Method for authenticating validity of IKE V2 certificate

A key exchange protocol and Internet technology, which is applied in the field of certificate validity verification in the Internet key exchange protocol to achieve the effect of improving efficiency

Inactive Publication Date: 2011-10-26
ZTE CORP
View PDF3 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

It can be seen that this method of verifying the validity of the access server certificate is not only inefficient, but also lacks security guarantees

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method for authenticating validity of IKE V2 certificate
  • Method for authenticating validity of IKE V2 certificate

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0020] Below in conjunction with accompanying drawing, the present invention will be described in further detail:

[0021] attached figure 1 , the terminal and the access server establish an IPsec tunnel through IKEv2 negotiation, and then the terminal accesses the network through this tunnel. In the IKEv2 protocol process, the terminal authenticates the identity of the access server through the certificate, and the access server uses EAP (Extensible Authentication Protocol) to verify whether the terminal is an authorized legal user. After the terminal and the access server authenticate each other and complete the security parameter negotiation, the access server allows the terminal to access the network. Before the IKEv2 process is completed, the terminal is not allowed to access the network, so it cannot access the OCSP server in the network to verify the validity of the access server certificate.

[0022] Using the method proposed by the invention, the terminal completes...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a validation verification method of a second edition certification of an internet key exchange protocol. The present validation verification method of an accessing server certification is not only with low efficiency, but also lacks of safety guarantee. For solving the problems, the validation verification method of the second edition certification of the internet key exchange protocol of the invention, which comprises the following steps: (1) the validity of the accessing server certification is verified by a terminal through the protocol server in an online certification status. If the accessing server certification is effective, a next step is carried out; if the accessing server certification is not effective, the steps are ended; (2) the validity of the terminal identification is approved by the accessing server. If the terminal identification is legal, communication is established by the both side; if the terminal identification is illegal, the steps are ended. The invention is applicable to a safety verification field of the second edition in the internet key exchange protocol.

Description

technical field [0001] The invention relates to the field of communication security, in particular to the technology for realizing certificate validity verification in the Internet key exchange protocol (version 2). Background technique [0002] As the Internet penetrates into every aspect of social life day by day, Internet security issues are receiving more and more widespread attention. In general, IPsec (IP Security, Internet Security Protocol) is often used on the Internet to provide encryption and authentication protection for communication between network entities. For details, refer to "RFC 2401 of the IETF (Internet Engineering Task Force, Internet Engineering Task Force): IPsec Protocol Architecture". When using IPsec between network entities, security parameters such as encryption and authentication keys shared by both parties need to be set. At this time, IKE (Internet Key Exchange Protocol) is often used to automatically negotiate and generate. Now the IKE pr...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06
Inventor 李卓明陈璟赵洁
Owner ZTE CORP
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap