CN106254061A - A kind of express network storage encipher-decipher method - Google Patents
A kind of express network storage encipher-decipher method Download PDFInfo
- Publication number
- CN106254061A CN106254061A CN201610666423.6A CN201610666423A CN106254061A CN 106254061 A CN106254061 A CN 106254061A CN 201610666423 A CN201610666423 A CN 201610666423A CN 106254061 A CN106254061 A CN 106254061A
- Authority
- CN
- China
- Prior art keywords
- fpga
- encryption
- encipher
- interface board
- exchange
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/0643—Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Power Engineering (AREA)
- Storage Device Security (AREA)
Abstract
nullThe present invention provides a kind of express network storage encipher-decipher method,Described method by carrying out exchange concurrent operations process to status information,Complete the linear speed disk command to FC encryption equipment to map,Independent burst process is carried out again with 64 burst flow waterlines,Use interface FPGA that densifying plate is carried out data stream scheduling,Adjusted the value of waterline by GPIO signal between interface board FPGA and encryption and decryption plate FPGA,QDR SRAM is used to complete the caching of two grades of intermodules as level cache,DIMM DDR3 completes the caching between previous module as L2 cache,Complete encryption process,Use more common HASH chained list mode,Can navigate to fast and accurately search target,By stamping token flag on each frame,Can effectively prevent out of order generation;Take a plurality of 64 burst flow waterlines inside FPGA, carry out independent burst process, procedure-node synthesis result according to the difference of task, effectively solve access disposal ability.
Description
Technical field
The invention belongs to the field of information security technology under Information Networking Architecture, be specifically related to a kind of express network and deposit
Storage encipher-decipher method.
Background technology
In field of storage, FC SAN(optical fiber storage area network) occupy based on its inborn high-performance, stability always
Major part market.Along with the outburst of the most various information security events, people ensure certainly in the urgent need to there being a kind of approach
Oneself data safety, especially as units such as banks.The applied environment of FC logical volume transfer method and storage network system, FC agreement feature for user
And high-availability requirement, the most reliable and the most stable, safely controllable, solve user quickly and efficiently and store the privacy problem of network data
And cipher key management considerations, develop background and the meaning of express network storage encryption equipment just.Express network storage encryption
Owner to resolve the application server in FC SAN network (hereinafter referred to as by a kind of data encrypting and deciphering based on FC agreement mechanism
Server end) and disk array (hereinafter referred to as memorizer end) between FC agreement, between server end and memorizer end pass
Defeated data carry out encryption and decryption.The encryption and decryption technology that equipment is used avoids the performance reducing the original application system of user, special
It not the efficiency of transmission of data message, meet the harsher requirement that encryption and decryption system is proposed by the long delay characteristic of system,
While meeting user's request, it is ensured that system meets the close office of the state demand of technical standard to commercial encryption product.
Summary of the invention
In order to solve the problems referred to above, the present invention provides a kind of express network storage encipher-decipher method,
Described method, by status information carries out exchange concurrent operations process, completes the life of the linear speed disk to FC encryption equipment
Order maps, then carries out independent burst process with 64 burst flow waterlines, uses interface FPGA that densifying plate is carried out data stream scheduling,
Between interface board FPGA and encryption and decryption plate FPGA, adjusted the value of waterline by GPIO signal, use QDR SRAM as one-level
Having cached the caching of two grades of intermodules, DIMM DDR3 completes the caching between previous module as L2 cache, completes to add solution
Close process;
Further, described method includes:
S1: input state information;
S2: status information in S1 is carried out exchange concurrent operations process;
S3: the information processed in S2 is carried out data process;
S4: the information processing data in S3 carries out frame buffer and frame order-preserving, completes encryption and decryption;
Further, described S2 is specially in the encryption and decryption operation of an exchange, and key keeps constant, in record Frame
LUN, LBA, ID and offset information, the FCP_DATA of follow-up arrival uniquely positions according to ID, and described LUN and LBA information are used
Key in encryption and decryption guides;
Further, described exchange is specially FCP-SCSI disk commands, and one time disk command is mapped as once
Exchange, each exchange are decomposed into multiple unidirectional sequence, and each sequence is decomposed into the frame of multiple FC-2;
Further, remembered by HASH chained list mode when described S2 processes concurrent exchange and sequence intersection operation
Record the FC session of million grades, and with secondary hash and dynamically renewal solution HASH conflict;
Further, described secondary hash is that the keyword to hash passes through twice different hash algorithm, is respectively compared location,
Described dynamic renewal is to remove session node after an exchange terminates in time, discharges resource;
Further, described S3 is specially and takes 64 burst flow waterlines inside FPGA, carries out independence according to the difference of task
Burst processes, and uses procedure-node to synthesize result, uses interface board FPGA densifying plate to be carried out data stream scheduling, at interface board
Adjusted the value of waterline by GPIO signal between FPGA and encryption and decryption plate FPGA;
Further, the value of described adjustment waterline method particularly includes: when encryption and decryption plate FPGA process queue reach waterline time, accuse
Knowing interface board FPGA selective intake message, interface board FPGA is abandoned by the statistical information in conversational list and passes in same connection
The message that transmission of data is minimum;
Further, described S4 is specially the caching using QDR SRAM to complete two grades of intermodules as level cache, use
DIMM DDR3 completes the caching between previous module as L2 cache, and stamps token flag on each frame;
Further, described S1 input information status information method includes being synchronized by the heartbeat at equipment rear portion and passing through equipment
Anterior HA interface synchronization.
Beneficial effects of the present invention is as follows:
1) by processing concurrent magnanimity exchange and sequence intersection operation, the encryption and decryption operation of linear speed is completed, due to
Equipment is on the node of a mass memory, and the quantity of the most concurrent exchange likely reaches million grades, namely
The system of saying needs to record the FC session of million grades, and the realization mechanism for this FC session is more common by using
HASH chained list mode, can navigate to search target fast and accurately;
2) the process time delay of each unit is by very big for the buffer memory causing frame, by stamping token flag on each frame, permissible
Effectively prevent out of order generation;
3) hardware completes the Frame forwarding of all FCP, encryption and decryption, and software completes configuration and management;
4) take a plurality of 64 burst flow waterlines inside FPGA, carry out independent burst process, procedure-node according to the difference of task
Synthesis result, effectively solves access disposal ability;
5) densifying plate uses interface FPGA to do data stream scheduling, it is achieved that data balancing algorithm, at multiple encryption chip chip chambers
Equilibrium assignmen data stream, plays the disposal ability of many encryption chips to greatest extent;
6) supporting 8G data access due to interface, and encryption and decryption disposal ability only has 4G, this necessarily causes having part of message
It is dropped at device interior, owing to some message abandoned can only be retransmitted unlike Transmission Control Protocol by FC agreement, and
It is that whole operation is retransmitted, so adjusting waterline by GPIO signal between interface board FPGA and encryption and decryption plate FPGA
Value, when encryption and decryption plate FPGA process queue reach waterline time inform interface board FPGA selective intake message, interface board FPGA
Ensure only to abandon the message having transmitted minimum data in those same connections by the statistical information in conversational list;
7) FPGA is operated in 166MHz dominant frequency, meets 4Gbps disposal ability;
8) both can be by the heartbeat Synchronization Status Message at equipment rear portion, it is also possible to by the HA interface synchronization shape that equipment is anterior
State information, it is achieved two-node cluster hot backup.
Accompanying drawing explanation
Fig. 1 is the hardware structure diagram of the equipment realizing the method for the invention.
Detailed description of the invention
In order to make the purpose of the present invention, technical scheme and advantage clearer, below in conjunction with drawings and Examples, right
The present invention is explained in further detail.Should be appreciated that specific embodiment described herein is used only for explaining the present invention, and
It is not used in the restriction present invention.On the contrary, the present invention contain any be defined by the claims do in the spirit and scope of the present invention
Replacement, amendment, equivalent method and scheme.Further, in order to make the public that the present invention to be had a better understanding, below to this
During the details of invention describes, detailed describe some specific detail sections.Do not have these thin for a person skilled in the art
The description of joint part can also understand the present invention completely.
The invention will be further described with specific embodiment below in conjunction with the accompanying drawings, but not as a limitation of the invention.
Below for the most preferred embodiment of enumerating of the present invention:
As it is shown in figure 1, the present invention provides a kind of express network storage encipher-decipher method, described method is tied based on the hardware in Fig. 1
Structure, by status information carries out exchange concurrent operations process, completes the linear speed disk command to FC encryption equipment and maps, then
Carry out independent burst process with 64 burst flow waterlines, use interface FPGA densifying plate to be carried out data stream scheduling, at interface board
Adjusted the value of waterline between FPGA and encryption and decryption plate FPGA by GPIO signal, use QDR SRAM to complete as level cache
The caching of two grades of intermodules, DIMM DDR3 completes the caching between previous module as L2 cache, completes encryption process,
Described method includes:
S1: input state information;
S2: status information in S1 is carried out exchange concurrent operations process;
S3: the information processed in S2 is carried out data process;
S4: the information processing data in S3 carries out frame buffer and frame order-preserving, completes encryption and decryption, and described S1 inputs information state
Information approach includes being synchronized by the heartbeat at equipment rear portion and passing through the HA interface synchronization that equipment is anterior, and described S2 is specially one
In the encryption and decryption operation of secondary exchange, key keeps constant, LUN, LBA, ID and offset information in record Frame, after
The continuous FCP_DATA arrived uniquely positions according to ID, and described LUN and LBA information guide for the key of encryption and decryption, described
Exchange is specially FCP-SCSI disk commands, and a disk command is mapped as an exchange, every time
Exchange is decomposed into multiple unidirectional sequence, and each sequence is decomposed into the frame of multiple FC-2, and described process is concurrent
Exchange and sequence intersect operation time by the FC session of HASH chained list mode record million grades, and with secondary
Hash and dynamically renewal solve HASH conflict, and described secondary hash is that the keyword to hash is calculated by twice different hash
Method, is respectively compared location, and described dynamic renewal is to remove session node, release money after an exchange terminates in time
Source, described S3 is specially and takes 64 burst flow waterlines inside FPGA, carries out independent burst process according to the difference of task, and
Use procedure-node synthesis result, use interface board FPGA that densifying plate is carried out data stream scheduling, at interface board FPGA and add solution
Adjusted the value of waterline by GPIO signal between close plate FPGA, the value of described adjustment waterline method particularly includes: work as encryption and decryption
When plate FPGA process queue reaches waterline, informing interface board FPGA selective intake message, interface board FPGA is by conversational list
Statistical information abandon the message having transmitted minimum data in same connection, described S4 be specially use QDR SRAM as one-level
Having cached the caching of two grades of intermodules, the DIMM DDR3 of use completes the caching between previous module as L2 cache, and
Each frame stamps token flag.
The concrete encryption flow of the method for the invention is as follows:
During disk write, write order and write data device interior be all by interface board FPGA outer net receive after, send
To encryption/decryption module, after the data needing encryption are encrypted, re-send to interface board FPGA Intranet.The session note of its correspondence
Record network interface plate outside.This flow process is broadly divided into following step:
1) server sends FCP_CMMD write order frame.
2), after the interface module of interface board FPGA outer net receives FCP_CMMD write order frame, it is sent to association by combiner
View parsing module.
3) interface board FPGA outer net is FCP_CMMD write order frame at this frame of protocol resolution module identification, and extracts in frame head
S_ID, the LUN in D_ID, OX_ID information, and FC frame payload and LBA information.
4) interface board FPGA outer net uses D_ID to search corresponding Device_ID in Disk Mapping table module.
5) interface board FPGA outer net conversational list module with S_ID, D_ID, OX_ID} be keyword create a session,
Record { LUN, LBA, Device_ID} information the most in a session.
6) interface board FPGA outer net is given after FCP_CMMD write order frame is used self-defined PDU encapsulation by uplink module
XAUI transceiver module, is finally sent to encryption/decryption module.
7) this PDU message transmission is sent to interface board FPGA Intranet by encryption/decryption module.
8) the XAUI transceiver module of interface board FPGA Intranet is after encryption/decryption module receives this PDU message, gives descending mould
Block processes.
9) after the downstream module of interface board FPGA Intranet takes out FCP_CMMD write order frame from PDU message, by closing road
Device is sent to interface module, is finally sent to disk array.
10) disk array replys FCP_XFER_RDY transmission preparation frame.
11), after the interface module of interface board FPGA Intranet receives FCP_XFER_RDY transmission preparation frame, combiner is passed through
It is sent to protocol resolution module.
12) this frame of protocol resolution module identification of interface board FPGA Intranet is that FCP_XFER_RDY transmission prepares frame, then
It is sent to uplink module.
13) the FCP_XFER_RDY frame self-defined PDU of use is packaged by the uplink module of interface board FPGA Intranet, sends
To XAUI transceiver module, it is finally sent to encryption/decryption module.
14) this PDU message transmission is sent to interface board FPGA outer net by encryption/decryption module.
15) the XAUI transceiver module of interface board FPGA outer net is after encryption/decryption module receives this PDU message, gives descending mould
Block processes.
16) after the downstream module of interface board FPGA outer net takes out FCP_XFER_RDY transmission preparation frame from PDU message, logical
Cross combiner and be sent to interface module, be finally sent to server.
17), after server receives FCP_XFER_RDY transmission preparation frame, FCP_DATA write data frame is sent.
18), after the interface module of interface board FPGA outer net receives FCP_DATA write data frame, it is sent to by combiner
Protocol resolution module.
19) this frame of protocol resolution module identification of interface board FPGA outer net is FCP_DATA write data frame, and extracts frame head
In S_ID, D_ID, OX_ID information.
20) interface board FPGA outer net conversational list module with S_ID, D_ID, OX_ID} are that keyword makes a look up, search
After session, it is thus achieved that session information { LUN, LBA, Device_ID}.
21) FCP_DATA write data frame is split by 512 bytes by interface board FPGA outer net at uplink module, by each
Fragment uses self-defined PDU to be packaged, and is sent to XAUI transceiver module, is finally sent to encryption/decryption module.
22), after the data in PDU message are encrypted by encryption/decryption module, it is sent to interface board FPGA Intranet.
23) the XAUI transceiver module of interface board FPGA Intranet is after encryption/decryption module receives this PDU message, gives descending mould
Block processes.
24) downstream module of interface board FPGA Intranet takes out FCP_DATA write data frame from PDU message, if not
Later burst, will no longer carry out the process of follow-up flow process after this fragment cache memory.
25) by all FCP_DATA fragment assemblies after the downstream module of interface board FPGA Intranet receives last burst
It is a complete FCP_DATA write data frame, is then sent to interface module by combiner, is finally sent to disk array.
26) step 17-25 repeatedly, processes multiple FCP_DATA write data frame.
27) disk array sends FCP_RSP write response frame.
28), after the interface module of interface board FPGA Intranet receives FCP_RSP write response frame, it is sent to association by combiner
View parsing module.
29) this frame of protocol resolution module identification of interface board FPGA Intranet is FCP_RSP write response frame, and extracts in frame head
S_ID, D_ID, OX_ID information.
30) interface board FPGA Intranet conversational list module with S_ID, D_ID, OX_ID} be keyword carry out close connect
Operation.
31) the FCP_RSP write response frame self-defined PDU of use is packaged by the uplink module of interface board FPGA Intranet, sends out
Deliver to XAUI transceiver module, be finally sent to encryption/decryption module.
32) this PDU message transmission is sent to interface board FPGA outer net by encryption/decryption module.
33) the XAUI transceiver module of interface board FPGA outer net is after encryption/decryption module receives this PDU message, gives descending mould
Block processes.
34) after the downstream module of interface board FPGA outer net takes out FCP_RSP write response frame from PDU message, by closing road
Device is sent to interface module, is finally sent to server.
35) server completes a write operation.
Wherein the algorithm types of encryption method includes that symmetric block ciphers algorithm, asymmetric cryptographic algorithm and cryptographic Hash are calculated
Method, the random number used in crypto-operation uses the physical noise source in safety chip to produce.Wherein:
1) asymmetric cryptographic algorithm uses the SM2 algorithm that the approval of close office of state uses, and uses the grand think of safety chip shaped
HS32U2-K(SSX0912-B) strong existing.
2) cryptographic Hash algorithm uses the SM3 algorithm that the approval of close office of state uses.Use the grand think of safety chip shaped
HS32U2-K(SSX0912-B) soft realization.
3) symmetric block ciphers algorithm uses the SM4 algorithm that the approval of close office of state uses.Use the grand think of safety chip of sizing
HS32U2-K(SSX0912-B) soft realization (for key management), and the soft realization of interface board FPGA (adds solution for business
Close).
4) random number uses the grand think of WNG serial physical noise source WNG9 that close office of state has shaped, and fully ensures that generation
Random number has good randomness.
The cryptographic algorithm that network storage encryption equipment uses is provided with cryptographic algorithm, the integrity of module of software and hardware, just
The security mechanisms such as true property inspection, so that it is guaranteed that cryptographic algorithm is in correct, safe duty all the time.
The random parameter when key of all uses of network storage encryption equipment, certification is by the physical noise source of safety chip
Produce.
Above-mentioned encryption method is mainly used in business datum encryption and decryption, summary, digital signature authentication, authentication, storage guarantor
Protect the function such as encryption and key distribution encryption.Wherein business datum encryption function employs SM4 algorithm, and block length is
128bit, key length is 128bit;Digital signature authentication and identity authentication function use SM2, SM3 algorithm jointly to realize, public/
A length of 512/256 bit of private key.Storage protection encryption function uses SM4 algorithm to realize, grouping algorithm key length 128bit.
Key distribution AES uses SM2, and SM3, SM4 algorithm completes jointly, a length of 512/256 bit of public/private key pair, grouping algorithm
Key length 128 bit.
Wherein, business datum AES, use SM4 algorithm, realized by packet ecb mode.
Storage protection AES, uses SM4 algorithm, is realized by packet ecb mode.
Key distribution AES, is used SM2, SM3 and SM4 algorithm, is realized by digital envelope mode.
Authentication AES, uses SM2 and SM3 algorithm to realize.
Cryptographic algorithm concrete configuration in network storage encryption equipment, act on and manage as follows:
Embodiment described above, the simply one of the present invention more preferably detailed description of the invention, those skilled in the art exists
The usual variations and alternatives carried out in the range of technical solution of the present invention all should comprise within the scope of the present invention.
Claims (10)
1. an express network storage encipher-decipher method, it is characterised in that described method is by carrying out status information
Exchange concurrent operations processes, and completes the linear speed disk command to FC encryption equipment and maps, then carries out with 64 burst flow waterlines
Independent burst process, use interface FPGA densifying plate is carried out data stream scheduling, interface board FPGA and encryption and decryption plate FPGA it
Between adjusted the value of waterline by GPIO signal, use QDR SRAM to complete the caching of two grades of intermodules as level cache,
DIMM DDR3 completes the caching between previous module as L2 cache, completes encryption process.
Encipher-decipher method the most according to claim 1, it is characterised in that described method includes:
S1: input state information;
S2: status information in S1 is carried out exchange concurrent operations process;
S3: the information processed in S2 is carried out data process;
S4: the information processing data in S3 carries out frame buffer and frame order-preserving, completes encryption and decryption.
Encipher-decipher method the most according to claim 2, it is characterised in that a described S2 specially exchange adds solution
In close operation, key keeps constant, LUN, LBA, ID and offset information in record Frame, the FCP_DATA of follow-up arrival
Uniquely positioning according to ID, described LUN and LBA information guide for the key of encryption and decryption.
Encipher-decipher method the most according to claim 3, it is characterised in that described exchange is specially FCP-SCSI magnetic
Dish operational order, one time disk command is mapped as an exchange, and each exchange is decomposed into multiple unidirectional
Sequence, each sequence are decomposed into the frame of multiple FC-2.
Encipher-decipher method the most according to claim 4, it is characterised in that described S2 processes concurrent exchange and
Sequence intersect operation time by the FC session of HASH chained list mode record million grades, and with secondary hash and dynamically the most more
The new HASH of solution conflicts.
Encipher-decipher method the most according to claim 5, it is characterised in that described secondary hash is that the keyword to hash leads to
Crossing twice different hash algorithm, be respectively compared location, described dynamic renewal is to remove in time after an exchange terminates
Session node, discharges resource.
Encipher-decipher method the most according to claim 2, it is characterised in that described S3 is specially and takes 64 inside FPGA
Burst flow waterline, carries out independent burst process according to the difference of task, and uses procedure-node to synthesize result, use interface board
FPGA carries out data stream scheduling to densifying plate, adjusts water by GPIO signal between interface board FPGA and encryption and decryption plate FPGA
The value of line.
Encipher-decipher method the most according to claim 7, it is characterised in that the value of described adjustment waterline method particularly includes:
When encryption and decryption plate FPGA process queue reaches waterline, informing interface board FPGA selective intake message, interface board FPGA passes through
Statistical information in conversational list abandons the message having transmitted minimum data in same connection.
Encipher-decipher method the most according to claim 2, it is characterised in that described S4 is specially and uses QDR SRAM as one
Level has cached the caching of two grades of intermodules, and the DIMM DDR3 of use completes the caching between previous module as L2 cache,
And stamp token flag on each frame.
Encipher-decipher method the most according to claim 2, it is characterised in that described S1 inputs information status information method bag
Include and synchronized by the heartbeat at equipment rear portion and by the HA interface synchronization of equipment front portion.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610666423.6A CN106254061B (en) | 2016-08-14 | 2016-08-14 | A kind of high speed network storage encipher-decipher method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610666423.6A CN106254061B (en) | 2016-08-14 | 2016-08-14 | A kind of high speed network storage encipher-decipher method |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN106254061A true CN106254061A (en) | 2016-12-21 |
| CN106254061B CN106254061B (en) | 2019-08-23 |
Family
ID=57592930
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201610666423.6A Active CN106254061B (en) | 2016-08-14 | 2016-08-14 | A kind of high speed network storage encipher-decipher method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN106254061B (en) |
Cited By (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109286501A (en) * | 2018-11-13 | 2019-01-29 | 北京深思数盾科技股份有限公司 | Authentication method and encryption equipment for encryption equipment |
| CN109474429A (en) * | 2018-12-24 | 2019-03-15 | 无锡市同威科技有限公司 | A kind of cipher key configuration strategy process towards FC storage encryption gateway |
| CN109791589A (en) * | 2017-08-31 | 2019-05-21 | 华为技术有限公司 | A kind of method and device of calculator memory data enciphering/deciphering |
| CN112910891A (en) * | 2021-01-29 | 2021-06-04 | 南京十方网络科技有限公司 | Network security interconnection system based on FPGA high-speed encryption and decryption |
| CN113220231A (en) * | 2021-05-11 | 2021-08-06 | 无锡众星微系统技术有限公司 | Adaptive flow control method and device supporting STP application |
| CN117560226A (en) * | 2024-01-09 | 2024-02-13 | 上海芯联芯智能科技有限公司 | Method and device for data transmission through VPN |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20060126835A1 (en) * | 2004-12-13 | 2006-06-15 | Kim Kwang O | High-speed GCM-AES block cipher apparatus and method |
| CN1910571A (en) * | 2003-07-25 | 2007-02-07 | 国际商业机器公司 | A single chip protocol converter |
| CN101854353A (en) * | 2010-04-28 | 2010-10-06 | 国网电力科学研究院 | Multi-chip parallel encryption method based on FPGA |
| CN103152165A (en) * | 2013-01-25 | 2013-06-12 | 西安电子科技大学 | Field programmable gate array (FPGA)-based superfast auxiliary encoder system (AES) processor and implementing method thereof |
| CN204028891U (en) * | 2014-07-31 | 2014-12-17 | 深圳市惠立智能电力科技有限公司 | A kind of dsp chip reads the circuit of two panels A/D chip data continuously |
| CN104852798A (en) * | 2015-05-11 | 2015-08-19 | 清华大学深圳研究生院 | Data encryption and decryption system and method thereof |
-
2016
- 2016-08-14 CN CN201610666423.6A patent/CN106254061B/en active Active
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1910571A (en) * | 2003-07-25 | 2007-02-07 | 国际商业机器公司 | A single chip protocol converter |
| US20060126835A1 (en) * | 2004-12-13 | 2006-06-15 | Kim Kwang O | High-speed GCM-AES block cipher apparatus and method |
| CN101854353A (en) * | 2010-04-28 | 2010-10-06 | 国网电力科学研究院 | Multi-chip parallel encryption method based on FPGA |
| CN103152165A (en) * | 2013-01-25 | 2013-06-12 | 西安电子科技大学 | Field programmable gate array (FPGA)-based superfast auxiliary encoder system (AES) processor and implementing method thereof |
| CN204028891U (en) * | 2014-07-31 | 2014-12-17 | 深圳市惠立智能电力科技有限公司 | A kind of dsp chip reads the circuit of two panels A/D chip data continuously |
| CN104852798A (en) * | 2015-05-11 | 2015-08-19 | 清华大学深圳研究生院 | Data encryption and decryption system and method thereof |
Cited By (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109791589A (en) * | 2017-08-31 | 2019-05-21 | 华为技术有限公司 | A kind of method and device of calculator memory data enciphering/deciphering |
| CN109286501A (en) * | 2018-11-13 | 2019-01-29 | 北京深思数盾科技股份有限公司 | Authentication method and encryption equipment for encryption equipment |
| CN109474429A (en) * | 2018-12-24 | 2019-03-15 | 无锡市同威科技有限公司 | A kind of cipher key configuration strategy process towards FC storage encryption gateway |
| CN109474429B (en) * | 2018-12-24 | 2022-02-15 | 无锡市同威科技有限公司 | Key configuration strategy method facing FC storage encryption gateway |
| CN112910891A (en) * | 2021-01-29 | 2021-06-04 | 南京十方网络科技有限公司 | Network security interconnection system based on FPGA high-speed encryption and decryption |
| CN113220231A (en) * | 2021-05-11 | 2021-08-06 | 无锡众星微系统技术有限公司 | Adaptive flow control method and device supporting STP application |
| CN117560226A (en) * | 2024-01-09 | 2024-02-13 | 上海芯联芯智能科技有限公司 | Method and device for data transmission through VPN |
| CN117560226B (en) * | 2024-01-09 | 2024-03-19 | 上海芯联芯智能科技有限公司 | Method and device for data transmission through VPN |
Also Published As
| Publication number | Publication date |
|---|---|
| CN106254061B (en) | 2019-08-23 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN106254061A (en) | A kind of express network storage encipher-decipher method | |
| US10148431B2 (en) | Master key generation and distribution for storage area network devices | |
| US8989388B2 (en) | Distribution of storage area network encryption keys across data centers | |
| US9338150B2 (en) | Content-centric networking | |
| US8526615B2 (en) | Storage system executing encryption and decryption processing | |
| US7290134B2 (en) | Encapsulation mechanism for packet processing | |
| EP1943767B1 (en) | Method and apparatus for performing encryption of data at rest at a port of a network device | |
| CN104579646B (en) | Method, device and circuit that the limited monotonic transformation of clobber book and encryption and decryption thereof are applied | |
| CN106254896B (en) | A kind of distributed cryptographic method for real-time video | |
| US10715332B2 (en) | Encryption for transactions in a memory fabric | |
| CN106330868A (en) | Encrypted storage key management system and method of high-speed network | |
| US11784984B2 (en) | Methods to strengthen cyber-security and privacy in a deterministic internet of things | |
| US9071589B1 (en) | Encryption key management for storage area network devices | |
| JPH0969830A (en) | Cipher communication system | |
| US10699031B2 (en) | Secure transactions in a memory fabric | |
| Puthal et al. | A synchronized shared key generation method for maintaining end-to-end security of big data streams | |
| CN112235382B (en) | Transaction management system and method based on block chain fragmentation | |
| CN103369016A (en) | Method for realizing network storage protocol stack based on iSCSI | |
| Dini et al. | Protected pointers in wireless sensor networks | |
| CN116827956A (en) | Performance optimization method of high-performance computing cluster architecture | |
| CN113965373A (en) | Data exchange method and system based on intelligent network card and server |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| PE01 | Entry into force of the registration of the contract for pledge of patent right | ||
| PE01 | Entry into force of the registration of the contract for pledge of patent right |
Denomination of invention: A high speed network storage encryption and decryption method Effective date of registration: 20210312 Granted publication date: 20190823 Pledgee: Beijing Yanhong Financing Guarantee Co.,Ltd. Pledgor: BEIJING SHUDUN INFORMATION TECHNOLOGY Co.,Ltd. Registration number: Y2021990000232 |
|
| PC01 | Cancellation of the registration of the contract for pledge of patent right | ||
| PC01 | Cancellation of the registration of the contract for pledge of patent right |
Date of cancellation: 20220325 Granted publication date: 20190823 Pledgee: Beijing Yanhong Financing Guarantee Co.,Ltd. Pledgor: BEIJING SHUDUN INFORMATION TECHNOLOGY CO.,LTD. Registration number: Y2021990000232 |
|
| CP02 | Change in the address of a patent holder | ||
| CP02 | Change in the address of a patent holder |
Address after: 100000 901, Floor 9, Building 7, Yard 8, Auto Museum East Road, Fengtai District, Beijing Patentee after: BEIJING SHUDUN INFORMATION TECHNOLOGY CO.,LTD. Address before: Room 101-502, 5 / F, building 10, courtyard 3, fengxiu Middle Road, Haidian District, Beijing 100083 Patentee before: BEIJING SHUDUN INFORMATION TECHNOLOGY CO.,LTD. |