公开(公告)号：US20160285850A1

公开(公告)日：2016-09-29

申请号：US15178770

申请日：2016-06-10

Applicant: Huawei Technologies Co., Ltd.

Inventor： Peilin Yang ,  Tao Han

IPC: H04L29/06

CPC classification number: H04L63/08 ,  H04L41/28 ,  H04L63/12 ,  H04L63/1416 ,  H04L69/40

Abstract: A security authentication method includes: receiving, by a control plane of a BFD device, a first BFD packet that is sent by a control plane of a peer BFD device; generating, by the control plane, a first token value according to the random nonce; sending the first token value to a data plane; receiving, by the data plane, a second BFD packet that is sent by a data plane of the peer BFD device, where the second BFD packet carries authentication information, and the authentication information includes a random nonce; and generating, by the data plane, a second token value according to the random nonce included in the authentication information and by using a calculation method the same as that of the control plane, and successfully authenticating, by the data plane, the second BFD packet if the first token value and the second token value are the same.

Abstract translation: 一种安全认证方法，包括：由BFD设备的控制平面接收由对等BFD设备的控制平面发送的第一BFD报文; 由控制平面根据随机随机数生成第一令牌值; 将第一令牌值发送到数据平面; 由所述数据平面接收由对端BFD设备的数据平面发送的第二BFD分组，其中所述第二BFD分组携带认证信息，所述认证信息包括随机随机数; 并且通过数据平面根据认证信息中包含的随机随机数生成第二令牌值，并且使用与控制平面相同的计算方法，并且通过数据平面成功地认证第二BFD分组 如果第一个令牌值和第二个令牌值相同。