-
公开(公告)号:US08364949B1
公开(公告)日:2013-01-29
申请号:US11357704
申请日:2006-02-17
申请人: Ron P. Bonica , Andrew H. Heffernan
发明人: Ron P. Bonica , Andrew H. Heffernan
IPC分类号: H04L29/06
摘要: A new Transmission Control Protocol (TCP) Enhanced Authentication Option is described. An administrator configures sending and receiving devices to maintain lists of authentication elements for each protected TCP connection. Each authentication element includes an authentication element identifier, a key, a hash algorithm, and a start time. A sending device calculates a security portion, updates the new TCP option to include the security portion, calculates a checksum, and forwards the TCP segment to the receiving device. Having received the authenticated TCP segment, the receiving device scans its list of authentication elements, searching for an authentication element whose identifier matches that of the incoming TCP option. If the receiving device finds such an authentication element, the receiving device uses a key from the authentication element to calculate a security portion. If the calculated security portion matches the security portion received in the incoming TCP segment, the receiving device accepts the segment.
摘要翻译: 描述了新的传输控制协议(TCP)增强认证选项。 管理员配置发送和接收设备以维护每个受保护的TCP连接的认证元素的列表。 每个认证元素包括认证元素标识符,密钥,散列算法和开始时间。 发送设备计算安全部分,更新新的TCP选项以包括安全部分,计算校验和,并将TCP段转发到接收设备。 收到认证的TCP段后,接收设备扫描其认证元素列表,搜索其标识符与传入TCP选项的标识匹配的认证元素。 如果接收设备发现这样的认证元件,则接收设备使用来自认证元件的密钥来计算安全部分。 如果所计算的安全部分匹配在传入TCP段中接收的安全部分,则接收设备接受该段。
搜索结果
1 条记录 (耗时 0.007 秒)
