CN111031055A - IPsec acceleration device and implementation method - Google Patents

IPsec acceleration device and implementation method Download PDF

Info

Publication number
CN111031055A
CN111031055A CN201911319422.4A CN201911319422A CN111031055A CN 111031055 A CN111031055 A CN 111031055A CN 201911319422 A CN201911319422 A CN 201911319422A CN 111031055 A CN111031055 A CN 111031055A
Authority
CN
China
Prior art keywords
data
authentication
module
algorithm
ipsec
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201911319422.4A
Other languages
Chinese (zh)
Other versions
CN111031055B (en
Inventor
张鹏程
张洪柳
刘天明
刘树伟
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Qingdao Fangcun Microelectronic Technology Co ltd
Shandong Fangcun Microelectronics Technology Co Ltd
Original Assignee
Qingdao Fangcun Microelectronic Technology Co ltd
Shandong Fangcun Microelectronics Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Qingdao Fangcun Microelectronic Technology Co ltd, Shandong Fangcun Microelectronics Technology Co Ltd filed Critical Qingdao Fangcun Microelectronic Technology Co ltd
Priority to CN201911319422.4A priority Critical patent/CN111031055B/en
Publication of CN111031055A publication Critical patent/CN111031055A/en
Application granted granted Critical
Publication of CN111031055B publication Critical patent/CN111031055B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0435Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply symmetric encryption, i.e. same key used for encryption and decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • H04L63/123Applying verification of the received information received data contents, e.g. message integrity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/50Network services
    • H04L67/56Provisioning of proxy services
    • H04L67/565Conversion or adaptation of application format or content
    • H04L67/5651Reducing the amount or size of exchanged application data
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L69/00Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
    • H04L69/06Notations for structuring of protocol data, e.g. abstract syntax notation one [ASN.1]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L69/00Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
    • H04L69/22Parsing or analysis of headers
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0643Hash functions, e.g. MD5, SHA, HMAC or f9 MAC

Abstract

The utility model provides an IPsec accelerator and a realization method, comprising an SA LIST module, an IPsec accelerator module, an SM4 and AES module, an SM3 and SHA-1 module, a DATA FIFO module, a MASTER module, an ARBITER module and an SLAVE module; the IPsec accelerator module is used for reading an effective SA pointer from the read descriptor, retrieving the SA LIST module according to the SA pointer, selecting the operation information of the current data packet, automatically adding a head part to the data packet according to the selected operation information by using hardware, selecting an encryption algorithm, checking and calculating the data packet and writing the check sum into a corresponding address; the method and the device for processing the IPsec flow process have the advantages that part of operations in the IPsec flow process are processed in a hardware mode, the load of a CPU is reduced, and an acceleration effect is achieved.

Description

IPsec acceleration device and implementation method
Technical Field
The present disclosure relates to the field of IPsec acceleration calculation, and in particular, to an IPsec acceleration apparatus and an implementation method.
Background
The statements in this section merely provide background information related to the present disclosure and may not necessarily constitute prior art.
With the continuous development of life, the role played by network technology in our daily life is more and more important and is closely related to our life. However, how to ensure the confidentiality of transmitted information in such a large network environment is a great problem, and IPsec is a security mechanism that is often adopted at present.
The inventor of the present disclosure finds that most products on the market today process IPsec by software, which increases the load of the CPU, and the processing speed of information depends on the performance of the CPU.
Disclosure of Invention
In order to solve the defects of the prior art, the present disclosure provides an IPsec acceleration apparatus and an implementation method, which process a part of operations in the IPsec process in a hardware manner, reduce the load of a CPU, and achieve an acceleration effect.
In order to achieve the purpose, the following technical scheme is adopted in the disclosure:
a first aspect of the disclosure provides an IPsec acceleration apparatus.
An IPsec accelerating device comprises an SA LIST module, an IPsec accelerator module, an SM4 and AES module, an SM3 and SHA-1 module, a DATA FIFO module, a MASTER module, an ARBITER module and a SLAVE module;
the MASTER module is used for reading back the descriptor by the sending end, retrieving data to be subjected to IPsec acceleration processing according to an address in the read-back descriptor, and writing the state back to the descriptor after the IPsec acceleration processing is finished; the device is used for reading the descriptor back by a receiving end, moving the processed IPsec data to a corresponding position according to an address in the read descriptor, and writing the state back to the descriptor; the SLAVE module is used for exchanging DATA with a network interface, and the DATA FIFO module is used for storing a DATA packet read back by the MASTER module, a DATA packet subjected to IPsec acceleration processing and a DATA packet transmitted by the SLAVE module;
the SM4 and AES module is used for encrypting the data of the sending end and decrypting the data of the receiving end; the SM3 and SHA-1 module authenticates the data of the sending end and performs integrity check on the data of the receiving end; the ARBITER module is used for processing the processing priority between a plurality of descriptor rings at the transmitting end and a plurality of descriptor rings at the receiving end;
the SA LIST module is used for storing parameters needed by IPsec acceleration, the IPsec accelerator module is used for reading an effective SA pointer from the read descriptor, retrieving the SA LIST module according to the SA pointer, selecting the operation information of the current data packet from the SA pointer, automatically adding a head to the data packet by using hardware according to the selected operation information, selecting an encryption algorithm, checking and calculating the data packet, and writing the check sum into a corresponding address.
As some possible implementations, the SA LIST module stores therein at least a serial number, an AH authentication algorithm selection, an AH authentication key, an ESP encryption and authentication selection, an ESP encryption algorithm selection, an ESP encryption key, an ESP authentication algorithm selection, an ESP authentication key, an ESP IV value, a mode selection, a protocol selection, a PMTU, an SPI, and a destination IP address.
As some possible implementation manners, the IPsec accelerator module is further configured to decompose a large data packet into data packets conforming to the size of the PMTU according to the PMTU, and the hardware automatically adds a header to the data packet according to the selected information.
As a further limitation, the IPsec accelerator module selects an encryption algorithm, which includes at least an authentication algorithm, data padding, and padding of verification data.
As some possible implementation manners, the SLAVE module is configured to transmit the data packet subjected to the IPsec acceleration processing to the network controller, and the data packet received by the network controller enters the IPsec acceleration processing module through the SLAVE.
The second aspect of the disclosure provides a method for implementing IPsec acceleration.
An IPsec acceleration implementation method, which utilizes the IPsec acceleration apparatus according to the first aspect of the present disclosure, includes the following steps:
step 6-1: external software finishes the operation of the descriptor and starts the IPsec accelerating device;
6-2: reading back the descriptor by the MASTER, and taking out an SA index pointer, a data packet initial address and a data packet length;
step 6-3: the IPsec accelerator takes out corresponding operating parameters from the SA LIST according to the index pointer;
step 6-4: determining whether the data packet needs to be subjected to sub-packet operation according to the extracted PMTU;
step 6-5: extracting an IP header and a TCP/UDP header cache from a first retrieved data packet, calculating a checksum of a TCP/UDP part and filling the checksum in a corresponding position, operating according to corresponding operating parameters in SA LIST, adding an AH/ESP data packet header to the data packet, and processing according to different transmission modes;
step 6-6: and after the IPsec data processing is finished, informing a network controller to take the data away, updating the serial number and the ESP IV value in the corresponding SA, simultaneously checking whether the packetization is finished, finishing the operation if the packetization is finished, and continuing the processing from the step 6-5 if the packetization is not finished.
As some possible implementation manners, in the step 6-4, if the packetization operation is not needed, the data packet is retrieved in its entirety; if the packet operation is needed, determining the packet size according to the PMTU, and if the packet is an IP or UDP/IP data packet, performing fragmentation on an IP layer; if the data packets are TCP/IP data packets, performing sub-packaging on a TCP layer, and sequentially retrieving the data packets according to values;
as some possible implementation manners, in step 6-5, the transmission mode includes a transmission mode under an AH protocol, specifically: clearing a variable part in an IP head, starting an authentication algorithm, sending an authentication key and data to an algorithm module, waiting for the completion of authentication, and writing the authentication data back to the tail of a corresponding data packet; restoring the variable part to an initial value, carrying out IP checksum calculation on the data packet again, and writing the checksum back to an IP head;
as some possible implementation manners, in step 6-5, the transmission mode includes a tunnel mode under the AH protocol, specifically: clearing a variable part in an external IP head, starting an authentication algorithm, sending an authentication key and data to an algorithm module, waiting for the completion of authentication, and writing the authentication data back to the tail of a corresponding data packet; restoring the variable part to an initial value, carrying out checksum calculation of an external IP head on the data packet again, and writing the checksum back to the IP head;
as some possible implementations, in step 6-5, the transmission mode includes a transmission mode under the ESP protocol, and at least one of the encryption algorithm and the authentication algorithm must be valid, specifically:
if the encryption algorithm is not needed, skipping, if the encryption algorithm is needed, calling the corresponding algorithm to perform key expansion, after the key expansion is completed, sending the data to be encrypted and the initial IV to an encryption algorithm module to perform calculation, waiting for the encryption to be completed, and writing the data back to the corresponding position of the data packet;
if the authentication algorithm is not needed, skipping, if the authentication algorithm is needed, sending the authentication key and the data to an authentication algorithm module together, waiting for the completion of authentication, and writing the result back to the corresponding data packet position;
rewriting the IP head length again, calculating the checksum of the new IP head and writing back the checksum to the corresponding position;
as some possible implementations, in step 6-5, the transmission mode includes a tunnel mode under the ESP protocol, and at least one of the encryption algorithm and the authentication algorithm must be valid, specifically:
if the encryption algorithm is not needed, skipping, if the encryption algorithm is needed, calling the corresponding algorithm to perform key expansion, after the key expansion is completed, sending the data to be encrypted and the initial IV to an encryption algorithm module to perform calculation, waiting for the encryption to be completed, and writing the data back to the corresponding position of the data packet;
if the authentication algorithm is not needed, the process skips, and if the authentication algorithm is needed, the authentication key and the data are sent to the authentication algorithm module together to wait for the completion of the authentication. Writing the result back to the corresponding data packet position;
and rewriting the length of the external IP header, calculating the checksum of the new external IP header and writing the checksum back to the corresponding position.
A third aspect of the present disclosure provides a method for implementing IPsec acceleration.
An IPsec acceleration implementation method, which utilizes the IPsec acceleration apparatus according to the first aspect of the present disclosure, and a receiving flow at a receiving end, includes the following steps:
step 8-1: firstly, checking, calculating and comparing received data packets entering from a SLAVE port;
step 8-2: after the comparison is passed, determining whether the fragment packet is the fragment packet of the IP layer, if so, performing IPsec processing, and directly handing the fragment packet to a CPU for processing after aggregation; if not, extracting three items of data of SPI, destination IP address and protocol, and caching IP head and verification data;
step 8-3: the IPsec accelerator queries SA LIST through the three items of data, and if the SA LIST is not found, the data packet is discarded and reported; if the data packet is found, extracting a processing mode of the data packet from the SA LIST;
step 8-4: the IPsec accelerator processes the data packet according to different transmission modes according to a data packet processing mode extracted from the SA LIST;
and 8-5: after the IPsec is verified, checking and calculating corresponding data, and writing back to a corresponding position after the calculation is completed;
and 8-6: and writing the data back to the corresponding address in the descriptor through the MASTER port. After the transfer is complete, the descriptor state is modified and the network controller is notified that the data transfer is complete.
As some possible implementation manners, in step 8-4, the transmission mode includes a transmission mode under an AH protocol, specifically: clearing a variable part in an IP head, starting an authentication algorithm, sending an authentication key and data to an algorithm module, waiting for the completion of authentication, comparing the authentication data with the previously stored received authentication data, and if the authentication data is consistent with the received authentication data, passing the verification; if not, discarding and reporting;
as some possible implementation manners, in step 8-4, the transmission mode includes a tunnel mode under the AH protocol, specifically: clearing a variable part in an external IP head, starting an authentication algorithm, sending an authentication key and data to an algorithm module, waiting for the completion of authentication, comparing the authentication data with the received authentication data stored before, if the authentication data is consistent with the received authentication data, passing the verification, and if the authentication data is not consistent with the received authentication data, discarding and reporting the authentication data;
as some possible implementations, in step 8-4, the transmission mode includes a transmission mode under the ESP protocol, and at least one of the encryption algorithm and the authentication algorithm must be valid, specifically:
if the authentication algorithm is not needed, skipping, if the authentication algorithm is needed, sending the authentication key and the data to an authentication algorithm module together, waiting for the completion of authentication, comparing the result with the authentication data stored in advance, and if the result is consistent with the authentication data, passing the verification; if not, discarding and reporting;
if the decryption algorithm is not needed, skipping, if the decryption algorithm is needed, calling the corresponding algorithm to perform key expansion, after the key expansion is completed, sending the data to be decrypted and the initial IV to an encryption algorithm module to perform calculation, and after the decryption is completed, writing the data back to the corresponding position of the data packet;
as some possible implementations, in step 8-4, the transmission mode includes a tunnel mode under the ESP protocol, and at least one of the encryption algorithm and the authentication algorithm must be valid, specifically:
skip if authentication algorithms do not need to be used; and if the authentication algorithm needs to be used, sending the authentication key and the data to the authentication algorithm module together to wait for the completion of the authentication. Comparing the result with the cached authentication data, and if the result is consistent with the cached authentication data, passing the verification; if not, discarding and reporting;
skip if decryption algorithm is not needed; if the decryption algorithm needs to be used, the corresponding algorithm is called for key expansion, after the key expansion is completed, the data to be decrypted and the initial IV are sent to an encryption algorithm module for calculation, and after the encryption is completed, the data are written back to the corresponding position of the data packet.
As some possible implementation manners, in step 8-5, the transmission mode is to check the application layer protocol and not to do it if not;
the tunnel mode is to check the inner IP layer and application layer protocol and if not, do not.
Compared with the prior art, the beneficial effect of this disclosure is:
1. the IPsec accelerating device can complete work such as verification and calculation and big packet splitting, and puts work originally belonging to a network controller and a TCP/IP protocol stack into an IPsec accelerator, so that the workload of the network controller is reduced, and meanwhile, the IPsec accelerating device can be used by a plurality of network controllers together.
2. According to the method and the device, the large data packet can be automatically split into the data packets which accord with the size of the PMTU in the IPsec processing process, software only needs to process the whole large data packet once, the checksum, the split and the IPsec processing are completed by hardware, the participation of the software in processing is reduced, and the load of a CPU is reduced.
3. The method and the device can process the whole process by using an internal handshake mechanism in the IPsec processing process, reduce software participation, reduce unnecessary waiting time and improve the processing speed of the IPsec.
4. The method can realize a one-to-many network card support mode, reduce the use of hardware resources, can realize the one-to-many mode by butting a plurality of network controllers through the SLAVE interface and processing the SLAVE request according to a certain priority, and does not need each network controller to be butted with an IPsec accelerator.
5. The bus bandwidth can be reasonably utilized, and the resource utilization is maximized. Because the transmission of the network controller only needs 1000Mb/s at most and is far less than the internal bandwidth, the plurality of network controllers work in sequence to realize the reasonable utilization of the bandwidth.
6. The present disclosure is compatible with the Linux software processing framework, and supports the turning off and on of GSO (generic SegmentOfflow).
Drawings
Fig. 1 is a schematic architecture diagram of an IPsec acceleration apparatus according to embodiment 1 of the present disclosure.
Detailed Description
It should be noted that the following detailed description is exemplary and is intended to provide further explanation of the disclosure. Unless defined otherwise, all technical and scientific terms used herein have the same meaning as commonly understood by one of ordinary skill in the art to which this disclosure belongs.
It is noted that the terminology used herein is for the purpose of describing particular embodiments only and is not intended to be limiting of example embodiments according to the present disclosure. As used herein, the singular forms "a", "an" and "the" are intended to include the plural forms as well, and it should be understood that when the terms "comprises" and/or "comprising" are used in this specification, they specify the presence of stated features, steps, operations, devices, components, and/or combinations thereof, unless the context clearly indicates otherwise.
The embodiments and features of the embodiments in the present disclosure may be combined with each other without conflict.
Example 1:
for internet security requirements, the IETF (internet engineering task force) promulgates the IP layer security protocol IPsec. The IPsec is an IP security protocol standard, which refers to a security protocol standard that provides security protection for network transmission at an IP layer, and mainly functions to introduce a security mechanism into an IP protocol to protect network transmission security.
The IPsec protocol (AH/ESP) can be used to protect a complete IP packet, or to protect upper layer protocol packets above the IP layer (e.g. TCP/UDP, etc.). These two types of protection correspond to two transmission modes in IPsec, respectively: a transport mode and a tunnel mode.
In this embodiment, AH/ESP is mainly added to a network data packet in a hardware manner, and a specific implementation architecture is shown in fig. 1, and specifically includes an SA LIST module, an IPsec accelerator module, an SM4 and AES module, an SM3 and SHA-1 module, a DATAFIFO module, a MASTER module, an ARBITER module, and a SLAVE module.
(1)SA LIST
The IPsec accelerating system is mainly responsible for storing parameters required by IPsec accelerating and mainly comprises the following parameters:
1) serial number
2) AH authentication algorithm selection (SM3/SHA-1)
3) AH authentication key
4) ESP encryption and authentication selection
5) ESP encryption algorithm selection (SM4/AES)
6) ESP encryption key
7) ESP authentication algorithm selection (SM3/SHA-1)
8) ESP authentication key
9) ESP IV value
10) Mode selection (transport/tunnel)
11) Protocol selection (AH/ESP)
12)PMTU
13)SPI
14) Destination IP address
(2) IPsec accelerator
Mainly responsible for accelerating the operation of IPsec, read out the valid SA pointer from the descriptor read back, then retrieve SA LIST according to SA pointer, choose the operation information of the present data packet from it;
the large data packet can be decomposed into data packets conforming to the size of the PMTU according to the PMTU, and then the hardware automatically adds a header to the data packets according to the selected information;
the encryption algorithm is selected according to different algorithms, the authentication algorithm (under the ESP protocol, the encryption algorithm and the authentication algorithm are optional and can be simultaneously valid but cannot be simultaneously invalid), the data padding (symmetric encryption under the ESP protocol, if there is no confidentiality requirement, padding is to arrange fields 'padding length' and 'next header' to the right or the true length of a hidden load) and the padding of the verification data (verification data under the AH protocol), the data packet can be checked and calculated, and the check sum can be written into addresses corresponding to multiple phases.
(3)SM4/AES
The method is mainly responsible for encrypting the data of the sending end and decrypting the data of the receiving end. Mainly used under the ESP protocol and when the encryption algorithm is chosen for use.
The algorithm mainly uses a CBC mode; the IV value is shared with the authentication algorithm of the ESP. The algorithm input block requirement is an integer multiple of 128 bits. Encrypting and decrypting an IP load (not containing an ESP header) in a transmission mode; the outer IP payload (containing no ESP header but the inner IP header and its payload) is encrypted and decrypted in tunnel mode.
(4)SM3/SHA-1
The method is mainly responsible for authenticating the data of the sending end and checking the integrity of the data of the receiving end. The AH/ESP protocol is used, but is optional. In this embodiment, the HMAC (hardware implementation) calculates the final authentication value. Since the complement operations are explicitly specified in the algorithmic protocol, the complement operations are implemented in the algorithmic modules using hardware. The transmission mode under the ESP protocol verifies the IP load (does not contain a verification data area needing to be filled); tunnel mode authenticates the outer IP payload (containing the inner IP header but no verification data field). The transmission mode under the AH protocol authenticates the entire packet (the variable part needs to be calculated as 0, and it is not distinguished between the transmission mode and the tunnel mode).
(5)DATA FIFO
The system is mainly responsible for storing data packets read back by MASTER, data packets processed by IPsec and data packets transmitted through SLAVE interface.
(6)MASTER
The system is mainly responsible for reading back the descriptor by a sending end, then retrieving data to be subjected to IPsec processing according to an address in the read-back descriptor, and after the IPsec processing is finished, writing the state back to the descriptor; and the receiving terminal reads back the descriptor, moves the IPsec data which is processed to a corresponding position according to the address in the read-back descriptor, and then writes the state back to the descriptor.
(7)ARBITER
The system is mainly responsible for processing applications from different network controllers and comprises two processing modes of polling and variable priority.
(8)SLAVE
The main responsibility is to exchange data with the network interface: transmitting the data packet processed by the IPsec to a network controller; the data packet received by the network controller enters the IPsec acceleration processing module through SLAVE.
The IPsec acceleration implementation of this embodiment is mainly applied to improve the processing speed of the IPsec. Wherein, the IKE process, the repeated data packet processing of the receiving end and the life cycle maintenance of the SA are completed by software, and the rest operations are realized by hardware.
The method mainly comprises a sending process of a sending end and a receiving process of a receiving end.
The sending process of the sending end specifically comprises the following steps:
(A) the software finishes the operation of the descriptor, and then starts the IPsec acceleration module;
(B) reading back the descriptor by the MASTER, and taking out an SA index pointer, a data packet initial address and a data packet length;
(C) the IPsec Accelalate takes out corresponding operation parameters from the SA LIST according to the index pointer;
(D) determining whether the data packet needs to be subjected to sub-packet operation according to the extracted PMTU; if the sub-packaging operation is not needed, the data packet is taken back completely; if the packet operation is needed, determining the packet size according to the PMTU (if the packet is an IP or UDP/IP data packet, the packet is fragmented at an IP layer, if the packet is a TCP/IP data packet, the packet is performed at a TCP layer), and then sequentially retrieving the data packets according to the values;
(E) extracting an IP header (possibly a tunnel packet, comprising two headers and a checksum calculation of an inner header) from the first data packet to be retrieved, buffering the TCP/UDP header (only the first data header of the split data packet needs to be buffered), and calculating the checksum of the TCP/UDP part and filling the checksum into the corresponding position. Then, the operation is performed according to the corresponding operation parameters in the SA LIST, and an AH/ESP (which does not support the two simultaneous cases temporarily) packet header is added to the packet. When filling the AH header, the authentication data length of the AH header needs to be confirmed, and padding may be needed to ensure that the AH header is an integer multiple of 32(IPv4) or 64(IPv6) bits (including calculation, and uniformly processing as zero during authentication); when filling the ESP header, it is necessary to ensure that the data length to be encrypted and decrypted is an integer multiple of 128 bits (the minimum encrypted and decrypted data block of AES/SM4 is 128 bits);
the operation is carried out according to the following conditions:
(E-1) in a transmission mode under an AH protocol, clearing a variable part in an IP head (option or extension head is calculated according to the whole), then starting an authentication algorithm, sending an authentication key and data to an algorithm module, waiting for the completion of authentication, and writing authentication data back to the tail of a corresponding data packet; then restoring the variable part to an initial value, then carrying out IP checksum calculation on the data packet again, and writing the checksum back to an IP header;
(E-2) in a tunnel mode under an AH protocol, clearing a variable part in an external IP header (option or extension header is calculated according to the whole), then starting an authentication algorithm, sending an authentication key and data to an algorithm module, waiting for the completion of authentication, and writing authentication data back to the tail of a corresponding data packet; then restoring the variable part to an initial value, then carrying out checksum calculation of an external IP header on the data packet again, and writing the checksum back to the IP header;
(E-3) Transmission mode under ESP protocol, encryption algorithm and authentication algorithm must at least one be valid:
(E-3-1) skipping if the encryption algorithm is not required to be used; if the encryption algorithm needs to be used, the corresponding algorithm is called to perform key expansion, after the key expansion is completed, the data to be encrypted (not including the IP header and the ESP header) and the initial IV are sent to the encryption algorithm module to be calculated, and the encryption is waited to be completed. Writing the data back to the corresponding position of the data packet;
(E-3-2) skipping if the authentication algorithm is not required to be used; and if the authentication algorithm needs to be used, sending the authentication key and the data to the authentication algorithm module together to wait for the completion of the authentication. Writing the result back to the corresponding data packet position;
(E-3-3) rewriting the IP header length, calculating a checksum of the new IP header and writing back the checksum to a corresponding location;
(E-4) a tunnel mode under the ESP protocol, at least one of an encryption algorithm and an authentication algorithm must be valid;
(E-4-1) skipping if the encryption algorithm is not required to be used; if the encryption algorithm needs to be used, the corresponding algorithm is called to perform key expansion, after the key expansion is completed, the data to be encrypted (which does not contain the external IP header and the ESP header) and the initial IV are sent to the encryption algorithm module to be calculated, and the encryption is waited to be completed. Writing the data back to the corresponding position of the data packet;
(E-4-2) skipping if the authentication algorithm is not required to be used; and if the authentication algorithm needs to be used, sending the authentication key and the data to the authentication algorithm module together to wait for the completion of the authentication. Writing the result back to the corresponding data packet position;
(E-4-3) rewriting the length of the outer IP header, calculating a checksum of the new outer IP header and writing back the checksum to a corresponding location;
(F) IPsec data processing is complete and the network controller is notified to take the data away. Updating the serial number and ESP IV value in the corresponding SA (only when used, the updating is needed after the end, and the adding 1 operation is carried out); and (4) simultaneously checking whether the subpackaging is finished, if so, finishing the operation, and if not, continuing from the step (E).
The receiving end receives the flow, specifically:
(a) firstly, checking, calculating and comparing received data packets entering from a SLAVE port;
(b) after the comparison is passed, determining whether the fragment packet is the fragment packet of the IP layer, if so, performing IPsec processing, and directly handing the fragment packet to a CPU for processing after aggregation; if not, extracting three items of SPI, destination IP address (outer IP header when tunnel) and protocol (AH/ESP); meanwhile, caching the IP header (the outer IP header when the tunnel is used) and the verification data;
(c) the IPsec acceleror inquires the SA LIST through the triples, and if the SA LIST is not found, the data packet is discarded and reported; if the data packet is found, extracting a processing mode of the data packet from the SA LIST;
(d) the IPsec acceleror processes the data packet according to the data packet processing mode extracted from the SA LIST;
(d-1) in the transmission mode under the AH protocol, the variable part in the IP header needs to be cleared (option or extension header is calculated as a whole), then the authentication algorithm is started, the authentication key and data are sent to the algorithm module, the authentication is finished, and the authentication data are compared with the received authentication data which are stored before. If the two are consistent, the verification is passed; if not, discarding and reporting;
(d-2) in the tunnel mode under the AH protocol, the variable part in the external IP header needs to be cleared (option or extension header is calculated as a whole), then an authentication algorithm is started, an authentication key and data are sent to an algorithm module, the authentication is finished, and the authentication data are compared with the received authentication data stored before; if the two are consistent, the verification is passed; if not, discarding and reporting;
(d-3) a transmission mode under the ESP protocol, at least one of an encryption algorithm and an authentication algorithm must be valid;
(d-3-1) skipping if the authentication algorithm is not required to be used; and if the authentication algorithm needs to be used, sending the authentication key and the data to the authentication algorithm module together to wait for the completion of the authentication. Comparing the result with authentication data stored in advance, and if the result is consistent with the authentication data, passing the verification; if not, discarding and reporting;
(d-3-2) skipping if the decryption algorithm is not required; if the decryption algorithm needs to be used, the corresponding algorithm is called to perform key expansion, after the key expansion is completed, the data to be decrypted (not including the IP header and the ESP header) and the initial IV are sent to the encryption algorithm module to be calculated, and the decryption is completed. Writing the data back to the corresponding position of the data packet;
(d-4) a tunnel mode under the ESP protocol, at least one of an encryption algorithm and an authentication algorithm must be valid;
(d-4-1) skipping if the authentication algorithm is not required to be used; and if the authentication algorithm needs to be used, sending the authentication key and the data to the authentication algorithm module together to wait for the completion of the authentication. Comparing the result with the cached authentication data, and if the result is consistent with the cached authentication data, passing the verification; if not, discarding and reporting;
(d-4-2) skipping if the decryption algorithm is not required; if the decryption algorithm needs to be used, the corresponding algorithm is called to perform key expansion, after the key expansion is completed, the data to be decrypted (without the external IP header and the ESP header) and the initial IV are sent to the encryption algorithm module to be calculated, and the encryption is waited to be completed. Writing the data back to the corresponding position of the data packet;
(e) and after the IPsec verification is completed, checking and calculating corresponding data. The transmission mode is to check and sum the application layer protocol (TCP/UDP, if not, it does not); the tunnel mode is a checksum over the internal IP layer and application layer protocols (TCP/UDP, if not done). Writing back the corresponding position after the processing is finished;
(f) and writing the data back to the corresponding address in the descriptor through the MASTER port. After the transfer is complete, the descriptor state is modified and the network controller is notified that the data transfer is complete.
The above description is only a preferred embodiment of the present disclosure and is not intended to limit the present disclosure, and various modifications and changes may be made to the present disclosure by those skilled in the art. Any modification, equivalent replacement, improvement and the like made within the spirit and principle of the present disclosure should be included in the protection scope of the present disclosure.

Claims (10)

1. An IPsec accelerator device is characterized by comprising an SA LIST module, an IPsec accelerator module, an SM4 module, an AES module, an SM3 module, an SHA-1 module, a DATA FIFO module, a MASTER module, an ARBITER module and an SLAVE module;
the MASTER module is used for reading back the descriptor by the sending end, retrieving data to be subjected to IPsec acceleration processing according to an address in the read-back descriptor, and writing the state back to the descriptor after the IPsec acceleration processing is finished; the device is used for reading the descriptor back by a receiving end, moving the processed IPsec data to a corresponding position according to an address in the read descriptor, and writing the state back to the descriptor; the SLAVE module is used for exchanging DATA with a network interface, and the DATA FIFO module is used for storing a DATA packet read back by the MASTER module, a DATA packet subjected to IPsec acceleration processing and a DATA packet transmitted by the SLAVE module;
the SM4 and AES module is used for encrypting the data of the sending end and decrypting the data of the receiving end; the SM3 and SHA-1 module authenticates the data of the sending end and performs integrity check on the data of the receiving end; the ARBITER module is used for processing the processing priority between a plurality of descriptor rings at the transmitting end and a plurality of descriptor rings at the receiving end;
the SA LIST module is used for storing parameters needed by IPsec acceleration, the IPsec accelerator module is used for reading an effective SA pointer from the read descriptor, retrieving the SA LIST module according to the SA pointer, selecting the operation information of the current data packet from the SA pointer, automatically adding a head to the data packet by using hardware according to the selected operation information, selecting an encryption algorithm, checking and calculating the data packet, and writing the check sum into a corresponding address.
2. The IPsec acceleration apparatus of claim 1, wherein at least a serial number, an AH authentication algorithm selection, an AH authentication key, an ESP encryption and authentication selection, an ESP encryption algorithm selection, an ESP encryption key, an ESP authentication algorithm selection, an ESP authentication key, an ESP IV value, a mode selection, a protocol selection, a PMTU, an SPI, and a destination IP address are stored in the SA LIST module.
3. The IPsec accelerator apparatus of claim 1, wherein the IPsec accelerator module is further configured to split large packets into PMTU sized packets based on the PMTU, the hardware automatically adding headers to the packets based on the selected information.
4. The IPsec accelerator apparatus of claim 3, wherein the IPsec accelerator module selects an encryption algorithm comprising at least an authentication algorithm, a data stuffing, and a stuffing of verification data.
5. The IPsec acceleration apparatus of claim 1, wherein the SLAVE module is configured to transmit the IPsec-accelerated data packet to a network controller, and the data packet received by the network controller enters the IPsec acceleration module via the SLAVE.
6. An IPsec acceleration implementation method, wherein the IPsec acceleration apparatus as claimed in any of claims 1 to 5 is used for a transmission flow at a transmitting end, and the method comprises the following steps:
step 6-1: external software finishes the operation of the descriptor and starts the IPsec accelerating device;
6-2: reading back the descriptor by the MASTER, and taking out an SA index pointer, a data packet initial address and a data packet length;
step 6-3: the IPsec accelerator takes out corresponding operating parameters from the SA LIST according to the index pointer;
step 6-4: determining whether the data packet needs to be subjected to sub-packet operation according to the extracted PMTU;
step 6-5: extracting an IP header and a TCP/UDP header cache from a first retrieved data packet, calculating a checksum of a TCP/UDP part and filling the checksum in a corresponding position, operating according to corresponding operating parameters in SA LIST, adding an AH/ESP data packet header to the data packet, and processing according to different transmission modes;
step 6-6: and after the IPsec data processing is finished, informing a network controller to take the data away, updating the serial number and the ESP IV value in the corresponding SA, simultaneously checking whether the packetization is finished, finishing the operation if the packetization is finished, and continuing the processing from the step 6-5 if the packetization is not finished.
7. The method of claim 6, wherein in step 6-4, if no packetization is required, the entire data packet is retrieved; if the packet operation is needed, determining the packet size according to the PMTU, and if the packet is an IP or UDP/IP data packet, performing fragmentation on an IP layer; if the data packets are TCP/IP data packets, performing sub-packaging on a TCP layer, and sequentially retrieving the data packets according to values;
alternatively, the first and second electrodes may be,
in step 6-5, the transmission mode includes a transmission mode under an AH protocol, which specifically includes: clearing a variable part in an IP head, starting an authentication algorithm, sending an authentication key and data to an algorithm module, waiting for the completion of authentication, and writing the authentication data back to the tail of a corresponding data packet; restoring the variable part to an initial value, carrying out IP checksum calculation on the data packet again, and writing the checksum back to an IP head;
alternatively, the first and second electrodes may be,
in step 6-5, the transmission mode includes a tunnel mode under an AH protocol, specifically: clearing a variable part in an external IP head, starting an authentication algorithm, sending an authentication key and data to an algorithm module, waiting for the completion of authentication, and writing the authentication data back to the tail of a corresponding data packet; restoring the variable part to an initial value, carrying out checksum calculation of an external IP head on the data packet again, and writing the checksum back to the IP head;
alternatively, the first and second electrodes may be,
in step 6-5, the transmission mode includes a transmission mode under an ESP protocol, and at least one of an encryption algorithm and an authentication algorithm must be valid, specifically:
if the encryption algorithm is not needed, skipping, if the encryption algorithm is needed, calling the corresponding algorithm to perform key expansion, after the key expansion is completed, sending the data to be encrypted and the initial IV to an encryption algorithm module to perform calculation, waiting for the encryption to be completed, and writing the data back to the corresponding position of the data packet;
if the authentication algorithm is not needed, skipping, if the authentication algorithm is needed, sending the authentication key and the data to an authentication algorithm module together, waiting for the completion of authentication, and writing the result back to the corresponding data packet position;
rewriting the IP head length again, calculating the checksum of the new IP head and writing back the checksum to the corresponding position;
alternatively, the first and second electrodes may be,
in step 6-5, the transmission mode includes a tunnel mode under the ESP protocol, and at least one of the encryption algorithm and the authentication algorithm must be valid, specifically:
if the encryption algorithm is not needed, skipping, if the encryption algorithm is needed, calling the corresponding algorithm to perform key expansion, after the key expansion is completed, sending the data to be encrypted and the initial IV to an encryption algorithm module to perform calculation, waiting for the encryption to be completed, and writing the data back to the corresponding position of the data packet;
if the authentication algorithm is not needed, the process skips, and if the authentication algorithm is needed, the authentication key and the data are sent to the authentication algorithm module together to wait for the completion of the authentication. Writing the result back to the corresponding data packet position;
and rewriting the length of the external IP header, calculating the checksum of the new external IP header and writing the checksum back to the corresponding position.
8. An IPsec acceleration implementation method, wherein a receiving flow at a receiving end by using the IPsec acceleration apparatus as claimed in any of claims 1 to 5, comprises the following steps:
step 8-1: firstly, checking, calculating and comparing received data packets entering from a SLAVE port;
step 8-2: after the comparison is passed, determining whether the fragment packet is the fragment packet of the IP layer, if so, performing IPsec processing, and directly handing the fragment packet to a CPU for processing after aggregation; if not, extracting three items of data of SPI, destination IP address and protocol, and caching IP head and verification data;
step 8-3: the IPsec accelerator queries SA LIST through the three items of data, and if the SA LIST is not found, the data packet is discarded and reported; if the data packet is found, extracting a processing mode of the data packet from the SA LIST;
step 8-4: the IPsec accelerator processes the data packet according to different transmission modes according to a data packet processing mode extracted from the SA LIST;
and 8-5: after the IPsec is verified, checking and calculating corresponding data, and writing back to a corresponding position after the calculation is completed;
and 8-6: and writing the data back to the corresponding address in the descriptor through the MASTER port. After the transfer is complete, the descriptor state is modified and the network controller is notified that the data transfer is complete.
9. An implementation method of IPsec acceleration as recited in claim 8, wherein in step 8-4, the transmission mode comprises a transmission mode under an AH protocol, specifically: clearing a variable part in an IP head, starting an authentication algorithm, sending an authentication key and data to an algorithm module, waiting for the completion of authentication, comparing the authentication data with the previously stored received authentication data, and if the authentication data is consistent with the received authentication data, passing the verification; if not, discarding and reporting;
alternatively, the first and second electrodes may be,
in step 8-4, the transmission mode includes a tunnel mode under an AH protocol, which specifically includes: clearing a variable part in an external IP head, starting an authentication algorithm, sending an authentication key and data to an algorithm module, waiting for the completion of authentication, comparing the authentication data with the received authentication data stored before, if the authentication data is consistent with the received authentication data, passing the verification, and if the authentication data is not consistent with the received authentication data, discarding and reporting the authentication data;
alternatively, the first and second electrodes may be,
in step 8-4, the transmission mode includes a transmission mode under an ESP protocol, and at least one of an encryption algorithm and an authentication algorithm must be valid, specifically:
if the authentication algorithm is not needed, skipping, if the authentication algorithm is needed, sending the authentication key and the data to an authentication algorithm module together, waiting for the completion of authentication, comparing the result with the authentication data stored in advance, and if the result is consistent with the authentication data, passing the verification; if not, discarding and reporting;
if the decryption algorithm is not needed, skipping, if the decryption algorithm is needed, calling the corresponding algorithm to perform key expansion, after the key expansion is completed, sending the data to be decrypted and the initial IV to an encryption algorithm module to perform calculation, and after the decryption is completed, writing the data back to the corresponding position of the data packet;
alternatively, the first and second electrodes may be,
in step 8-4, the transmission mode includes a tunnel mode under the ESP protocol, and at least one of the encryption algorithm and the authentication algorithm must be valid, specifically:
skip if authentication algorithms do not need to be used; and if the authentication algorithm needs to be used, sending the authentication key and the data to the authentication algorithm module together to wait for the completion of the authentication. Comparing the result with the cached authentication data, and if the result is consistent with the cached authentication data, passing the verification; if not, discarding and reporting;
skip if decryption algorithm is not needed; if the decryption algorithm needs to be used, the corresponding algorithm is called for key expansion, after the key expansion is completed, the data to be decrypted and the initial IV are sent to an encryption algorithm module for calculation, and after the encryption is completed, the data are written back to the corresponding position of the data packet.
10. The method of claim 8, wherein in step 8-5, the transmission mode is checksum of application layer protocol, and if not, it is not;
the tunnel mode is to check the inner IP layer and application layer protocol and if not, do not.
CN201911319422.4A 2019-12-19 2019-12-19 IPsec acceleration device and implementation method Active CN111031055B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201911319422.4A CN111031055B (en) 2019-12-19 2019-12-19 IPsec acceleration device and implementation method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201911319422.4A CN111031055B (en) 2019-12-19 2019-12-19 IPsec acceleration device and implementation method

Publications (2)

Publication Number Publication Date
CN111031055A true CN111031055A (en) 2020-04-17
CN111031055B CN111031055B (en) 2021-10-12

Family

ID=70209870

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201911319422.4A Active CN111031055B (en) 2019-12-19 2019-12-19 IPsec acceleration device and implementation method

Country Status (1)

Country Link
CN (1) CN111031055B (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113438097A (en) * 2021-05-21 2021-09-24 翱捷科技股份有限公司 Method and device for realizing network acceleration

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20020188839A1 (en) * 2001-06-12 2002-12-12 Noehring Lee P. Method and system for high-speed processing IPSec security protocol packets
US6708273B1 (en) * 1997-09-16 2004-03-16 Safenet, Inc. Apparatus and method for implementing IPSEC transforms within an integrated circuit
US20050074005A1 (en) * 2003-10-06 2005-04-07 Hitachi, Ltd. Network-processor accelerator
CN103188264A (en) * 2013-03-25 2013-07-03 清华大学深圳研究生院 On-line network security processor and on-line network security processing method
CN103988483A (en) * 2011-10-14 2014-08-13 思杰系统有限公司 Systems and methods for dynamic adaptation of network accelerators

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6708273B1 (en) * 1997-09-16 2004-03-16 Safenet, Inc. Apparatus and method for implementing IPSEC transforms within an integrated circuit
US20020188839A1 (en) * 2001-06-12 2002-12-12 Noehring Lee P. Method and system for high-speed processing IPSec security protocol packets
US20050074005A1 (en) * 2003-10-06 2005-04-07 Hitachi, Ltd. Network-processor accelerator
CN1606291A (en) * 2003-10-06 2005-04-13 株式会社日立制作所 Network-processor accelerator
CN103988483A (en) * 2011-10-14 2014-08-13 思杰系统有限公司 Systems and methods for dynamic adaptation of network accelerators
CN103188264A (en) * 2013-03-25 2013-07-03 清华大学深圳研究生院 On-line network security processor and on-line network security processing method

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113438097A (en) * 2021-05-21 2021-09-24 翱捷科技股份有限公司 Method and device for realizing network acceleration
CN113438097B (en) * 2021-05-21 2022-08-23 翱捷科技股份有限公司 Method and device for realizing network acceleration

Also Published As

Publication number Publication date
CN111031055B (en) 2021-10-12

Similar Documents

Publication Publication Date Title
US7194766B2 (en) Method and system for high-speed processing IPSec security protocol packets
AU2003226286B2 (en) Processing a packet using multiple pipelined processing modules
WO2019092593A1 (en) Nic with programmable pipeline
US7360076B2 (en) Security association data cache and structure
EP1423963B1 (en) Techniques for offloading cryptographic processing for multiple network traffic streams
EP1203477B1 (en) Protection of communications
US7266703B2 (en) Single-pass cryptographic processor and method
US8447898B2 (en) Task offload to a peripheral device
US7656894B2 (en) Offloading processing tasks to a peripheral device
US20020188871A1 (en) System and method for managing security packet processing
US20070101023A1 (en) Multiple task offload to a peripheral device
JP5205075B2 (en) Encryption processing method, encryption processing device, decryption processing method, and decryption processing device
US20060023877A1 (en) Encryption apparatus and encryption method
US20060174058A1 (en) Recirculation buffer for semantic processor
US20080028210A1 (en) Packet cipher processor and method
US20220201020A1 (en) Dynamic adaption of arw management with enhanced security
CN111031055B (en) IPsec acceleration device and implementation method
US7603549B1 (en) Network security protocol processor and method thereof
CN100502348C (en) Network safety processing equipment and method thereof
US11677727B2 (en) Low-latency MACsec authentication
US11599649B2 (en) Method and apparatus for managing transmission of secure data packets
CN113810397A (en) Protocol data processing method and device
US20200177540A1 (en) In-line transmission control protocol processing engine using a systolic array
CN104980497B (en) ESP encapsulation process devices based on Wishbone buses
JP5149863B2 (en) Communication device and communication processing method

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant