CN103124257A

CN103124257A - Security alliance management method and security alliance management equipment

Info

Publication number: CN103124257A
Application number: CN2011103715515A
Authority: CN
Inventors: 韦银星; 梁小萍; 高峰; 万长胜
Original assignee: ZTE Corp
Current assignee: ZTE Corp
Priority date: 2011-11-21
Filing date: 2011-11-21
Publication date: 2013-05-29
Anticipated expiration: 2031-11-21
Also published as: CN103124257B

Abstract

The invention discloses a security alliance (SA) creating method. The SA creating method includes that a first router finds a record r corresponding to a second router from a Key Table of the first router and generates a random number Nonce value; and the first router utilizes the Nonce value and the record r to generate a key identifier Key ID and a sub key Ks. The invention further discloses SA management equipment. By adopting the SA management device and the SA management equipment, the problem of replay attack in resource reservation protocol-traffic engineering (RSVP-TE) internet protocol security can be effectively solved, the SA management equipment is compatible with the Key Table, automatic updating of a RSVP-TE protocol can be realized, and work arrangements can be more quick, convenient and efficient.

Description

Security alliance management method and equipment

Technical field

The present invention relates to routing safety technology in communication network field, relate in particular to a kind of for RSVP (the Resource ReSerVation Protocol-Traffic Engineering based on the traffic engineering expansion, RSVP-TE) Security Association (Security Association, SA) management method and equipment.

Background technology

RSVP (Resource ReSerVation Protocol, RSVP) be at first Intemet engineering duty group (Intemet Engineering Task Force, IETF) be service quality (Quality of Service, a signaling protocol of integrated service model definition QoS), be used for carrying out resource reservation for this stream at stream (flow) on the path, thereby satisfy the qos requirement of this stream.

RSVP be one at Internet protocol (Internet Protocol, IP) signaling protocol of upper carrying, it allows on any end of router network terminal system or main frame setting up each other the reserved bandwidth path, the predetermined and guaranteed qos for the transfer of data on network.RSVP guarantees the business of bandwidth and time delay for needs, have a very important role as voice transfer, video conference etc.

The RSVP-TE agreement is the extended version of RSVP, and the primary demand of RSVP-TE protocol security is integrity protection and preventing playback attack.Need to be between the node mutual routing iinformation of RSVP-TE agreement is with the maintenance resources obligate information.Because the RSVP-TE protocol message transmits in public network, the channel of transmission RSVP-TE protocol message is shared by a plurality of network nodes, so the assailant can tackle at an easy rate and forgery/alteration RSVP-TE protocol message; In a single day router accepts the RSVP-TE protocol message of this mistake, will carry out wrong resource reservation, thereby affects the normal operation of RSVP-TE agreement.For addressing this problem, be necessary for the RSVP-TE agreement integrity protection mechanism is provided, to prevent assailant's forgery/alteration route messages.Yet, only provide integrity protection mechanism can not solve the assailant fully to the attack problem of RSVP; Assailant's out-of-date RSVP-TE protocol message of also may resetting, the resource obligate information that this moment, router was safeguarded according to out-of-date RSVP-TE protocol message is wrong, these problems all will have a strong impact on the normal operation of RSVP-TE agreement.

For the demand for security of RSVP-TE agreement, IETF RFC2747 has proposed the mechanism of a kind of RSVP-TE integrity protection and preventing playback attack.Its basic thought is: the integrity protection of definition RSVP-TE and preventing playback attack object (INTEGRITY Object) and corresponding Security Association; The RSVP-TE agreement is calculated the value of INTEGRITY Object with this Security Association, thereby reaches the purpose of integrity protection and preventing playback attack.The INTEGRITY Object of IETF RFC2747 definition is as follows:

Wherein, sequence number (Sequence Number) field is used for preventing playback attack, and eap-message digest (the Keyed Message Digest) field of encrypting is used for depositing message authentication code, and message is carried out integrity protection; Key identification (Key Identifier, KeyID) field is used for searching integrity protection and Security Association corresponding to preventing playback attack object.

The Security Association of RSVP-TE protocol definition comprises following field: identifying algorithm (Authentication Algorithm), key (Key), life cycle (Lifetime), interface (Interface), source address (Source Address), transmit Sequence Number at last (Latest Sending Sequence Number) and last N sequence number table (List of Last N Sequence Numbers).In these fields, Authentication Algorithm, Key and Lifetime field are used for integrity protection; Interface and Source Address field are used for one section Security Association of sign; Latest Sending Sequence Number and List of Last NSequence Numbers field are used for preventing playback attack.

This internal security of RSVP-TE agreement is machine-processed, can solve well the problem of integrity protection and preventing playback attack.Yet it is inadequate only defining Security Association and authentication object, and RSVP-TE protocol security mechanism also needs to address the problem:

(1) each Security Association has life cycle.Use the performance of internal authentication object for improving the RSVP-TE agreement, usually need to generate RSVP-TE protocol authentication data with the low short key of security intensity, this way makes the RSVP Security Association have certain life span, Security Association is crossed after date, and the RSVP-TE agreement need to be upgraded Security Association.

(2) long can repeating afterwards of the Sequence Number time of RSVP-TE protocol definition.When Sequence Number repeats, the assailant may carry out Replay Attack, and this also requires to carry out Security Association before the Sequence of RSVP-TE agreement Number repeats renewal namely needs to carry out key updating.

As seen, above-mentioned two problems all requires the RSVP-TE agreement to carry out key updating, and the simplest key updating mechanism is manual renewal, but the workload of manually upgrading is very large, is unfavorable for actual deployment.

Therefore, the Kerberos agreement is used in IETF RFC2747 suggestion, carries out the Security Association management of RSVP-TE agreement.Yet still there is the following deficiency in the Security Association management of using the Kerberos agreement to carry out the RSVP-TE agreement:

The first, the Kerberos agreement is mainly used in universal safety service (Generic Security Service, GSS) agreement solving the problem of service security, not the definition concrete mechanism of how carrying out key updating with the Kerberos agreement; The second, Kerberos agreement and Key Table are incompatible; Three, the Kerberos agreement depends on kerberos server, and configuration is complicated; Four, the key updating choose opportunities of Kerberos agreement can not solve the Replay Attack problem well.

Summary of the invention

In view of this, main purpose of the present invention is to provide a kind of SA management method and equipment, can not only effectively solve Replay Attack problem in the RSVP-TE protocol security, and can be compatible with Key Table, realization is effectively managed the SA of RSVP-TE agreement, and work arrangements is more convenient, safety and efficiently thereby make.

For achieving the above object, technical scheme of the present invention is achieved in that

The invention discloses a kind of Security Association (SA) creation method, comprising:

The first router find from the Key Table of self the second router corresponding record r, and generate random number N once value;

Described the first router utilizes described Nonce value and the described r of record to generate key identification KeyID and sub-key Ks by pseudo-random function.

Further, after described the first router generates Nonce value, before generation KeyID and Ks, the method also comprises:

Described the first router with described local key identification LocalKeyID in r and the described Nonce value of recording as the Key Identifier field in the SMO object and Nonce field.

Further, after described the first router generated KeyID and Ks, the method also comprised:

Described the first router writes local RSVP-TE SA storehouse with KeyID and the Ks of described generation.

Further, described the first router is utilized described Nonce value and the described r of record generates KeyID by pseudo-random function and Ks comprises:

Utilize Key, LocalKeyID and Interface in described Nonce value and the described r of record, respectively by pseudo-random function KeyID=trancate-48 (prf (Key, LocalKeyID, Interface, and Ks=trancate (prf (Key Nonce)), LocalKeyID, Interface, Nonce)) generation KeyID and Ks.

The invention also discloses a kind of SA method for building up, comprising:

The first router creates SA, generates the SMO object; And send the RSVP-TE protocol message carry SMO object, INTEGRITY object to the second router;

After described the second router is received the RSVP-TE protocol message, find from the Key Table of the second router self according to the SMO object that carries in described RSVP-TE protocol message with the first router on the identical r that records, the random number N once1 value and the described r of record that generate when utilizing the first router to create SA generate KeyID and Ks by pseudo-random function, and use the KeyID of generation and the integrality that Ks verifies described RSVP-TE protocol message, then return to the response message of carrying described SMO object to the first router;

After described the first router is received described response message, described response message is carried out respective handling.

Further, described the second router find from the Key Table of the second router self according to the SMO object that carries in described RSVP-TE protocol message with the first router on the identical r that records comprise:

Described the second router is according to the KeyIdentifier field in the SMO object that carries in described RSVP-TE protocol message, search the PeerKeyID field corresponding with the content of described Key Identifier field from the Key Table of the second router self, and find from the Key Table of the second router self according to the PeerKeyID field that finds with the first router on the identical r that records;

Wherein, the LocalKeyID field that the content of the described Key Identifier field the second router that to be the first router find in the process that creates SA is corresponding in recording r; The length of described Key Identifier field is 16.

Further, described the second router is utilized the Nonce1 value and the described r of record generates KeyID by pseudo-random function and Ks comprises:

Described the second router is with described Key, PeerKeyID in r and value and Nonce 1 value of Interface of recording, respectively by pseudo-random function KeyID=trancate-48 (prf (Key, LocalKeyID, Interface, and Ks=trancate (prf (Key Nonce)), LocalKeyID, Interface, Nonce)) generation KeyID and Ks.

Further, described the second router uses the KeyID and the Ks that generate to verify that the integrality of described RSVP-TE protocol message comprises:

Described the second router uses the KeyID and the Ks that generate to create SA corresponding to SA that creates with the first router, then utilizes the integrality of the described RSVP-TE protocol message of SA checking of the second router self establishment; After being verified, the KeyID that use to generate and Ks revise the value of corresponding K eyID and Ks field in local RSVP-TE SA storehouse.

Further, after described the first router is received described response message, described response message is carried out respective handling comprises:

After described the first router was received the response message of the described SMO of carrying object, consistent if the Key Identifier field in the SMO object that acknowledges receipt of sends with oneself, the first router and the second router were successfully set up SA.

Described the second router uses the KeyID and the Ks that generate to create SA corresponding to SA that creates with the first router, then uses the integrality of the described RSVP-TE protocol message of SA checking of the second router self establishment; After being verified, generate random number N once2 value, and with described Key, PeerKeyID and the value of Interface and the Nonce2 value of Nonce1 value and described generation that records in r, respectively by pseudo-random function KeyID=trancate-48 (prf (Key, PeerKeyID, Interface, Nonce1, Nonce2)) and Ks=trancate (prf (Key, PeerKeyID, Interface, Nonce1, Nonce2)) generation KeyID and Ks; The KeyID that use to generate and Ks revise the value of corresponding K eyID and Ks field in local RSVP-TE SA storehouse, and then the value with Nonce field in the SMO object changes the Nonce2 value into;

Wherein, described Nonce1 value is generated when creating SA by the first router.

after described the first router is received the response message of the described Nonce1 of carrying value and SMO object, if it is consistent that the Key Identifier field in the SMO object that acknowledges receipt of sends with oneself, with the described Key that records in r, the value of PeerKeyID and Interface, and the Nonce2 value in described Nonce1 value and described SMO object, respectively by pseudo-random function KeyID=trancate-48 (prf (Key, PeerKeyID, Interface, Nonce1, and Ks=trancate (prf (Key Nonce2)), PeerKeyID, Interface, Nonce1, Nonce2)) generate KeyID and Ks, and the KeyID that use to generate and Ks revise the value of corresponding K eyID and Ks field in local RSVP-TE SA storehouse.

The present invention further discloses a kind of SA update method, there have been identical SA1 in the first router and the second router; The method comprises:

After described the second router is received the RSVP-TE protocol message of described the first router transmission, use the integrality of the described RSVP-TE protocol message of existing SA1 checking; After being verified, find from the Key Table of the second router self according to the SMO object that carries in described RSVP-TE protocol message with the first router on the identical r that records, utilize Nonce value and the described r of record to generate KeyID and Ks by pseudo-random function; Then return to the response message of carrying described SMO object to the first router;

Described the second router is according to the Key Identifier field in the SMO object that carries in described RSVP-TE protocol message, search the PeerKeyID field corresponding with the content of described Key Identifier field from the Key Table of the second router self, and find from the Key Table of the second router self according to the PeerKeyID field that finds with the first router on the identical r that records;

Further, described the second router is utilized the Nonce value and the described r of record generates KeyID by pseudo-random function and Ks comprises:

Described the second router is with described Key, PeerKeyID in r and value and Nonce 1 value of Interface of recording, respectively by pseudo-random function KeyID=trancate-48 (prf (Key, LocalKeyID, Interface, and Ks=trancate (prf (Key Nonce)), LocalKeyID, Interface, Nonce)) generation KeyID and Ks; The KeyID that use to generate and Ks create SA corresponding to SA that creates with the first router, and with the value of corresponding K eyID and Ks field in the KeyID that generates and the local RSVP-TE SA of Ks renewal;

After described the first router is received the response message of the described SMO of carrying object, if it is consistent that the Key Identifier field in the SMO object that acknowledges receipt of sends with oneself, use the value of corresponding K eyID and Ks field in the KeyID that generates and the Ks local RSVP-TE SA of renewal storehouse.

Described the second router generates the Nonce2 value, with described Key, PeerKeyID and the value of Interface and the Nonce2 value of Nonce1 value and described generation that records in r, respectively by pseudo-random function KeyID=trancate-48 (prf (Key, PeerKeyID, Interface, Nonce1, and Ks=trancate (prf (Key, PeerKeyID, Interface Nonce2)), Nonce1, Nonce2)) generation KeyID and Ks; The KeyID that generates and Ks are upgraded the value of corresponding K eyID and Ks field in local RSVP-TE SA, create the SA corresponding with the SA of the first router establishment; And change the value of Nonce field in the SMO object into the Nonce2 value;

The invention also discloses a kind of SA and create equipment, comprising: search module and generation module; Wherein,

The described module of searching, be used for from the Key Table of the first router self find the second router corresponding record r;

Described generation module is used for generating the Nonce value, generates KeyID and Ks.

Further, described generation module also is used for:

KeyID and the Ks of described generation are write local RSVP-TE SA storehouse; With described LocalKeyID in r and the described Nonce value of recording as the Key Identifier field in the SMO object and Nonce field.

The invention also discloses a kind of SA apparatus for establishing, comprising: first searches module, the first generation module, the first sending module, the first receiver module, the first authentication module, second searches module, the second generation module, the second sending module, the second receiver module, the second authentication module; Wherein,

Described first searches module, be used for from the Key Table of the first router self search the second router corresponding record r;

Described the first generation module, search module and be connected with described the first authentication module with described first, be used for generating the Nonce1 value, utilize Key, LocalKeyID in the described r of record and value and the described Nonce1 value of Interface, respectively by pseudo-random function KeyID=trancate-48 (prf (Key, LocalKeyID, Interface, and Ks=trancate (prf (Key Nonce)), LocalKeyID, Interface, Nonce)) generation KeyID and Ks; With described LocalKeyID in r and the described Nonce value of recording by Key Identifier field and Nonce field in the SMO object; And, KeyID and the Ks that generates write local RSVP-TE SA storehouse;

Described the first sending module is connected with described the first generation module, is used for sending to the second router the RSVP-TE protocol message that carries SMO object, INTEGRITY object, and wherein, described SMO object generates when creating SA by the first router;

Described the second receiver module is used for receiving, described RSVP-TE protocol message that described the first router send that forward through described the first sending module;

Described second searches module, is connected with described the second generation module, be used for from the Key Table of the second router self find with the first router on the identical r that records;

Described the second generation module, search module and be connected with described the second authentication module with described second, value and described Nonce1 value for Key, the LocalKeyID and the Interface that utilize the described r of record, respectively by pseudo-random function KeyID=trancate-48 (prf (Key, LocalKeyID, Interface, and Ks=trancate (prf (Key Nonce)), LocalKeyID, Interface, Nonce)) generation KeyID and Ks; The KeyID that generates and Ks are write in local RSVP-TE SA storehouse; And change the value of Nonce field in the SMO object into the Nonce2 value;

Described the second authentication module is connected with described the second generation module, is used for using the KeyID of generation and the integrality that Ks verifies described RSVP-TE protocol message;

Described the second sending module is connected with described the second generation module, is used for returning to the response message of carrying described SMO object to the first router;

Described the first receiver module is used for, described response message of carrying described SMO object that return from described the second sending module reception the second router;

Described the first authentication module is connected with described the first receiver module, and whether the Key Identifier field that is used for the SMO object that described response message that checking receives carries is consistent with the Key Identifier field of oneself transmission.

Further, described the second generation module also is used for: generate the Nonce2 value, and utilize Key, PeerKeyID in the described r of record and value and Nonce1 value and the described Nonce2 value of Interface, respectively by pseudo-random function KeyID=trancate-48 (prf (Key, PeerKeyID, Interface, Nonce 1, and Ks=trancate (prf (Key, PeerKeyID, Interface Nonce2)), Nonce1, Nonce2)) generation KeyID and Ks;

Described the first generation module, also be used for: after the first authentication module is verified, utilize Key, PeerKeyID in the described r of record and value and Nonce1 value and the described Nonce2 value of Interface, respectively by pseudo-random function KeyID=trancate-48 (prf (Key, PeerKeyID, Interface, Nonce1, Nonce2)) and Ks=trancate (prf (Key, PeerKeyID, Interface, Nonce1, Nonce2)) generation KeyID and Ks.

Further, described first searches module, described the first generation module, described the first sending module, described the first receiver module and described the first authentication module, is arranged in the first router side or is arranged at the first router;

Described second searches module, described the second generation module, described the second sending module, described the second receiver module and described the second authentication module, is arranged in the second router side or is arranged at the second router.

The present invention further discloses a kind of SA and update the equipment, comprising: first searches module, the first generation module, the first sending module, the first receiver module, the first authentication module, second searches module, the second generation module, the second sending module, the second receiver module, the second authentication module; Wherein,

Described the first sending module is connected with described the first generation module, be used for sending to the second router the RSVP-TE protocol message that carries SMO object, INTEGRITY object, wherein, described SMO to as if the first router generate when creating SA;

Described the second authentication module is connected with described the second receiver module, is used for using the KeyID of generation and the integrality that Ks verifies described RSVP-TE protocol message;

Described second searches module, is connected with described the second authentication module, be used for from the Key Table of the second router self find with the first router on the identical r that records;

Described the second generation module, search module and be connected with described second, value and described Nonce1 value for Key, the LocalKeyID and the Interface that utilize the described r of record, respectively by pseudo-random function KeyID=trancate-48 (prf (Key, LocalKeyID, Interface, and Ks=trancate (prf (Key Nonce)), LocalKeyID, Interface, Nonce)) generation KeyID and Ks; The KeyID that generates and Ks are write in local RSVP-TE SA storehouse; And change the value of Nonce field in the SMO object into the Nonce2 value;

Further, described the second generation module also is used for: generate the Nonce2 value, and utilize Key, PeerKeyID in the described r of record and value and Nonce1 value and the described Nonce2 value of Interface, respectively by pseudo-random function KeyID=trancate-48 (prf (Key, PeerKeyID, Interface, Nonce1, and Ks=trancate (prf (Key, PeerKeyID, Interface Nonce2)), Nonce1, Nonce2)) generation KeyID and Ks;

To sum up, method and apparatus provided by the invention is based on the key updating mechanism of RSVP-TE agreement inside, the KeyID field of the sub-key Ks that uses when utilizing the father's key K ey that defines in Key Table and the Nonce value that generates at random to generate the communicating pair router and the RSVP-TE agreement of RFC2747 definition, create thus SA, and realize effective management to the SA that is used for the RSVP-TE agreement based on the SA that creates; So, not only efficiently solve integrality and Replay Attack problem in the RSVP-TE protocol security, and compatible with Key Table, having realized the SA of RSVP-TE agreement is effectively managed, work arrangements is more convenient, safety and efficiently thereby make.

Description of drawings

Fig. 1 is the schematic flow sheet of Security Association of the present invention (SA) creation method;

Fig. 2 is that one embodiment of the invention is based on the schematic flow sheet of the SA method for building up of folk prescription Nonce;

Fig. 3 is that one embodiment of the invention is based on the schematic flow sheet of the SA update method of folk prescription Nonce;

Fig. 4 is the structural representation that SA of the present invention creates equipment;

Fig. 5 is the structural representation that the present invention is based on the SA apparatus for establishing of folk prescription Nonce;

Fig. 6 the present invention is based on the structural representation that the SA of folk prescription Nonce updates the equipment.

Embodiment

Basic thought of the present invention is: the first router find from the Key Table of self the second router corresponding record r, and generate random number N once value; Described the first router utilizes described Nonce value and the described r of record to generate KeyID and Ks by pseudo-random function prf, completes the establishment of local SA.

The alleged SA of the present invention management creates between SA, two routers to set up between SA and two routers based on folk prescription Nonce or both sides Nonce including, but not limited to: router upgrades SA based on folk prescription Nonce or both sides Nonce.Particular content will be described in detail in corresponding embodiment below.

Before the SA management method that the present invention is proposed and equipment are introduced, first the Security Association management object (SA Management Object, SMO) of RSVP-TE is carried out following relevant setting, so that SMO uses in cipher key management procedures.

The RSVP-TE protocol message is comprised of a protocol header and a series of object, and wherein, RSVP-TE protocol header (common header) is by the RFC2205 definition, and the form of common header is as follows:

Wherein, in common header, illustrating of each field can be referring to RFC2205.Usually, the RSVP-TE protocol header is determined the type of RSVP-TE protocol message.

The object that comprises in the RSVP-TE protocol message has a plurality of, and the basic format of each object is as follows:

Wherein, Class-Num and C-Type are used for identifying object and the type thereof of concrete RSVP-TE protocol message, and it illustrates can be referring to RFC2205.At present, RFC2205 has defined 1～15 Class-Num, and RFC2750, RFC3936, RFC4495 and RFC5946 complementary definition some new Class-Num.

The Class-Num value of setting the SMO object in the present invention is 65, expression SMO object; Need to prove, the value of Class-Num also can be set as other values, such as 63,70 etc., as long as be not equal to set point.

The present invention is defined as follows the C-Type field:

C-Type=1 represents that this object is used for setting up based on folk prescription Nonce the request message of SA;

C-Type=2 represents that this object is used for setting up based on folk prescription Nonce the response message of SA;

C-Type=3 represents that this object is used for setting up based on both sides Nonce the request message of SA;

C-Type=4 represents that this object is used for setting up based on both sides Nonce the response message of SA;

C-Type=5 represents that this object is used for upgrading based on individual nocne the request message of SA;

C-Type=6 represents that this object is used for upgrading based on individual nocne the response message of SA;

C-Type=7 represents that this object is used for upgrading based on both sides Nonce the request message of SA;

C-Type=8 represents that this object is used for upgrading based on both sides Nonce the response message of SA.

The present invention is defined as follows object context (Object Contents) field:

Object Contents field comprises two parts content: first is the Key Identifier field of 16bit, is used for the entry r of mutual Key Table; Second portion is the Nonce field of 64bit, is used for mutual Nonce value, to generate the key of RSVP-TE SA.

Need to prove, Key Identifier field select 16bit be for Key Table in the Key Identifier that defines compatible; And Nonce field selection 64bit is also a kind of concrete execution mode; During practical application, the Nonce field can be also other length, is specifically produced by random number/timestamp, and wherein byte-aligned, random number generation function and timestamp are all the factors that affects this value size, the generative process of Nonce value is the prior art means, does not repeat them here.

The invention provides a kind of SA management method and equipment, below in conjunction with the drawings and specific embodiments, the present invention is described in detail.

Embodiment of the method

Embodiment one

Fig. 1 shows SA creation method schematic flow sheet of the present invention, and as shown in Figure 1, concrete steps comprise:

Step 101: the first router find from the Key Table of self the second router corresponding record r, and generate the Nonce value;

Particularly, the first router at first find from the Key Table of self the second router corresponding record r, and generate at random the random number N once value of a 64bit.

Need to prove, the first router is searched corresponding the recording r and generate two operations of random number N once value of the second router and can be carried out simultaneously, is not restricted to time order and function sequentially.

Step 102: described the first router utilizes described Nonce value and the described r of record to generate KeyID and Ks by pseudo-random function prf;

Particularly, the first router utilizes described Nonce value and the described r of record to generate KeyID field and the Ks of the RSVP-TE agreement that defines in RFC2747 by pseudo-random function (Pseudo-Random Function, PRF) prf.

The generation method is as follows: Ks=trancate (prf (Key, LocalKeyID, Interface, Nonce)), KeyID=trancate-48 (prf (Key, LocalKeyID, Interface, Nonce)), the input field of prf function is explained as follows: Key is the Key that records in Key Table in r, LocalKeyID is the local key identification field that records in r, and Nonce is the Nonce value that generates in step 101; Wherein, trancate-48 represents 48 of from the result that the prf function generates intercepting front; Trancate when generating Ks represents that in RSVP-TE SA agreement commonly used, algorithm is HMAC-MD5 algorithm or HMAC-SHA-1 algorithm according to the key of the needs intercepting corresponding length of algorithm in RSVP-TE SA agreement.

After completing steps 101 and step 102, namely complete the establishment of local RSVP-TE SA.

Further, after step 101, before step 102, the creation method of this SA also can comprise:

With the content that records the local key identification LocalKeyID field in r as the KeyIdentifier field in the SMO object, and with the Nonce value that generates in step 101 as the Nonce field in the SMO object, so just consisted of a SMO object.

Further, after step 102, the creation method of this SA also can comprise:

The information such as KeyID, Key that generate are write local RSVP-TE SA storehouse.

Need to prove, in the process that creates local RSVP-TE SA, also need to generate other fields of SA, in these fields, the identifying algorithm of RSVP-TE SA is by algorithm Field Definition corresponding in Key Table, and the lifetime field of RSVP-TE SA is by corresponding field definition in Key Table.Initial Sequence Number field generates at random, and the management method of other fields can be with reference to RFC2747.

After creating SA and SMO object, the method that re-uses the RFC2747 definition generates the INTEGRITY object, and generates Hello object and Common Header information according to the method for RFC3209 definition; Wherein, the type of Hello object is request; The INTEGRITY object is generated by SA.

Embodiment two

In the present embodiment, when the first router sent article one RSVP-TE protocol message to the second router, both sides only disposed shared in Key Table, and do not set up SA.In addition, the mutual article one message of both sides Hello normally.Need to prove, Hello message is by the RSVP-TE protocol definition, and traditional RSVP does not define Hello message; Hello message is defined by RFC3209.Therefore, the present embodiment introduces how to set up the method for SA between the first router and the second router based on folk prescription Nonce in Hello message take the Hello interacting message of RSVP-TE agreement as example; The method of setting up SA based on folk prescription Nonce that the present embodiment provides also is suitable in other RSVP-TE protocol message.

In the present embodiment, the message 112 that the first router and the second router are mutual and message 114 content-defined as follows:

Fig. 2 shows one embodiment of the invention based on the schematic flow sheet of the SA method for building up of folk prescription Nonce, and as shown in Figure 2, concrete steps comprise:

Step 201: the first router creates SA, generates the SMO object; And send the message 112 carry SMO object, INTEGRITY object to the second router;

Particularly, before sending message 112, at first the first router creates a SA with reference to the step in embodiment one; Then, send the message 112 of carrying SMO object, INTEGRITY object and Hello request object to the second router; Wherein, in the SMO object, the value of C-Type field is 1.

Step 202: after the second router is received message 112, generate KeyID and Ks, and use the KeyID of generation and the integrality of Ks checking message 112, and then return to the response message of carrying SMO object, INTEGRITY object and Hello response object to the first router, namely message 114;

Particularly, after the second router is received message 112, be checked through and comprise the SMO object in message, and find that the value of C-Type field in the SMO object is 1, just know that the first router is wished and the own method establishment SA that uses based on folk prescription Nonce.So the second router is processing messages 112 in accordance with the following steps:

step a1: obtain the LocalKeyID field in the SMO object of the second router from message 112, reciprocity key identification PeerKeyID field in the Key Table database of this LocalKeyID Related fields the second router self, thus the second router according to the PeerKeyID field just can find from the Key Table database of the second router self with the first router on the identical r that records, then, use the same procedure that adopts with the first router to calculate KeyID field and the Ks of RSVP-TE SA, wherein, the PeerKeyID field of LocalKeyID Related fields this locality, that is: the Nonce value that generates when utilizing the first router to create SA and the Key in the described r of record, PeerKeyID and Interface, by pseudo-random function KeyID=trancate-48 (prf (Key, LocalKeyID, Interface, and Ks=trancate (prf (Key Nonce)), LocalKeyID, Interface, Nonce)) generate KeyID and Ks, and SA corresponding to generation, like this, the second router has also generated corresponding SA,

Step b1: the second router is used the integrality of the SA checking message 112 of above-mentioned generation; If the verification passes, and the SA that generates of the second router approval the first router, direct execution in step step c1; If checking not by or the second router on do not have the Key Table record of correspondence, in the second router SMO object, Object Contents is set to 0, after perhaps only Key Identifier field is set to 0, execution in step c1 then;

Step c1: the second router changes the value of C-Type field in the SMO object that receives into 2, the method that re-uses the RFC2747 definition generates the INTEGRITY object, method according to the RFC3209 definition generates HELLO object and Common Header information, wherein, the type of Hello object is request; The INTEGRITY object is generated by SA.So just can generate response message, namely message 114.

After handling message 112, the second router sends to the first router with the message 114 that above-mentioned steps c1 generates.

Step 203: after the first router is received message 114, message 114 is processed accordingly;

Particularly, after the first router is received message 114, check in message 114 in the SMO object nonce and Key Identifier field whether with own send consistent, whether approved the SA of the establishment of controlling oneself with the confirmation the second router; If both are consistent, the first router and the second router have just successfully been set up SA; Otherwise SA sets up unsuccessfully.

This embodiment makes the first router not exist in the situation of RSVP-TE SA, can utilize KeyTable to set up SA.

It is to be noted, the second router may not approved this SA that the first router creates, perhaps may there be corresponding Key Table record on the second router, in this case, the second router Object Contents in the SMO object that returns is set to 0, and perhaps only Key Identifier field is set to 0.

In addition, in step 203, the first router also can be consistent by only checking that whether Key Identifier field in object sends with oneself, confirms whether the second router approves the SA of oneself establishment.

Embodiment three

Embodiment two has introduced how to set up the method for SA between the first router and the second router based on folk prescription Nonce in Hello message take the Hello interacting message of RSVP-TE agreement as example.

The present embodiment still take the Hello interacting message of RSVP-TE agreement as example, will introduce how to set up the flow process of SA between the first router and the second router based on both sides Nonce in Hello message.The method of setting up SA based on both sides Nonce that the present embodiment provides also is applicable in other RSVP-TE protocol messages.

In the present embodiment, in the message 116 that the first router and the second router are mutual and the content of message 118 and embodiment two, the content of message 112 and message 114 is basic identical; Different is, in message 116, the C-Type field value of SMO object is 3, and in message 116, the C-Type field value of SMO object is 4.

Need to prove, for convenience of description, the random Nonce value that generates in the first router in the present invention and the second router reciprocal process is called Noncel value and Nonce2 value.

Set up the concrete steps of method of SA based on both sides Nonce in the present embodiment as follows:

Step 301: the first router creates SA, generates the SMO object; And send the message 116 carry SMO object, INTEGRITY object to the second router;

Particularly, handling process and step 201 is identical.

Step 302: after the second router is received message 116, in use step 301, identical mode generates KeyID and Ks, use the KeyID of generation and the integrality of Ks checking message 116, and generate at random the Nonce2 value, and utilize the Nonce2 value of generation and the r that records in step 301 to generate new KeyID and Ks, then return to the response message of carrying SMO object, INTEGRITY object and Hello response object to the first router, namely message 118;

Particularly, after the second router is received message 116, be checked through and comprise the SMO object in message, and find that the value of C-Type field in the SMO object is 3, just know that the first router is wished and the own method establishment SA that uses based on both sides Nonce.So the second router is processing messages 116 in accordance with the following steps:

Step a2 and step b2: identical with step b1 with the step a1 in embodiment two steps 202, do not repeat them here;

Step c2: after the integrality of the SA checking message 116 that the second router use to generate, if the verification passes, and the SA that generates of the second router approval the first router, generate at random the Nonce2 value of a 64bit, then execution in step d2; If checking not by or the second router on do not have the Key Table record of correspondence, in the second router SMO object, Object Contents is set to 0, after perhaps only Key Identifier field is set to 0, execution in step e2 then;

Steps d 2: the second router uses pseudo-random function prf to generate KeyID field and the key K s of the RSVP-TE that defines in RFC2747, the generation method is as follows: Ks=trancate (prf (Key, PeerKeyID, Interface, Nonce1, Nonce2)), KeyID=trancate-48 (prf (Key, PeerKeyID, Interface, Nonce1, Nonce2)), wherein, the input field of prf function is explained as follows: Key is the Key that records in Key Table in r, and PeerKeyID is the field that records in r; Trancate-48 represents 48 of from the result that the prf function generates intercepting front; Trancate when generating Ks represents the key according to the needs intercepting corresponding length of algorithm in RSVP-TE SA; Then, the second router is revised Ks corresponding in local RSVP-TE SA and the value of KeyID field;

Step e2: the second router changes the value of C-Type field in the SMO object of receiving into 4, Nonce value in the SMO object is changed into the value of the Nonce2 that oneself generates, the method that re-uses the RFC2747 definition generates the INTEGRITY object, according to method generation HELLO object and the CommonHeader information of RFC3209 definition; Wherein, the type of Hello object is request, and the INTEGRITY object is generated by SA.So just can generate response message, namely message 118.

After handling message 116, the second router sends to the first router with the message 118 that above-mentioned steps e2 generates.

Step 303: after the first router is received message 118, message 118 is processed accordingly;

Particularly, after the first router is received message 118, check consistent that in message 118, whether the Key Identifier field in the SMO object sends with oneself, whether approve to confirm the second router the SA that oneself creates; If both are consistent, the first router is obtained the Nonce2 that the second router provides from the SMO object, and use pseudo-random function prf to generate KeyID field and the key K s of the RSVP-TE agreement that defines in RFC2747, then the generation method revises Ks corresponding in local RSVP-TE SA and the value of KeyID field referring to above-mentioned steps d2; So, the first router and the second router have just been set up SA; If both are inconsistent, SA sets up unsuccessfully.

The present embodiment makes the first router not exist in the situation of RSVP-TE SA, can utilize Key Table and the second router to set up SA.

Need to prove, the difference of embodiment two and embodiment three is: the first router unilateral decision RSVP-TE SA in embodiment two, and in embodiment three, the first router and the second router determine RSVP-TE SA jointly.

The invention allows for a kind of SA update method, different with the described SA method for building up of embodiment three from top embodiment two is: before the first router was carried out interacting message to the second router, there had been an identical SA in both sides.

The method based on folk prescription Nonce or both sides Nonce renewal SA that the present invention proposes will be elaborated in embodiment four and embodiment five respectively.

Embodiment four

The present embodiment is still take the Hello interacting message of RSVP-TE agreement as example, introduce how to upgrade the method for SA between the first router and the second router based on folk prescription Nonce in Hello message, the method based on folk prescription Nonce renewal SA that the present embodiment provides also is applicable in other RSVP-TE protocol messages.

In the present embodiment, in the message 120 that the first router and the second router are mutual and the content of message 122 and embodiment two, the content of message 112 and message 114 is basic identical; Different is, in message 120, the C-Type field value of SMO object is 5, and in message 122, the C-Type field value of SMO object is 6.

Fig. 3 shows one embodiment of the invention based on the schematic flow sheet of the SA update method of folk prescription Nonce, and as shown in Figure 3, concrete steps comprise:

Step 401: the first router creates SA, generates the SMO object; And send the message 120 carry SMO object, INTEGRITY object to the second router;

Particularly, handling process and step 201 identical, still, this moment, the first router did not use newly-generated Ks and KeyID to replace corresponding field in existing SA.

Step 402: after the second router is received message 120, the second router is used the integrality of existing SA checking message 120, use with step 201 in similar method generation KeyID and Ks, then return to the response message of carrying SMO object, INTEGRITY object and Hello response object to the first router, namely message 122;

Particularly, the second router is checked through and comprises the SMO object in message after receiving message 120, and finds that the value of C-Type field in the SMO object is 5, just knows that the first router is wished and the own method renewal SA that uses based on folk prescription Nonce.So the second router is processing messages 120 in accordance with the following steps:

Step a3: the second router is used the integrality of existing SA checking message 120; If the verification passes, and the new SA that creates of the second router approval the first router, direct execution in step b3; If checking not by or the second router on do not have the Key Table record of correspondence, in the second router SMO object, Object Contents is set to 0, after perhaps only Key Identifier field is set to 0, execution in step b3 then;

Step b3: identical with the step b1 in embodiment two steps 202, do not repeat them here;

Step c3: the second router changes the value of C-Type field in the SMO object of receiving into 6, and the method that re-uses the RFC2747 definition generates the INTEGRITY object, according to method generation HELLO object and the Common Header information of RFC3209 definition; Wherein, the type of Hello object is generated by new SA for request, INTEGRITY object.So just can generate response message, namely message 122.

After handling message 120, the second router sends to the first router with the message 122 that above-mentioned steps c3 generates.

Step 403: after the first router is received message 122, message 122 is processed accordingly;

Particularly, after the first router is received message 122, check in message 122 in the SMO object nonce and Key Identifier field whether with own send consistent, whether approve the SA of oneself establishment with the confirmation the second router; If both are consistent, the first router writes local RSVP-TE SA storehouse with the information such as KeyID, Key that generate, and completes the renewal process of local SA, and so, the first router and the second router have just been upgraded SA; Otherwise SA upgrades unsuccessfully.

Need to prove, in the process of upgrading SA, also need to generate other fields of SA, in these fields, the identifying algorithm of RSVP-TE SA is by algorithm Field Definition corresponding in Key Table, and the lifetime field of RSVP-TE SA is by corresponding field definition in Key Table.Initial Sequence Number generates at random, and the management method of other fields can be with reference to RFC2747.

Embodiment five

Embodiment four has introduced how to upgrade the method for SA between the first router and the second router based on folk prescription Nonce in Hello message take the Hello interacting message of RSVP-TE agreement as example.

The present embodiment is still take the Hello interacting message of RSVP-TE agreement as example, introduce how to upgrade the flow process of SA between the first router and the second router based on both sides Nonce in Hello message, the method based on both sides Nonce renewal SA that the present embodiment provides also is applicable in other RSVP-TE protocol messages.

In the present embodiment, in the message 124 that the first router and the second router are mutual and the content of message 126 and embodiment four, the content of message 120 and message 122 is basic identical; Different is, in message 124, the C-Type field value of SMO object is 7, and in message 126, the C-Type field value of SMO object is 8.

Step 501: the first router creates SA, generates the SMO object; And send the message 124 carry SMO object, INTEGRITY object to the second router;

Particularly, handling process and step 401 identical do not repeat them here.

Step 502: after the second router is received message 124, the second router is used the integrality of existing SA checking message 124, use method similar in step 401 to generate KeyID and Ks, then return to the response message of carrying SMO object, INTEGRITY object and Hello response object to the first router, namely message 126;

Particularly, the second router is checked through and comprises the SMO object in message after receiving message 124, and finds that the value of C-Type type in the SMO object is 7, just knows that the first router is wished and the own method renewal SA that uses based on both sides Nonce.So the second router is processing messages 124 in accordance with the following steps:

Step a4: the second router is verified the integrality of message 124 with existing SA, particular content does not repeat them here referring to the corresponding contents in step 402;

Step b4: the second router is obtained the LocalKeyID field from the SMO object, wherein, PeerKeyID field in the local Key Table of this LocalKeyID Related fields the second router database, then the second router according to the PeerKeyID field find with the first router on the identical r that records, particular content does not repeat them here referring to corresponding step b1 in step 202;

Step c4: the second router generates the Nonce2 value of a 64bit at random;

Steps d 4: the Nonce2 value that the second router utilization generates and record KeyID field and the key K s of the RSVP-TE that defines in r generation RFC2747, concrete operations do not repeat them here referring to the related content of steps d in step 302 2;

Step e4: the second router changes the value of C-Type field in the SMO object of receiving into 8, Nonce value in the SMO object is changed into the Nonce2 value that oneself generates, use the method for RFC2747 definition to generate the INTEGRITY object, according to method generation HELLO object and the Common Header information of RFC3209 definition; Wherein, the type of Hello object is request, and the INTEGRITY object is generated by new SA.So just can generate response message, namely message 126.

After handling message 124, the response message that the second router generates above-mentioned steps e4, namely message 126 sends to the first router.

Step 503: after the first router is received message 126, message 126 is processed accordingly;

Particularly, after the first router was received message 126, the first router was carried out corresponding the processing and step 303 all fours to message 126, does not repeat them here.

What need to say is that the present invention does not need to upgrade Sequence Number field, only need to empty the content of List of last N Sequence Numbers.

Embodiment five compares with embodiment four, and the main distinction is: the first router unilateral decision RSVP-TE SA in embodiment four, and in embodiment five, the first router and the second router determine RSVP-TESA jointly.

Embodiment four, five and embodiment two, three difference be: embodiment four, the already present identical SA of five use protect negotiations process, and embodiment two, three protects negotiations process with the SA of new establishment; The former requires before key is expired, starts the SA update mechanism before perhaps Sequence Number repeats, and the latter creates SA when not having SA, its mutual classes of messages seemingly, but the creation-time of the handling process of message and SA is different.

Product embodiments

For the method that realizes that the present invention proposes, the invention allows for SA and create, set up and update the equipment.Below in conjunction with drawings and Examples, the present invention program is elaborated.

Embodiment six

Fig. 4 shows the structural representation that SA of the present invention creates equipment, and as shown in Figure 4, described SA establishment equipment comprises: search module and generation module; Wherein,

Particularly, generation module and is searched module and is connected, be used for generating Nonce value, and utilize the Nonce value of described generation and search module searches to record r, by KeyID and the Ks of the RSVP-TE agreement that defines in pseudo-random function prf generation RFC2747.

Further, described generation module also is used for: KeyID and the Ks of described generation are write local RSVP-TE SA storehouse; With described LocalKeyID in r and the described Nonce value of recording as the Key Identifier field in the SMO object and Nonce field.

Embodiment seven

Fig. 5 shows the structural representation of the SA apparatus for establishing that the present invention is based on folk prescription Nonce, as shown in Figure 5, this equipment comprises: first searches module, the first generation module, the first sending module, the first receiver module, the first authentication module, second searches module, the second generation module, the second sending module, the second receiver module, the second authentication module; Wherein,

Described the first generation module, search module and be connected with described the first authentication module with described first, be used for to generate the Nonce1 value, utilize Key, LocalKeyID in the described r of record and value and the described Nonce1 value of Interface, by pseudo-random function KeyID=trancate-48 (prf (Key, LocalKeyID, Interface, Nonce)) and Ks=trancate (prf (Key, LocalKeyID, Interface, Nonce)) generation KeyID and Ks; With described LocalKeyID in r and the described Nonce1 value of recording by Key Identifier field and Nonce field in the SMO object; And, KeyID and the Ks that generates write local RSVP-TE SA storehouse;

Described the second generation module, search module and be connected with described the second authentication module with described second, value and described Nonce1 value for Key, the LocalKeyID and the Interface that utilize the described r of record, by pseudo-random function KeyID=trancate-48 (prf (Key, LocalKeyID, Interface, and Ks=trancate (prf (Key Nonce)), LocalKeyID, Interface, Nonce)) generation KeyID and Ks; The KeyID that generates and Ks are write in local RSVP-TE SA storehouse; And change the value of Nonce field in the SMO object into the Nonce2 value;

Embodiment eight

The invention allows for a kind of SA apparatus for establishing based on both sides Nonce, this equipment also comprises: first searches module, the first generation module, the first sending module, the first receiver module, the first authentication module, second searches module, the second generation module, the second sending module, the second receiver module, the second authentication module; Wherein, compare with the SA apparatus for establishing based on folk prescription Nonce shown in Figure 5, in the present embodiment, except having the annexation and function identical with each module in equipment shown in Figure 5, mainly there is following difference in each functions of modules of equipment:

Described the second generation module, also be used for: generate the Nonce2 value, and utilize Key, PeerKeyID in the described r of record and value and Nonce1 value and the described Nonce2 value of Interface, by pseudo-random function KeyID=trancate-48 (prf (Key, PeerKeyID, Interface, Nonce1, Nonce2)) and Ks=trancate (prf (Key, PeerKeyID, Interface, Nonce1, Nonce2)) generation KeyID and Ks;

Described the first generation module, also be used for: after the first authentication module is verified, utilize Key, PeerKeyID in the described r of record and value and Nonce1 value and the described Nonce2 value of Interface, by pseudo-random function KeyID=trancate-48 (prf (Key, PeerKeyID, Interface, Nonce1, Nonce2)) and Ks=trancate (prf (Key, PeerKeyID, Interface, Nonce1, Nonce2)) generation KeyID and Ks.

Embodiment nine

Fig. 6 shows the structural representation that the SA that the present invention is based on folk prescription Nonce updates the equipment, as shown in Figure 6, this equipment comprises: first searches module, the first generation module, the first sending module, the first receiver module, the first authentication module, second searches module, the second generation module, the second sending module, the second receiver module, the second authentication module; Wherein,

Described the first generation module, search module and be connected with described the first authentication module with described first, be used for to generate the Nonce1 value, utilize Key, LocalKeyID in the described r of record and value and the described Nonce1 value of Interface, by pseudo-random function KeyID=trancate-48 (prf (Key, LocalKeyID, Interface, Nonce)) and Ks=trancate (prf (Key, LocalKeyID, Interface, Nonce)) generation KeyID and Ks; With described LocalKeyID in r and the described Nonce value of recording by Key Identifier field and Nonce field in the SMO object; And, KeyID and the Ks that generates write local RSVP-TE SA storehouse;

Described the second generation module, search module and be connected with described second, value and described Nonce1 value for Key, the LocalKeyID and the Interface that utilize the described r of record, by pseudo-random function KeyID=trancate-48 (prf (Key, LocalKeyID, Interface, and Ks=trancate (prf (Key Nonce)), LocalKeyID, Interface, Nonce)) generation KeyID and Ks; The KeyID that generates and Ks are write in local RSVP-TE SA storehouse; And change the value of Nonce field in the SMO object into the Nonce2 value;

Embodiment ten

The invention allows for a kind of SA based on both sides Nonce and update the equipment, this equipment also comprises: first searches module, the first generation module, the first sending module, the first receiver module, the first authentication module, second searches module, the second generation module, the second sending module, the second receiver module, the second authentication module; Wherein, update the equipment with the SA based on folk prescription Nonce shown in Figure 6 and compare, in the present embodiment, except having the annexation and function identical with each module in equipment shown in Figure 6, mainly there is following difference in each functions of modules of equipment:

In order to understand better the present invention program and related content, the below gives establishment and the update mechanism of other fields in RSVP-TE SA.

Key Table is a table of manual configuration, shares in all legal routes of common network.Need to use when initialization SA and key updating, be below that the main field in Key Table is as follows:

-LocalKeyID:16 position integer is as a sign of local routing node.

-PeerKeyID:16 position integer is as a sign of opposite end routing node.

-Peers: record has the peer IP address of identical father's key (Key).

-Interfaces: record has the opposite end physical address of identical father's key (Key).

-communication protocol (Protocol): using the Routing Protocol of father's key in this table, is the RSVP-TE-TE agreement in the present invention

-KDF: key-function, use pseudo-random function (Pseudo-Random Function, PRF) in the present invention

-AlgID: identifying algorithm, available algorithm has: HMAC-SHA-1, HMAC-SHA-256, HMAC-SHA-384 and HMAC-SHA-512.

-Key: father's key, also referred to as long term keys.

In the SA of the RSVP-TE of RFC2747 definition, main field is as follows:

-Authentication algorithm: identifying algorithm.Be used for generating the verify data of integrity object object.

The key of-Key:RSVP-TE SA.Be used for generating the verify data of integrity object object.

-Lifetime: the life cycle of this Security Association.RSVP-TE must upgrade by the Security Association to RSVP-TE before lifetime expires.

-Interface: the interface of the RSVP-TE agreement that safety alliance is corresponding.

-Source Address: the IP address of transmit leg.

-Latest Sending Sequence Number: the last Sequence Number that uses.Be used for Sequence Number is increased.

-List of Last N Sequence Numbers: a nearest used N Sequence Number.

In field generation RSVP-TE from Key table, the corresponding relation of corresponding field is as described below:

-Authentication algorithm field: the Authentication algorithm field in RSVP-TE SA is by the AlgID Field Definition in Key Table.When creating and upgrade RSVP-TE SA, directly the AlgID field from Key Table copies and gets final product.

-Key field: the Key field in RSVP-TE SA is generated according to the KDF function by the Key field in Key Table.The embodiment of the present invention two, three, four, five has defined the generation method.

-Lifetime field: Lifetime is by administrator configurations.Sign is from bringing into use this SA to the time that finishes to use this SA.

The Interface field in-Interface:RSVP-TE SA directly Interfaces field from Key Table copies.

-Source Address: this field is by the maintenance of RSVP-TE agreement, and the present invention does not change the definition of this field.

-Latest Sending Sequence Number: this field is by the maintenance of RSVP-TE current mechanism, and embodiments of the invention do not change this field.

-List of Last N Sequence Numbers: this field is by the maintenance of RSVP-TE current mechanism, and embodiments of the invention do not change this field.

Do not define Key Identifier field in RSVP-TE SA, but Integriey Object object uses Key Identifier field to be used as the index of SA.The corresponding Key Identifier of each SA, therefore, when SA changed, Key Idnetifier also needed change.

The generation method of Key Identifier field is provided by embodiment two, three, four, five.

The above is only the preferred embodiments of the present invention, is not limited to the present invention, and for a person skilled in the art, the present invention can have various modifications and variations.All any modifications of doing within the spirit and principles in the present invention, be equal to replacement, improvement etc., within protection scope of the present invention all should be included in.

Claims

1. a Security Association (SA) creation method, is characterized in that, the method comprises:

2. method according to claim 1, is characterized in that, after described the first router generates Nonce value, before generation KeyID and Ks, the method also comprises:

3. method according to claim 1 and 2, is characterized in that, after described the first router generated KeyID and Ks, the method also comprised:

4. method according to claim 1 and 2, is characterized in that, described the first router utilizes described Nonce value and the described r of record generates KeyID by pseudo-random function and Ks comprises:

5. a SA method for building up, is characterized in that, the method comprises:

6. method according to claim 5, is characterized in that, described the second router find from the Key Table of the second router self according to the SMO object that carries in described RSVP-TE protocol message with the first router on the identical r that records comprise:

7. method according to claim 6, is characterized in that, described the second router utilizes the Nonce1 value and the described r of record generates KeyID by pseudo-random function and Ks comprises:

8. method according to claim 7, is characterized in that, described the second router uses the KeyID and the Ks that generate to verify that the integrality of described RSVP-TE protocol message comprises:

9. method according to claim 8, is characterized in that, after described the first router is received described response message, described response message carried out respective handling comprise:

10. method according to claim 7, is characterized in that, described the second router uses the KeyID and the Ks that generate to verify that the integrality of described RSVP-TE protocol message comprises:

11. method according to claim 10 is characterized in that, after described the first router is received described response message, described response message is carried out respective handling comprise:

after described the first router is received the response message of the described Nonce1 of carrying value and SMO object, if it is consistent that the Key Identifier field in the SMO object that acknowledges receipt of sends with oneself, with the described Key that records in r, the value of PeerKeyID and Interface, and the Nonce2 value in described Nonce1 value and described SMO object, respectively by pseudo-random function KeyID=trancate-48 (prf (Key, PeerKeyID, Interface, Nonce 1, and Ks=trancate (prf (Key Nonce2)), PeerKeyID, Interface, Nonce1, Nonce2)) generate KeyID and Ks, and the KeyID that use to generate and Ks revise the value of corresponding K eyID and Ks field in local RSVP-TE SA storehouse.

12. a SA update method is characterized in that there have been identical SA1 in the first router and the second router; The method comprises:

13. method according to claim 12 is characterized in that, described the second router find from the Key Table of the second router self according to the SMO object that carries in described RSVP-TE protocol message with the first router on the identical r that records comprise:

14. method according to claim 13 is characterized in that, described the second router utilizes the Nonce value and the described r of record generates KeyID by pseudo-random function and Ks comprises:

Described the second router is with described Key, PeerKeyID in r and value and the Nonce1 value of Interface of recording, respectively by pseudo-random function KeyID=trancate-48 (prf (Key, LocalKeyID, Interface, and Ks=trancate (prf (Key Nonce)), LocalKeyID, Interface, Nonce)) generation KeyID and Ks; The KeyID that use to generate and Ks create SA corresponding to SA that creates with the first router, and with the value of corresponding K eyID and Ks field in the KeyID that generates and the local RSVP-TE SA of Ks renewal;

15. method according to claim 14 is characterized in that, after described the first router is received described response message, described response message is carried out respective handling comprise:

16. method according to claim 13 is characterized in that, described the second router utilizes the Nonce value and the described r of record generates KeyID by pseudo-random function and Ks comprises:

17. method according to claim 16 is characterized in that, after described the first router is received described response message, described response message is carried out respective handling comprise:

18. a SA creates equipment, it is characterized in that, this equipment comprises: search module and generation module; Wherein,

19. equipment according to claim 18 is characterized in that, described generation module also is used for:

20. SA apparatus for establishing, it is characterized in that, this equipment comprises: first searches module, the first generation module, the first sending module, the first receiver module, the first authentication module, second searches module, the second generation module, the second sending module, the second receiver module, the second authentication module; Wherein,

21. equipment according to claim 20 is characterized in that,

Described the second generation module, also be used for: generate Nonce2 value, and utilize Key, PeerKeyID in the described r of record and value and Nonce1 value and the described Nonce2 value of Interface, pass through respectively pseudo-random function KeyID=trancate-48 (prf (Key, PeerKeyID, Interface, Nonce1, Nonce2)) and Ks=trancate (prf (Key, PeerKeyID, Interface, Nonce1, Nonce2)) generation KeyID and Ks;

22. equipment according to claim 21 is characterized in that,

Described first searches module, described the first generation module, described the first sending module, described the first receiver module and described the first authentication module, is arranged in the first router side or is arranged at the first router;

23. a SA updates the equipment, it is characterized in that, this equipment comprises: first searches module, the first generation module, the first sending module, the first receiver module, the first authentication module, second searches module, the second generation module, the second sending module, the second receiver module, the second authentication module; Wherein,

24. equipment according to claim 23 is characterized in that,

25. equipment according to claim 24 is characterized in that,