CN111683093A - Dynamic covert communication method based on IPv6 network - Google Patents

Dynamic covert communication method based on IPv6 network Download PDF

Info

Publication number
CN111683093A
CN111683093A CN202010517404.3A CN202010517404A CN111683093A CN 111683093 A CN111683093 A CN 111683093A CN 202010517404 A CN202010517404 A CN 202010517404A CN 111683093 A CN111683093 A CN 111683093A
Authority
CN
China
Prior art keywords
information
ipv6
address
dynamic
secret
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202010517404.3A
Other languages
Chinese (zh)
Inventor
廖鑫
黄梓航
陈嘉欣
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Hunan University
Original Assignee
Hunan University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Hunan University filed Critical Hunan University
Priority to CN202010517404.3A priority Critical patent/CN111683093A/en
Publication of CN111683093A publication Critical patent/CN111683093A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/45Network directories; Name-to-address mapping
    • H04L61/4505Network directories; Name-to-address mapping using standardised directories; using standardised directory access protocols
    • H04L61/4511Network directories; Name-to-address mapping using standardised directories; using standardised directory access protocols using domain name system [DNS]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0618Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation
    • H04L9/0625Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation with splitting of the data block into left and right halves, e.g. Feistel based algorithms, DES, FEAL, IDEA or KASUMI
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0838Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2101/00Indexing scheme associated with group H04L61/00
    • H04L2101/60Types of network addresses
    • H04L2101/618Details of network addresses
    • H04L2101/659Internet protocol version 6 [IPv6] addresses

Abstract

The invention relates to a dynamic covert communication method based on an IPv6 network. The invention mainly comprises the following steps: (1) an information embedding scheme based on an IPv6 data packet is provided; (2) an interface identification alternative scheme based on an IPv6 address is provided; (3) a dynamic information transmission strategy in an IPv6 network environment is provided. Compared with the prior art, the dynamic covert communication method based on the IPv6 network has strong key information concealment and protects the sender address. The method of the invention is feasible and effective, and has good use effect in the aspect of information hiding communication.

Description

Dynamic covert communication method based on IPv6 network
Technical Field
The invention relates to the technical field of information security and network security, in particular to a dynamic covert communication method based on an IPv6 network.
Background
The development of scientific technology makes the information transmission between networks more and more convenient, and a large amount of data information is transmitted between networks every day. Because of the characteristics of high efficiency, high speed and low cost of information transmission between networks, people often use network communication as a preferred mode of information transmission. However, from the perspective of network security and information security, the key data information transmitted between networks is likely to be obtained by the attacker, which causes immeasurable loss. In the current stage of network communication, information is mostly embedded into a network data packet, and the data packet reaches the hand of a receiver through the transmission of layers such as a network layer, a transmission layer and the like. Therefore, from the viewpoint of network security and information security, it is necessary to investigate how network information is embedded in a packet.
The network covert communication technology is firstly applied to the IPv4 network environment, and constructs a data packet containing secret information based on a specific design strategy by using the redundancy characteristics of a network protocol. The effective data packet conforms to the specification of the protocol, and the intermediate network equipment can carry out normal forwarding work without perceiving the hidden secret information. For example, the document "mapping data in the OSI network model," International works hop on Information mapping spring, Berlin, Heidelberg,1996 "analyzes the possibility of covert communication using each of the seven layers of the network layer protocol, and proposes to use certain fields in the IP protocol as a carrier of covert Information. The hidden communication based on bit transformation is to utilize some changeable fields (usually HOP-Limit fields) in the protocol in the transmission process, and to change some bits in the fields by a specific steganography method according to the field value change characteristics, so that the changed information is changed into secret information for transmission. The document "Su, Purui, and d.feng." a typical noise coverage channel the IP protocol, "International kanahan Conference on Security technology ieee,2004," proposes a method for covert communication using TTL. For covert communication of upper layer packets in the network layer, the literature "Fisk, Gina, et al," experimental learning in Internet traffic with active codes, "International works on Information high. spring, Berlin, Heidelberg, 2002" proposes to use RST reset position in TCP messages for covert communication. Similarly, the classical implementation of a hidden channel for TCP mainly includes: and ACK Command. The ACK Command is proposed by the Swiss, the mechanism only uses a TCP packet with an ACK mark for communication, and the secret information is directly placed in the load of an ACK data packet for transmission by constructing a special ACK message. For the implementation of covert communication of ICMP, it is well known to be ICMP SHELL developed by Peter Kieltyka, which only uses ICMP Echo/Reply for communication during communication. The technology uses a firewall to check the ICMP data packet for loose condition, replaces the load information in the ICMP data packet with secret information, and uses the secret information to directly carry out covert communication. Meanwhile, the method has higher reliability, and can determine whether the information is successfully sent to the receiver by comparing the load contents of the request packet and the response packet in the bidirectional command channel.
However, the security of the covert communication method cannot be completely guaranteed, and the address information of the communication end node can be directly exposed to an attacker of the intermediate link, so that the source node can be attacked. Meanwhile, the mode of the data content carried is easily interfered and damaged by the forwarding equipment of the intermediate node. Considering the application prospect of the IPv4 network address being distributed and the IPv6 network at the present stage, and the characteristics of longer number of network address bits, more redundant fields and wider stipulation of the IPv6 network address, the invention aims to improve the information transmission safety under the IPv6 network environment, and provides a dynamic hidden communication method based on the IPv6 network.
Disclosure of Invention
The invention provides a dynamic covert communication method of an IPv6 network, which is used for transmitting key secret information between networks and mainly comprises three contents:
(1) an information embedding scheme based on an IPv6 data packet is provided;
(2) an interface identification alternative scheme based on an IPv6 address is provided;
(3) a dynamic information transmission strategy in an IPv6 network environment is provided.
The specific contents are as follows:
(1) an information embedding scheme based on an IPv6 data packet is provided: at present, IPv6 mostly focuses on the encryption process of secret information in covert communication, but the source address of the sender is extremely easy to be exposed to an attacker in the transmission process of network data packets. Therefore, the first problem of IPv6 covert communication is to solve the problem of easy source address exposure, and the first step is to find a method for replacing the source address part in the network packet.
The IPv6 address has 128 bits in total, and includes two parts, a subnet prefix 64 bits long and an interface identifier 64 bits long. Due to the particularity of the subnet prefix, the subnet prefix is not changed in the process of replacing the source address. The interface identifier of IPv6 is based on the IEEEEUI-64 format, and the sender of the message modifies the interface identification part of the source address without suspicion. Therefore, the invention replaces the interface identification part with 64 bits, and the security of the source address is ensured.
Similarly, the routing option header in the extension header of IPv6 provides routing functionality by listing a list of all nodes through which a packet passes in the path to the destination. The header may be self-populated by the sender and may include a number of different IPv6 addresses. Due to the particularity of the IPv6 address subnet prefix, the IP address in the routing option header still only modifies the interface identification portion, with an alternative length of 64 bits.
In order to protect the source address of a sender and prevent secret information from being captured by an attacker, the dynamically changed secret information is placed in an interface identification part of an IPv6 address to realize the hidden transmission of data, and after the sender obtains the encrypted secret information, the secret information is selected to be embedded into the interface identification part of the source address or more information is embedded into the interface identification part of the IPv6 address in a routing option header according to the length of the information. Meanwhile, in order to make the data packet more conventional and not easily perceived by an attacker, part of the information may be embedded into the network layer upper layer protocol data packet, including but not limited to UDP protocol, TCP protocol, and DNS protocol.
In summary, the IPv6 packet information embedding scheme proposed in this embodiment mainly embeds secret information into the interface identifier portion of the IPv6 address to replace the sender source address information that may be exposed, and at the same time, can match part of the network layer upper layer protocol packet to achieve the purpose of transmitting secret data.
(2) An interface identification alternative scheme based on an IPv6 address is provided: the IPv6 address identification interface replacement scheme comprehensively considers the structure and the characteristics of an IPv6 address and the stability and the ciphertext length of each encryption algorithm, and encrypts and embeds key information on the basis.
We can see that IPv6 addresses are made up of lower case letters and numbers, in some cases ": the" indicates an omitted consecutive 0. Meanwhile, the IPv6 subnet prefix is 64 bits long. In the invention, in order to further ensure the security of data and make the length of secret information more stable, the method is suitable for embedding the subnet prefix. We encrypt the secret information input by the sender using Blowfish algorithm. The encryption mode carries out encryption by sharing a Key, the Key length is 8 bytes, 8-byte-long plaintext information can be changed into 64-bit-long ciphertext information, and the length of the ciphertext information is exactly the same as that of the subnet prefix. There are several cases for this identification interface alternative:
1, the length of plaintext information is less than 8 bytes;
2, the length of the plaintext information is greater than 8 bytes but not an integral multiple of 8;
the 3 plaintext information length is greater than 8 bytes and is an integer of 8.
Aiming at the three situations, the secret information length meets the requirement of embedding density by adopting a filling or splitting mode. The method comprises the following steps that (1) if the length of plaintext information Message input by a user is L bytes, a specific algorithm flow is as follows, a sender inputs Key, and after the Message, whether the length of the Message meets the standard is judged:
A=L%8 (1)
a represents the remainder of dividing the length L of the Message by 8, if A is 0, the Message length is in accordance with the requirement, otherwise:
Message=Message+‘/0’×A (2)
the above formula represents the padding process of the character string, when the length of the input plaintext is not an integer of 8 bytes, we adopt the character string padding mode to make the plaintext meet the requirement, and the padded character is '/0'. After the first condition is met, if the length of the filled plaintext is equal to 8 bytes, the plaintext is encrypted by using a Key and then is filled into a subnet prefix of a sender, and a source address field of an IPv6 data packet is replaced. If the length of the filled plaintext is larger than 8 bytes, the length of each group of the plaintext which is split by the user is 8 bytes. After the splitting is completed, all plaintext is encrypted through a Key, and the encrypted content of the first 8 bytes is filled into the source address part of the IPv6 data packet. The remaining information is once constructed into IPv6 addresses in this manner and is sequentially filled into the routing options header.
After receiving the data packet, the receiver extracts the interface identification part in the IP address from the source address part and the routing option header part in sequence, and decrypts through the shared secret Key Key to obtain real plaintext information.
(3) The information dynamic transmission strategy under the IPv6 network environment is provided: as shown in fig. 1, the transmission policy adopts a mode of combining a plurality of keys with a plurality of encryption modes to realize dynamic information covert communication in an IPv6 network environment. The dynamic transmission strategy provided by the invention is dynamic in that: firstly, according to the difference between the sending information and the used secret key, the source address of the sending party is continuously changed, so that the address information of the sending party is protected; different encryption modes are adopted for encrypting the time information alternately, so that the safety of the information can be guaranteed better.
According to the foregoing, the Key secret information is encrypted by using Blowfish, and since multiple uses of a single Key may be broken by an attacker, this approach uses 24 shared keystime(time 1, 2.., 24) is encrypted according to a key corresponding to time, for example: key for 12 point correspondence12. Before communication, a sender and a receiver can firstly confirm whether the sender and the receiver can normally send and receive information, in order to achieve the purpose, the sender firstly sends a DNS data packet to the receiver, a session identifier and a query name are constructed, the query name comprises a time English expression in time information when the current information is edited, for example, Eleven expresses that the time when the current information is edited is 11 am, and encryption are carried out through DES, and the secret Key is a shared secret Key Keydes. After receiving the message, the receiver returns a message of successful reception, and the two parties enter the information transceiving flow of the journey. The sender follows the shared secret Key (Key) corresponding to the time information in the previous data packettime) The key secret information is encrypted using the Blowfish algorithm. Meanwhile, four encryption modes (AES, DES, 3DES and Blowfish) are used for sequentially carrying out time information from 0 to 24 according to the difference of the time information in the previous data packetAnd encrypting and embedding the encrypted information into a UDP message after the IPv6 message for transmission, wherein the corresponding secret key is shared by the two parties in advance. The subsequent data packet encryption is carried out in such a way, and the encryption mode and the key selection correspond to the time information of the previous data packet.
Compared with the prior art, the technical scheme at least has the following beneficial effects:
1. according to the secret information embedding strategy based on the IPv6 network, provided by the invention, by analyzing the structural characteristics of an IPv6 data packet and combining the length and form characteristics of a ciphertext obtained by encrypting secret information, the secret information is embedded into a source address part in the IPv6 data packet and a path option header part in an extended header, so that a new research thought is provided for the subsequent hidden communication research under the IPv6 environment.
2. The invention provides a dynamic covert communication mode, according to the difference between the sending information and the used secret key, the source address of the sending party in the data packet is continuously changed. Meanwhile, the time information is encrypted in a mode of alternating a plurality of encryption modes. The method can protect the secret information and the IP address of the information sender, ensure the correct receiving rate of the secret information and show more practical application significance in daily life.
Drawings
FIG. 1 is a schematic diagram of "dynamic information transmission strategy in IPv6 network environment" according to the present invention;
FIG. 2 is a flow chart of the present invention.
Detailed Description
The invention discloses a dynamic covert communication method based on an IPv6 network. The following describes a specific embodiment of the present invention by taking the example that the transmission key secret information is Beijing, the sender IP address is 2001:250:4402:1112: 66, and the editing information time is 14 pm. It should be understood by those skilled in the art that these embodiments are only for explaining the technical principle of the present invention, and are not intended to limit the forensic scope of the present invention.
The development language is python, and the specific steps are as follows:
step 1: two-party communicationInitial preparation of (1). The information sender needs to know the IP address of the information receiver and configure the network card and port information of the local machine at the same time. The information receiver needs to configure its own network card information and vacate the port required by network communication. When configuring the port information, a firewall needs to be set to a certain degree, and the information receiving and sending functions of the corresponding ports are opened. Meanwhile, the two parties share key information required for encryption and decryption. Secret Key comprising DES encryption of first communication packetdes24 time Key keystime(time 1, 2.., 24) and four encryption methods (AES, DES, 3DES, and Blowfish) and corresponding keys.
Step 2: and the two communication parties establish connection. Before secret communication between two parties, a sender and a receiver mutually transmit a data packet to ensure normal communication. The first packet sent by the sender is used to transmit the actual sender IP address and the time (in this case fourten) when the packet was edited. The first communication packet of the invention adopts a DNS data packet, the sending port is 53, the session identifier of the DNS data packet is set to be 1233, and the secret Key is used by FourendesEncrypted and embedded in the query name field of the data packet. After receiving the DNS packet, if the session identifier is 1233, the information receiver indicates that the information of the sender can be normally received, and returns the DNS packet, where the session identifier of the packet is set to 1234. Key for receiverdesAnd decrypting the time information in the query name to obtain the time information Fouren.
And step 3: encryption and embedding of secret information. The information Beijing only has 7 bytes, accords with the judgment condition (1) of the identification interface replacement scheme, has a plaintext information length smaller than 8 bytes, and needs to be filled with information. The filled plaintext information is Beijing/0, and the length of 8 bytes is satisfied and is an integral multiple of 8. Since the editing time is 14 pm, Beijing/0 uses the Key Key14(in order of Key14Hdhwyqwt for example) is encrypted by Blowfish algorithm, and the encrypted ciphertext is CF8CD0D0DBD6C8F 3. The interface identification part cf8c: d0d0: dbd6: c8f3 constructed as the IPv6 address is connected with the source address subnet prefix, and a new IP address 2001:250:4402:1112: cf8c: d0d0: dbd6: c8f3 is constructed to replace the source address in the IPv6 data packetThe contents. Meanwhile, the encryption algorithm 3DES corresponding to the time Fourteen encrypts the time for editing the data packet by the 3DES and then embeds the time into a UDP data packet in an upper layer protocol of a network layer to transmit the data packet to a receiver.
And 4, step 4: receiving and decrypting information: after the receiver receives the data packet transmitted by the sender, because the time information extracted from the previous data packet is fourten, the receiver selects the corresponding decryption Key14And decrypting the key information extracted from the interface identification field of the source address. Meanwhile, the algorithm 3DES corresponding to the time is used for decrypting the time information in the UDP data packet.
In conclusion, aiming at the characteristics of the IPv6 network, the invention designs a dynamic covert communication technology based on the IPv6 network. The technology combines the characteristics of network data packets, adopts a new secret embedding position and a dynamic encryption mode, and better protects the transmission of secret information.
It will be appreciated by persons skilled in the art that the scope of the present invention is not limited to the specific embodiments described. Equivalent changes or substitutions of related technical features can be made by those skilled in the art without departing from the principle of the invention, and it is noted that the technical solutions after the changes or substitutions will fall within the protection scope of the invention.

Claims (4)

1. A dynamic covert communication method based on an IPv6 network is characterized by comprising the following steps:
(1) an information embedding scheme based on an IPv6 data packet is provided;
(2) an interface identification alternative scheme based on an IPv6 address is provided;
(3) a dynamic information transmission strategy in an IPv6 network environment is provided.
2. The IPv6 packet-based information embedding scheme according to claim 1, wherein the replacement method for modifiable fields in IPv6 packets specifically comprises:
for the source address part in the IPv6 header, the interface identification part in the address may be changed to secret information to be filled, and the IP address containing the secret information may also be filled into the routing option header in the IPv6 extension header.
3. The IPv6 address-based interface identification alternative scheme according to claim 1, wherein the secret information construction method based on IPv6 address structure characteristics specifically comprises:
the length of the information byte to be transmitted is changed into integral multiple of 8 by using a '0' filling mode, then the information is split according to a group of 8 bytes and encrypted by adopting a Blowfish algorithm, and the information is connected with the subnet prefix of the IP to which the sender belongs to construct a new IP address.
4. The dynamic information transmission policy under the IPv6 network environment according to claim 1, wherein the combination of the time information, the key, and the encryption information specifically includes:
and dynamic encryption strategies are adopted according to the time information. Aiming at the Blowfish algorithm, 24 keys are used to correspond to the time information, and different keys are adopted for encryption according to the time condition of the editing information; and (DES, AES, 3DES and Blowfish) are adopted for the transmitted time information to be encrypted in turn and alternately.
CN202010517404.3A 2020-06-09 2020-06-09 Dynamic covert communication method based on IPv6 network Pending CN111683093A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202010517404.3A CN111683093A (en) 2020-06-09 2020-06-09 Dynamic covert communication method based on IPv6 network

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010517404.3A CN111683093A (en) 2020-06-09 2020-06-09 Dynamic covert communication method based on IPv6 network

Publications (1)

Publication Number Publication Date
CN111683093A true CN111683093A (en) 2020-09-18

Family

ID=72435650

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010517404.3A Pending CN111683093A (en) 2020-06-09 2020-06-09 Dynamic covert communication method based on IPv6 network

Country Status (1)

Country Link
CN (1) CN111683093A (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115174520A (en) * 2022-06-09 2022-10-11 郑州信大捷安信息技术股份有限公司 Network address information hiding method and system
CN117714219A (en) * 2024-02-18 2024-03-15 中国电子科技集团公司第三十研究所 Hidden restoring method for equipment address/identifier and message transmission method

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101764690A (en) * 2008-12-24 2010-06-30 广东电子工业研究院有限公司 Internet-based secret information communicating method
US20160357782A1 (en) * 2015-06-02 2016-12-08 GeoFrenzy, Inc. Geofence Information Delivery Systems and Methods
CN108540288A (en) * 2018-04-16 2018-09-14 成都泰盟软件有限公司 It is a kind of using timestamp to the dynamic rsa encryption of Ultralight radio-frequency cards and recognition methods
CN109582478A (en) * 2018-12-04 2019-04-05 湖南大学 The research method of covert channel based on GPU

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101764690A (en) * 2008-12-24 2010-06-30 广东电子工业研究院有限公司 Internet-based secret information communicating method
US20160357782A1 (en) * 2015-06-02 2016-12-08 GeoFrenzy, Inc. Geofence Information Delivery Systems and Methods
CN108540288A (en) * 2018-04-16 2018-09-14 成都泰盟软件有限公司 It is a kind of using timestamp to the dynamic rsa encryption of Ultralight radio-frequency cards and recognition methods
CN109582478A (en) * 2018-12-04 2019-04-05 湖南大学 The research method of covert channel based on GPU

Non-Patent Citations (3)

* Cited by examiner, † Cited by third party
Title
MONALI MAVANI: "Covert channel in IPv6 Destination option Extension header", 《2014 INTERNATIONAL CONFERENCE ON CIRCUITS,SYSTEMS,COMMUNICATIONS AND INFORMAION TECHNOLOGY APPLICATIONS》 *
NORKA B. LUCENA: "Covert Channels in IPv6", 《LECTURE NOTES IN COMPUTER SCIENCE》 *
曹旭,费金龙: "动态隐蔽通信机制", 《信息工程大学学报》 *

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115174520A (en) * 2022-06-09 2022-10-11 郑州信大捷安信息技术股份有限公司 Network address information hiding method and system
CN115174520B (en) * 2022-06-09 2023-06-23 郑州信大捷安信息技术股份有限公司 Network address information hiding method and system
CN117714219A (en) * 2024-02-18 2024-03-15 中国电子科技集团公司第三十研究所 Hidden restoring method for equipment address/identifier and message transmission method
CN117714219B (en) * 2024-02-18 2024-04-23 中国电子科技集团公司第三十研究所 Hidden restoring method for equipment address/identifier and message transmission method

Similar Documents

Publication Publication Date Title
US11283772B2 (en) Method and system for sending a message through a secure connection
Hennebert et al. Security protocols and privacy issues into 6LoWPAN stack: A synthesis
Stallings IPv6: the new Internet protocol
CN101682656B (en) Method and apparatus for protecting the routing of data packets
CN103905180B (en) Method for enabling classical application to have access to quantum communication network
US7360083B1 (en) Method and system for providing end-to-end security solutions to aid protocol acceleration over networks using selective layer encryption
US20020042875A1 (en) Method and apparatus for end-to-end secure data communication
CN104272674A (en) Multi-tunnel virtual private network
CN101529805A (en) Relay device
CN109639650B (en) Secret communication method based on grouping longitudinal random subdivision and path separation transmission
JP2008104040A (en) Common key producing device, and common key producing method
JP2010521846A (en) Securing IP traffic
US20070162746A1 (en) Secure communication system and method of IPV4/IPV6 integrated network system
JP2006101051A (en) Server, vpn client, vpn system, and software
Rajagopal et al. Fibre channel over tcp/ip (fcip)
US7346926B2 (en) Method for sending messages over secure mobile communication links
CN111683093A (en) Dynamic covert communication method based on IPv6 network
CN111194541B (en) Apparatus and method for data transmission
CN101309270B (en) Method, system, gateway and network node implementing internet security protocol
Watteyne et al. RFC 8930: On Forwarding 6LoWPAN Fragments over a Multi-Hop IPv6 Network
CN112600802B (en) SRv6 encrypted message and SRv6 message encryption and decryption methods and devices
Bittau et al. TCP-ENO: Encryption negotiation option
WO2008114007A1 (en) Data communication method and apparatus
EP1973275A1 (en) Data communications method and apparatus
JP6075871B2 (en) Network system, communication control method, communication control apparatus, and communication control program

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
WD01 Invention patent application deemed withdrawn after publication

Application publication date: 20200918

WD01 Invention patent application deemed withdrawn after publication