Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Method and equipment for negotiating internet key exchange (IKE) message

A packet negotiation and device technology, applied in the field of communication, can solve the problems of IPsec tunnel oscillation, network disconnection, network congestion, etc., and achieve the effect of alleviating the phenomenon of network oscillation or network disconnection, and reducing the probability of oscillation or network disconnection.

Inactive Publication Date: 2014-03-12
OPZOON TECH
View PDF3 Cites 2 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0009] The purpose of the present invention is to propose a method and equipment for IKE message negotiation to solve the problems of network congestion and message loss leading to ipsec tunnel oscillation or network disconnection

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and equipment for negotiating internet key exchange (IKE) message
  • Method and equipment for negotiating internet key exchange (IKE) message

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0029] The specific embodiments of the present invention will be described in further detail below in conjunction with the drawings and embodiments. The following examples are used to illustrate the present invention, but not to limit the scope of the present invention.

[0030] The Internet Key Exchange (IKE) process is divided into the first stage of negotiation and the second stage of negotiation. The first stage of negotiation is divided into main mode and aggressive mode. The second stage of negotiation is fast mode negotiation. After the first stage of negotiation, IKE sa will be established. Its purpose is to perform identity authentication and provide protection for the second phase of exchange. The purpose of the second phase of exchange is to generate ipsec sa under the protection of the first phase of sa. ipsec sa is the material that directly protects the data flow. Provided for use by ESP / AH, where one IKE sa can protect and generate multiple ipsec sa.

[0031] In the...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a method and equipment for negotiating an internet key exchange (IKE) message and is applicable to a system which adopts an internet protocol security (IPSec) protocol and comprises first equipment and second equipment. The method comprises first-stage negotiation and second-stage negotiation. During the second-stage negotiation, the first equipment sends the last negotiation message to the second equipment and then judges whether a response message which is sent by the second equipment is received in a preset period; if the first equipment does not receive the response message which is sent by the second equipment in the preset period, after receiving an encapsulating security payload (ESP) message and an authentication header (AH) message, the first equipment searches corresponding IPSec security association (SA) in a security association database; if the IPSec SA waits for the last response message of the second-stage negotiation, the first equipment continuously performs decryption by using the IPSec SA; if decryption succeeds, the state of the IPSec SA is marked as 'active'; and establishment of the IPSec SA of the first equipment is finished, and the response message of the second equipment is ignored. By the invention, the problem of IPSec tunnel oscillation or network disconnection caused by network congestion and message loss is solved.

Description

Technical field [0001] The present invention relates to the field of communication technology, in particular to an IKE message negotiation method and equipment. Background technique [0002] Internet Protocol Security (IPSec) is a set of protocols defined by IETF (Internet Engineering Task Force) to provide Internet Protocol (IP) security at the network layer, and consists of a series of RFC documents. Among them, RFC2401 defines the basic structure of IPSec; RFC2402 defines the authentication header (AH) of IPSec; RFC2406 defines the encapsulated security payload (ESP) of IPSec; RFC2409 defines the Internet key exchange (IKE) of IPSec. [0003] IPSec protocols include: AH, ESP, IKE, etc. [0004] ESP encapsulated security payload provides data encryption and verification functions for IP payload. The AH authentication header provides data integrity and verification functions for the IP header. Data encryption and authentication algorithms are specified by the security related (SA...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L12/70H04L29/06
Inventor 陈海滨彭海帆
Owner OPZOON TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com