) protocol and the diameter protocol A variety of authentication processes are carried out to meet the needs of key management in router networks with different topological structures.

另外,对应本发明实施例的消息认证方法,本发明的实施例还提供了一种消息认证系统,包括:发送端和接收端。In addition, corresponding to the message authentication method of the embodiment of the present invention, the embodiment of the present invention also provides a message authentication system, including: a sending end and a receiving end.

发送端和接收端,用于为每个建立的连接保存初始化的时间戳,并定期更新所述时间戳,所述时间戳包括发送时间戳和接收时间戳;The sending end and the receiving end are configured to store an initialized timestamp for each established connection, and periodically update the timestamp, where the timestamp includes a sending timestamp and a receiving timestamp;

发送端还用于,在需要通过该连接发送数据时,依据待发送的数据报文、保存的发送时间戳和密钥材料,生成消息认证码,并将生成的消息认证码随同发送数据的消息一起发送给接收端;The sender is also used to generate a message authentication code according to the data message to be sent, the saved sending time stamp and key material when it needs to send data through the connection, and send the generated message authentication code together with the message sending the data sent together to the receiver;

接收端还用于,在收到该消息时,依据保存的接收时间戳、密钥材料和消息中的数据报文,认证消息认证码的正确性。The receiving end is also used to, when receiving the message, verify the correctness of the message authentication code according to the saved receiving time stamp, key material and data packets in the message.

较佳的,发送端和接收端可进一步用于,通过三次握手协议的流程建立连接,并交互各自的时间戳;Preferably, the sending end and the receiving end can be further used to establish a connection through the process of the three-way handshake protocol, and exchange their respective timestamps;

交互完毕后,发送端和接收端为建立的连接保存初始化的时间戳,且发送端保存的发送时间戳的取值与接收端保存的接收时间戳的取值相同,发送端保存的接收时间戳的取值与接收端保存的发送时间戳的取值相同。After the interaction is completed, the sending end and the receiving end save the initial timestamp for the established connection, and the value of the sending timestamp saved by the sending end is the same as the value of the receiving timestamp saved by the receiving end, and the receiving timestamp saved by the sending end The value of is the same as the value of the sending timestamp saved by the receiving end.

较佳的,发送端和接收端的其中一方在设置的定时器到期时,发起时间戳的更新过程,在更新过程中,发送端和接收端交互各自的新时间戳;Preferably, one of the sending end and the receiving end initiates a time stamp update process when the set timer expires, and during the update process, the sending end and the receiving end exchange their respective new time stamps;

交互完毕后,发送端和接收端更新各自保存的时间戳,且发送端的新的发送时间戳的取值与接收端的新的接收时间戳的取值相同,发送端的新的接收时间戳的取值与接收端的新的发送时间戳的取值相同。After the interaction is completed, the sender and the receiver update their respective saved timestamps, and the value of the new send timestamp of the sender is the same as the value of the new receive timestamp of the receiver, and the value of the new receive timestamp of the sender is It is the same as the value of the new sending timestamp at the receiving end.

本发明的实施例还提供了一种消息认证装置,具备发送端和接收端的功能,该装置包括:时间戳处理模块、发送处理模块和接收处理模块。The embodiment of the present invention also provides a message authentication device, which has the functions of a sending end and a receiving end, and the device includes: a time stamp processing module, a sending processing module and a receiving processing module.

其中,时间戳处理模块,用于为每个建立的连接保存初始化的时间戳,并定期更新所述时间戳,所述时间戳包括发送时间戳和接收时间戳;Wherein, the timestamp processing module is configured to save an initialized timestamp for each established connection, and periodically update the timestamp, the timestamp includes a sending timestamp and a receiving timestamp;

发送处理模块,用于在所述装置作为发送端需要通过连接发送数据时,依据待发送的数据报文、保存的发送时间戳和密钥材料,生成消息认证码,并将生成的消息认证码随同发送数据的消息一起发送给接收端;The sending processing module is used to generate a message authentication code according to the data message to be sent, the saved sending time stamp and key material when the device as the sending end needs to send data through the connection, and send the generated message authentication code Send to the receiving end together with the message of sending data;

接收处理模块,用于在所述装置作为接收端收到来自发送端的消息时,依据保存的接收时间戳、密钥材料和消息中的数据报文,认证消息认证码的正确性。The receiving processing module is used to verify the correctness of the message authentication code according to the stored receiving time stamp, key material and data message in the message when the device as the receiving end receives the message from the sending end.

较佳的,发送端的时间戳处理模块与接收端的时间戳处理模块,通过三次握手协议的流程建立连接,并交互各自的时间戳;Preferably, the timestamp processing module at the sending end and the timestamp processing module at the receiving end establish a connection through the process of the three-way handshake protocol, and exchange their respective timestamps;

交互完毕后,发送端的时间戳处理模块和接收端的时间戳处理模块为建立的连接保存初始化的时间戳,且发送端的时间戳处理模块保存的发送时间戳的取值与接收端的时间戳处理模块保存的接收时间戳的取值相同,发送端的时间戳处理模块保存的接收时间戳的取值与接收端的时间戳处理模块保存的发送时间戳的取值相同。After the interaction is completed, the timestamp processing module of the sending end and the timestamp processing module of the receiving end save the initialized timestamp for the established connection, and the value of the sending timestamp saved by the timestamp processing module of the sending end is the same as that saved by the timestamp processing module of the receiving end. The value of the received timestamp is the same, and the value of the received timestamp saved by the timestamp processing module of the sending end is the same as the value of the sent timestamp saved by the timestamp processing module of the receiving end.

较佳的,发送端和接收端的时间戳处理模块的其中一方在设置的定时器到期时,发起时间戳的更新过程,在更新过程中,发送端和接收端的时间戳处理模块交互各自的新时间戳;Preferably, one of the time stamp processing modules at the sending end and the receiving end initiates a time stamp update process when the set timer expires, and during the update process, the time stamp processing modules at the sending end and the receiving end exchange their respective new timestamp;

交互完毕后,发送端和接收端的时间戳处理模块更新各自保存的时间戳,且发送端的新的发送时间戳的取值与接收端的新的接收时间戳的取值相同,发送端的新的接收时间戳的取值与接收端的新的发送时间戳的取值相同。After the interaction is completed, the timestamp processing modules of the sending end and the receiving end update their respective saved timestamps, and the value of the new sending timestamp of the sending end is the same as the value of the new receiving timestamp of the receiving end, and the new receiving time stamp of the sending end The value of the stamp is the same as the value of the new sending timestamp of the receiving end.

以上所述,仅为本发明的较佳实施例而已,并非用于限定本发明的保护范围。The above descriptions are only preferred embodiments of the present invention, and are not intended to limit the protection scope of the present invention.

Claims (9)

1. a kind of message authentication method, which is characterized in that this method includes:
Transmitting terminal and receiving terminal are that the connection each established preserves the timestamp of initialization, and regularly update the timestamp, institute It states timestamp and includes sending time stamp and receiving time stamp;
When needing through the connection transmission data, transmitting terminal is according to data message to be sent, the sending time preserved stamp And key material, message authentication code is generated, and the message authentication code of generation is sent jointly to connect in company with the message of transmission data Receiving end;
When receiving terminal receives the message, according to the data message in receiving time stamp, key material and the message preserved, certification The correctness of the message authentication code;
Wherein, the sending time stamp that transmitting terminal preserves is identical with the receiving time stamp that receiving terminal preserves.
2. message authentication method according to claim 1, which is characterized in that the transmitting terminal and receiving terminal are each established Connection preserves the timestamp of initialization, specially:
The transmitting terminal and receiving terminal establish connection, and the respective timestamp of interaction by the flow of three-way handshake agreement;
After interaction, the transmitting terminal and receiving terminal are that the connection established preserves the timestamp of initialization, and transmitting terminal preserves Sending time stamp value it is identical with the value of receiving time that receiving terminal preserves stamp, what the receiving time of transmitting terminal preservation was stabbed Value is identical with the value of sending time stamp that receiving terminal preserves.
3. message authentication method according to claim 2, which is characterized in that the timestamp that regularly updates is specially:
A wherein side for the transmitting terminal and receiving terminal initiates the renewal process of timestamp when the timer of setting expires, In renewal process, the transmitting terminal and receiving terminal interact respective new timestamp;
After interaction, the transmitting terminal and receiving terminal update the timestamp respectively preserved, and the new transmission of the transmitting terminal The value of the new receiving time stamp of the value of timestamp and receiving terminal is identical, the value of the new receiving time stamp of transmitting terminal with The value of the new sending time stamp of receiving terminal is identical.
4. a kind of message authentication system, which is characterized in that the system includes:Transmitting terminal and receiving terminal,
Transmitting terminal and receiving terminal for preserving the timestamp of initialization for the connection each established, and regularly update the time Stamp, the timestamp include sending time stamp and receiving time stamp;
Transmitting terminal is additionally operable to, when needing through the connection transmission data, according to data message to be sent, the transmission preserved Timestamp and key material generate message authentication code, and the message authentication code of generation are risen in company with the message one of transmission data Give receiving terminal;
Receiving terminal is additionally operable to, when receiving the message, according to the data in receiving time stamp, key material and the message preserved Message, the correctness of message authentication code described in certification;
Wherein, the sending time stamp that transmitting terminal preserves is identical with the receiving time stamp that receiving terminal preserves.
5. message authentication system according to claim 4, which is characterized in that the transmitting terminal and receiving terminal are further used for, Connection, and the respective timestamp of interaction are established by the flow of three-way handshake agreement;
After interaction, the transmitting terminal and receiving terminal are that the connection established preserves the timestamp of initialization, and transmitting terminal preserves Sending time stamp value it is identical with the value of receiving time that receiving terminal preserves stamp, what the receiving time of transmitting terminal preservation was stabbed Value is identical with the value of sending time stamp that receiving terminal preserves.
6. message authentication system according to claim 5, which is characterized in that a wherein side for the transmitting terminal and receiving terminal exists When the timer of setting expires, the renewal process of timestamp is initiated, at no point in the update process, the transmitting terminal and receiving terminal interaction are each From new timestamp;
After interaction, the transmitting terminal and receiving terminal update the timestamp respectively preserved, and the new transmission of the transmitting terminal The value of the new receiving time stamp of the value of timestamp and receiving terminal is identical, the value of the new receiving time stamp of transmitting terminal with The value of the new sending time stamp of receiving terminal is identical.
7. a kind of message authentication device, which is characterized in that including:
Timestamp processing module for preserving the timestamp of initialization for the connection each established, and regularly updates the time Stamp, the timestamp include sending time stamp and receiving time stamp;
Send processing module, for described device as transmitting terminal need by it is described connect transmission data when, according to pending The data message that send, the sending time preserved stamp and key material, generate message authentication code, and by the message authentication code of generation with Message with transmission data sends jointly to receiving terminal;
Receiving processing module, for when described device receives the message from transmitting terminal as receiving terminal, being connect according to what is preserved Receive the data message in timestamp, key material and message, the correctness of certification message authentication code;
Wherein, the sending time stamp that transmitting terminal preserves is identical with the receiving time stamp that receiving terminal preserves.
8. message authentication device according to claim 7, which is characterized in that the timestamp processing module and receiving terminal of transmitting terminal Timestamp processing module, connection, and the respective timestamp of interaction are established by the flow of three-way handshake agreement;
After interaction, the timestamp processing module of transmitting terminal and the timestamp processing module of receiving terminal are that the connection established preserves The timestamp of initialization, and the value of sending time stamp of the timestamp processing module preservation of transmitting terminal and the timestamp of receiving terminal The value of receiving time stamp that processing module preserves is identical, and the receiving time stamp of the timestamp processing module preservation of transmitting terminal takes It is worth identical with the value of sending time stamp that the timestamp processing module of receiving terminal preserves.
9. message authentication device according to claim 8, which is characterized in that the timestamp processing module of transmitting terminal and receiving terminal A wherein side when the timer of setting expires, initiate the renewal process of timestamp, at no point in the update process, transmitting terminal and reception The timestamp processing module at end interacts respective new timestamp;
After interaction, timestamp that the update of the timestamp processing module of transmitting terminal and receiving terminal respectively preserves, and transmitting terminal The value of new sending time stamp is identical with the value of the new receiving time stamp of receiving terminal, the new receiving time stamp of transmitting terminal Value and receiving terminal new sending time stamp value it is identical.
CN201210036909.3A 2012-02-17 2012-02-17 A kind of message authentication method, system and device Expired - Fee Related CN103259768B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201210036909.3A CN103259768B (en) 2012-02-17 2012-02-17 A kind of message authentication method, system and device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201210036909.3A CN103259768B (en) 2012-02-17 2012-02-17 A kind of message authentication method, system and device

Publications (2)

Publication Number Publication Date
CN103259768A CN103259768A (en) 2013-08-21
CN103259768B true CN103259768B (en) 2018-06-19

Family

ID=48963471

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201210036909.3A Expired - Fee Related CN103259768B (en) 2012-02-17 2012-02-17 A kind of message authentication method, system and device

Country Status (1)

Country Link
CN (1) CN103259768B (en)

Families Citing this family (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9462465B2 (en) * 2013-10-04 2016-10-04 Qualcomm Incorporated Apparatus and methods for separated security implementations in wireless communications
CN103974455B (en) * 2014-01-26 2019-03-05 杭州古北电子科技有限公司 Fast and safely WIFI network connection method
CN104978144A (en) * 2015-06-26 2015-10-14 中国工商银行股份有限公司 Gesture password input device and system and method for transaction based on system
CN105207846B (en) * 2015-09-17 2018-11-27 新浪网技术(中国)有限公司 A kind of statistical method of TCP protocol stack delay, apparatus and system
CN107454042A (en) * 2016-05-31 2017-12-08 中兴通讯股份有限公司 Message sending, receiving method and device
CN107395312B (en) * 2017-09-19 2019-03-19 电信科学技术第五研究所有限公司 A kind of secure network method for synchronizing time and device
CN108390825B (en) * 2018-01-04 2020-10-16 中国人民武装警察部队工程大学 Method and system for establishing secure optical tree in multi-domain optical network based on hierarchical PCE
CN109714172A (en) * 2019-01-17 2019-05-03 重庆邮电大学 A kind of secure bootstrapping scheme of efficient preventing playback attack
CN111614601B (en) * 2019-02-25 2022-07-12 阿里巴巴集团控股有限公司 Method, device and system for realizing information transmission
CN110719259A (en) * 2019-09-12 2020-01-21 视联动力信息技术股份有限公司 Data processing method and video networking system
CN113301432B (en) * 2021-05-14 2023-01-06 Vidaa(荷兰)国际控股有限公司 Display device, terminal device and communication connection method
CN114422616A (en) * 2022-01-29 2022-04-29 杭州迪普科技股份有限公司 Data communication method, client, server and system
CN117879979A (en) * 2023-12-12 2024-04-12 天翼云科技有限公司 A data packet playback method, device, computer equipment and storage medium

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1767429A (en) * 2004-10-29 2006-05-03 大唐移动通信设备有限公司 Mobile communication user certification and key negotiation method
CN1780468A (en) * 2004-11-19 2006-05-31 华为技术有限公司 Method of Preventing Message Replay Attack in Idle Mode
CN101217429B (en) * 2008-01-18 2010-09-29 清华大学 Method for Determining Initiation Relationship Between TCP Messages Based on TCP Timestamp Options

Family Cites Families (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20080037420A1 (en) * 2003-10-08 2008-02-14 Bob Tang Immediate ready implementation of virtually congestion free guaranteed service capable network: external internet nextgentcp (square waveform) TCP friendly san
CN1980124A (en) * 2005-12-05 2007-06-13 刘任 Key digital identification method using once variable quantity
CN100539500C (en) * 2006-07-21 2009-09-09 胡祥义 The method that a kind of safety efficient network user identity is differentiated
CN100423507C (en) * 2006-12-06 2008-10-01 胡祥义 A Method of Establishing a VPN System Based on Dynamic Encryption Algorithm
CN101136750A (en) * 2007-10-15 2008-03-05 胡祥义 Network real-name system implementing method
CN101282222B (en) * 2008-05-28 2011-09-28 胡祥义 Digital signature method based on CSK

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1767429A (en) * 2004-10-29 2006-05-03 大唐移动通信设备有限公司 Mobile communication user certification and key negotiation method
CN1780468A (en) * 2004-11-19 2006-05-31 华为技术有限公司 Method of Preventing Message Replay Attack in Idle Mode
CN101217429B (en) * 2008-01-18 2010-09-29 清华大学 Method for Determining Initiation Relationship Between TCP Messages Based on TCP Timestamp Options

Also Published As

Publication number Publication date
CN103259768A (en) 2013-08-21

Similar Documents

Publication Publication Date Title
CN103259768B (en) A kind of message authentication method, system and device
CN110771118B (en) A seamless mobility and session continuity with TCP mobility option
CN107682284B (en) Method and network device for sending message
CN103731407B (en) The method and system of IKE message negotiations
US7706381B2 (en) Approaches for switching transport protocol connection keys
US9571409B2 (en) Maximum transmission unit negotiation method and data terminal
WO2020048478A1 (en) Transmission control method and apparatus
CN102377524B (en) Fragment processing method and system
US10111192B2 (en) Method for effective PMTU discovery in VPN environment
CN101252584B (en) Authentication method, system and equipment for bidirectional forwarding detection protocol conversation
CN101820619A (en) Efficient and energy-saving link safety method in wireless sensor network
CN106656784A (en) Data stream propagation system and method for block chain network
CN106230587A (en) Long connection anti-replay attack method
CN103095563A (en) Message processing method and system
CN107277058B (en) Interface authentication method and system based on BFD protocol
US9300642B2 (en) Restarting network reachability protocol sessions based on transport layer authentication
Moskowitz et al. Rfc 5201: Host identity protocol
García-Martínez et al. The Shim6 architecture for IPv6 multihoming
CN107104919A (en) The processing method of firewall box, SCTP SCTP packet
US8140851B1 (en) Approaches for automatically switching message authentication keys
WO2011134293A1 (en) Method and system for establishing secure connection between local area network nodes
Wu et al. Robust and lightweight fault localization
EP3082207A1 (en) Method for transmitting a teleprotection command using sequence number
WO2011134294A1 (en) Method and system for establishing safety connection between nodes
CN108270613B (en) Method for sending message and network device

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
CF01 Termination of patent right due to non-payment of annual fee
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20180619