CN112511548B - Method and device for preventing replay attack - Google Patents

Method and device for preventing replay attack Download PDF

Info

Publication number
CN112511548B
CN112511548B CN202011402237.4A CN202011402237A CN112511548B CN 112511548 B CN112511548 B CN 112511548B CN 202011402237 A CN202011402237 A CN 202011402237A CN 112511548 B CN112511548 B CN 112511548B
Authority
CN
China
Prior art keywords
packet
data
bits
key agreement
identity authentication
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202011402237.4A
Other languages
Chinese (zh)
Other versions
CN112511548A (en
Inventor
马俊明
边杏宾
张清萍
郑伟伟
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Cetc Pengyue Electronic Technology Co ltd
Original Assignee
Cetc Pengyue Electronic Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Cetc Pengyue Electronic Technology Co ltd filed Critical Cetc Pengyue Electronic Technology Co ltd
Priority to CN202011402237.4A priority Critical patent/CN112511548B/en
Publication of CN112511548A publication Critical patent/CN112511548A/en
Application granted granted Critical
Publication of CN112511548B publication Critical patent/CN112511548B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/045Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply hybrid encryption, i.e. combination of symmetric and asymmetric encryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0876Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic

Abstract

The invention belongs to the technical field of information security networks, and particularly relates to a method and a device for preventing replay attack, which comprise the following steps: initializing a receiving end memory and setting two temporary variables; a receiving end receives the data packets, performs functional sub-packaging on the data packets one by one and adds new data packet headers; reading a packet header of the data packet after decryption; converting the packet header of the received data packet into a long integer value and an integer value; judging whether the packet data is a playback packet data; it is determined whether the communication is ended. Compared with the existing random number adding method, the random number adding method has the advantages that the receiver does not need to store all sent random numbers, and the system overhead of the receiver is greatly saved; compared with the existing timestamp, the invention skillfully utilizes the incrementability of the clock signal without time synchronization of the system; compared with the existing serial number adding method, the method increases the cracking difficulty by using the data packets according to the functional sub-packets; the invention is used for preventing replay attack.

Description

Method and device for preventing replay attack
Technical Field
The invention belongs to the technical field of information security networks, and particularly relates to a method and a device for preventing replay attack.
Background
Replay Attacks (Replay Attacks), also known as Replay Attacks, Replay Attacks or Freshness Attacks (Freshness Attacks), refer to Attacks that an attacker sends a packet that a destination host has received to achieve the purpose of deceiving a system, and Replay Attacks may occur in any network communication process, especially in a key information infrastructure communication network.
In order to protect the security of data, the common practice of communication systems is to use encryption transmission, which can effectively prevent data from being stolen, tampered and forged, however, if the system cannot identify the retransmitted data packet, especially if the retransmitted data packet has an independent function (such as an instruction or a transaction), a replay attack can make an attacker achieve the purpose of destroying the data without decrypting the data. The general method for preventing replay attack in an encryption communication system is to add one or two methods of random number, time stamp, serial number and the like in the communication process.
The disadvantages of the conventional anti-replay attack method are as follows: 1. the method for adding the random number has the phenomenon that the random number is repeated possibly to cause misjudgment in practice; 2. the time stamp method has higher requirements on system time synchronization; 3. the serial number method has the characteristics of complex occupation and maintenance of system resources; 4. in addition, the method and the device for preventing the replay attack of the nuclear power station instrument control system provide a mode of executing instructions each time and applying and sending verification authorization codes to solve the replay attack, and although the replay attack can be solved, certain loss is inevitably brought to the real-time performance of the system.
Disclosure of Invention
In view of the above technical problems, the present invention provides a method and an apparatus for preventing replay attack with low cost, simple operation and high efficiency.
In order to solve the technical problems, the invention adopts the technical scheme that:
a method of preventing replay attacks, comprising the steps of:
s1, initializing the receiving end memory and setting two temporary variables: long integer T0 ═ 0, integer X0 ═ 0;
s2, the receiving end receives the data packet, and carries out function sub-packaging and new data packet head addition to the data packet one by one;
s3, reading the packet header of the data packet after decryption operation;
s4, converting the first 32 bits of the received data packet header into a long integer value T1, and converting the last 16 bits into an integer value X1;
s5, comparing T0 and T1, if T0> T1, judging that the packet data is replayed, discarding the packet, and returning to S3 to process the packet header of the next data packet;
s6, if T0 is less than T1, assigning T0 to be T1 and X0 to be 0, and entering a normal data processing flow;
s7, if T0 is T1, comparing X0 with X1, if X0 is more than or equal to X1, judging that the packet data is replayed, discarding the packet, and returning to S3 to process the packet header of the next packet;
s8, if the X0 is less than X1, assigning X0 to X1, and entering a normal data processing flow;
and S9, judging whether the communication is finished, if not, returning to S3 to process the next packet header, and if so, finishing the communication.
The process of performing function sub-packaging on the data packets packet by packet in S2 is as follows:
identity authentication 1, { [ key agreement 1, (packet 11, packet 12 …, packet 1n) ], [ key agreement 2, (packet 21, packet 22 …, packet 2n) ] …, [ key agreement m, (packet m1, packet m2 …, packet mn) ] },
identity authentication 2, { [ key agreement 1, (packet 11, packet 12 …, packet 1n) ], [ key agreement 2, (packet 21, packet 22 …, packet 2n) ] …, [ key agreement m, (packet m1, packet m2 …, packet mn) ] },
…,
identity authentication k, { [ key agreement 1, (packet 11, packet 12 …, packet 1n) ], [ key agreement 2, (packet 21, packet 22 …, packet 2n) ] …, [ key agreement m, (packet m1, packet m2 …, packet mn) ] } …;
the k, the m and the n are natural numbers, the validity period of the identity authentication 1 is t1, the validity period time of the key agreement 1 is t2, the time of single data packet encrypted communication is t3, the t1 is approximately equal to m × t2 is approximately equal to m × n × t3, and the m × n < 65535.
The identity authentication and the key agreement adopt an asymmetric encryption algorithm SM9, and the data packet transmission adopts a symmetric encryption algorithm SM 4.
The method for adding a new packet header in S2 includes: comprises the following steps:
s2.1, identity authentication data packet: the method comprises the steps that a sending end reads a sending end clock before identity authentication each time, the clock format is converted into a long and integral 32-bit clock, the accurate minimum unit of the clock is second, the first 32 bits are filled, and the last 16 bits are fully filled with 0;
s2.2, a key negotiation data packet: filling the first 32 bits, the 32 th to 40 th bits by using an identity authentication clock, adding 1 to the serial number of the key agreement packet from 1 each time, and filling 0 in the last 8 bits;
s2.3, data packet 11-1 n: the first 40 bits of the key agreement data packet are used to fill the first 40 bits, 41-48 bits, and the sequence number of the filling data packet is increased by 1 each time from 1.
In S3, the first 6 bytes of the packet header are read after the decryption operation.
The device for preventing replay attack comprises a sending end and a receiving end, wherein the sending end and the receiving end carry out safe communication in a mixed encryption mode, the sending end and the receiving end respectively comprise a processor, a clock, a memory, an input module and an output module, and the processor is respectively and electrically connected with the clock, the memory, the input module and the output module.
Compared with the prior art, the invention has the following beneficial effects:
compared with the existing random number adding method, the random number adding method has the advantages that the receiver does not need to store all sent random numbers, and the system overhead of the receiver is greatly saved; compared with the existing timestamp, the invention skillfully utilizes the incrementability of the clock signal without time synchronization of the system; compared with the existing serial number adding method, the method increases the cracking difficulty by using the data packets according to the functional sub-packets; compared with the existing challenge response mechanism, the method is relatively simple to implement.
Drawings
FIG. 1 is a flow chart of the operation of the present invention;
FIG. 2 is a diagram of a packet time series according to the present invention;
FIG. 3 is a diagram of a packet header structure according to the present invention;
FIG. 4 is a schematic composition diagram of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
A method of preventing replay attacks, as shown in fig. 1, comprising the steps of:
step 1, initializing a receiving end memory to set two temporary variables: long integer T0 ═ 0, integer X0 ═ 0;
step 2, the receiving end receives the data packet, and carries out functional sub-packaging and new data packet headers on the data packet by packet;
step 3, reading the packet head of the data packet after decryption operation;
step 4, converting the first 32 bits of the received data packet header into a long integer value T1, and converting the last 16 bits into an integer value X1;
step 5, comparing T0 with T1, if T0> T1, judging that the packet data is replayed, discarding the packet, and returning to the step 3 to process the packet header of the next data packet;
step 6, if the T0 is less than T1, assigning T0 to T1 and X0 to 0, and entering a normal data processing flow;
step 7, if T0 is T1, comparing X0 with X1, if X0 is not less than X1, determining that the packet data is replayed, discarding the packet, and returning to step 3 to process the packet header of the next packet;
step 8, if the X0 is less than X1, assigning X0 to X1, and entering a normal data processing flow;
and 9, judging whether the communication is finished or not, if not, returning to the step 3 to process the next data packet header, and if so, finishing the communication.
Further, the process of performing function sub-packaging on the data packets one by one in the step 2 is as follows:
identity authentication 1, { [ key agreement 1, (packet 11, packet 12 …, packet 1n) ], [ key agreement 2, (packet 21, packet 22 …, packet 2n) ] …, [ key agreement m, (packet m1, packet m2 …, packet mn) ] },
identity authentication 2, { [ key agreement 1, (packet 11, packet 12 …, packet 1n) ], [ key agreement 2, (packet 21, packet 22 …, packet 2n) ] …, [ key agreement m, (packet m1, packet m2 …, packet mn) ] },
…,
identity authentication k, { [ key agreement 1, (packet 11, packet 12 …, packet 1n) ], [ key agreement 2, (packet 21, packet 22 …, packet 2n) ] …, [ key agreement m, (packet m1, packet m2 …, packet mn) ] } …;
wherein: k. m and n are natural numbers, the validity period of the identity authentication 1 is t1, the validity period time of the key agreement 1 is t2, the time of single data packet encrypted communication is t3, the t1 is approximately equal to m t2 is approximately equal to m n t3, and the m n is < 65535. A communication system packet time sequence diagram is shown in fig. 2, and a communication time axis is defined as: from left to right and from top to bottom. It can be seen from the figure that the single authentication validity period T1 ≈ m ≈ T2 (ignoring single authentication time), and the single symmetric key validity period T2 ≈ n ≈ T3 (ignoring single key agreement time), where T3 is the data transmission time of the encrypted packets of a single subdivision function. It is known that the longer the validity period of the key is, the more frequently the key is used, the lower the security is, but the too short the validity period of the key causes the system communication efficiency to be greatly reduced. The invention balances the safety and efficiency of the system by reasonably adjusting the times m of key agreement in single identity authentication and the number n of encrypted data packets in single symmetric key transmission. The threshold values of m and n are adjusted according to actual conditions, the smaller the threshold value is, the higher the safety factor is, but the efficiency is reduced at the same time, the efficiency and the safety are considered, and the threshold values of m and n are both 255.
Further, preferably, the identity authentication and the key agreement adopt an asymmetric encryption algorithm SM9, and the data packet transmission adopts a symmetric encryption algorithm SM 4.
Further, the method for adding a new packet header in step 2 is as follows: comprises the following steps:
step 2.1, identity authentication data packet: the method comprises the steps that a sending end reads a sending end clock before identity authentication each time, the clock format is converted into a long and integral 32-bit clock, the accurate minimum unit of the clock is second, the first 32 bits are filled, and the last 16 bits are fully filled with 0;
step 2.2, key negotiation data packet: filling the first 32 bits and the 32 th-40 th bits by using an identity authentication clock, adding 1 to the serial number of the key negotiation packet from 1 each time, and filling 0 in the last 8 bits;
step 2.3, data packet 11-1 n: the first 40 bits of the key agreement data packet are used to fill the first 40 bits, 41-48 bits, and the sequence number of the filling data packet is increased by 1 each time from 1.
Further, after the decryption operation in step 3, the first 6 bytes of the packet header are read.
The device for preventing replay attack comprises a sending end and a receiving end, wherein the sending end and the receiving end carry out safe communication in a mixed encryption mode, the sending end and the receiving end respectively comprise a processor, a clock, a memory, an input module and an output module, and the processor is respectively and electrically connected with the clock, the memory, the input module and the output module.
Although only the preferred embodiments of the present invention have been described in detail, the present invention is not limited to the above embodiments, and various changes can be made without departing from the spirit of the present invention within the knowledge of those skilled in the art, and all changes are encompassed in the scope of the present invention.

Claims (5)

1. A method of preventing replay attacks, characterized by: comprises the following steps:
s1, initializing the receiving end memory and setting two temporary variables: long integer T0 ═ 0, integer X0 ═ 0;
s2, the receiving end receives the data packet, and carries out function sub-packaging and new data packet head addition to the data packet one by one;
the method for adding a new packet header in S2 includes: comprises the following steps:
s2.1, identity authentication data packet: the method comprises the steps that a sending end reads a sending end clock before identity authentication each time, the clock format is converted into a long and integral 32-bit clock, the accurate minimum unit of the clock is second, the first 32 bits are filled, and the last 16 bits are fully filled with 0;
s2.2, a key negotiation data packet: filling the first 32 bits and the 32 th-40 th bits by using an identity authentication clock, adding 1 to the serial number of the key negotiation packet from 1 each time, and filling 0 in the last 8 bits;
s2.3, data packet 11-1 n: filling the first 40 bits and the 41 th to 48 th bits of the first 40 bits of the key negotiation data packet, and adding 1 to the serial number of the filling data packet from 1 each time;
s3, reading the packet header of the data packet after decryption operation;
s4, converting the first 32 bits of the received data packet header into a long integer value T1, and converting the last 16 bits into an integer value X1;
s5, comparing T0 and T1, if T0> T1, judging that the packet data is replayed, discarding the packet, and returning to S3 to process the packet header of the next data packet;
s6, if T0 is less than T1, assigning T0 to T1 and X0 to 0, and entering a normal data processing flow;
s7, if T0 is T1, comparing X0 with X1, if X0 is more than or equal to X1, judging that the packet data is replayed, discarding the packet, and returning to S3 to process the packet header of the next packet;
s8, if the X0 is less than X1, assigning X0 to X1, and entering a normal data processing flow;
and S9, judging whether the communication is finished, if not, returning to S3 to process the next packet header, and if so, finishing the communication.
2. A method of preventing replay attacks according to claim 1, wherein: the process of performing function sub-packaging on the data packets packet by packet in S2 is as follows:
identity authentication 1, { [ key agreement 1, (packet 11, packet 12 …, packet 1n) ], [ key agreement 2, (packet 21, packet 22 …, packet 2n) ] …, [ key agreement m, (packet m1, packet m2 …, packet mn) ] },
identity authentication 2, { [ key agreement 1, (packet 11, packet 12 …, packet 1n) ], [ key agreement 2, (packet 21, packet 22 …, packet 2n) ] …, [ key agreement m, (packet m1, packet m2 …, packet mn) ] },
…,
identity authentication k, { [ key agreement 1, (packet 11, packet 12 …, packet 1n) ], [ key agreement 2, (packet 21, packet 22 …, packet 2n) ] …, [ key agreement m, (packet m1, packet m2 …, packet mn) ] } …;
the k, the m and the n are natural numbers, the validity period of the identity authentication 1 is t1, the validity period time of the key agreement 1 is t2, the time of single data packet encrypted communication is t3, the t1 is approximately equal to m × t2 is approximately equal to m × n × t3, and the m × n < 65535.
3. A method of preventing replay attacks according to claim 2, wherein: the identity authentication and the key agreement adopt an asymmetric encryption algorithm SM9, and the data packet transmission adopts a symmetric encryption algorithm SM 4.
4. A method of preventing replay attacks according to claim 1, wherein: in S3, the first 6 bytes of the packet header are read after the decryption operation.
5. An apparatus for preventing replay attacks that performs the method of claim 1, wherein: the transmitting end and the receiving end are in safe communication through a mixed encryption mode, the transmitting end and the receiving end respectively comprise a processor, a clock, a memory, an input module and an output module, and the processor is electrically connected with the clock, the memory, the input module and the output module respectively.
CN202011402237.4A 2020-12-02 2020-12-02 Method and device for preventing replay attack Active CN112511548B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202011402237.4A CN112511548B (en) 2020-12-02 2020-12-02 Method and device for preventing replay attack

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202011402237.4A CN112511548B (en) 2020-12-02 2020-12-02 Method and device for preventing replay attack

Publications (2)

Publication Number Publication Date
CN112511548A CN112511548A (en) 2021-03-16
CN112511548B true CN112511548B (en) 2022-09-16

Family

ID=74969803

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202011402237.4A Active CN112511548B (en) 2020-12-02 2020-12-02 Method and device for preventing replay attack

Country Status (1)

Country Link
CN (1) CN112511548B (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114172936A (en) * 2021-12-08 2022-03-11 长讯通信服务有限公司 Credible communication method applied to Internet of things equipment

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1794626A (en) * 2005-06-24 2006-06-28 华为技术有限公司 Method of preventing playback attack
CN104270390A (en) * 2014-10-23 2015-01-07 东南大学 System of IPSec embedded firewall based on IPv6 and operation method of system
CN109428867A (en) * 2017-08-30 2019-03-05 华为技术有限公司 A kind of message encipher-decipher method, network equipment and system
CN109587117A (en) * 2018-11-09 2019-04-05 杭州安恒信息技术股份有限公司 A kind of anti-replay-attack method of the whole network udp port scanning

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR101398631B1 (en) * 2008-05-30 2014-05-22 삼성전자주식회사 Method and Apparatus of Anti-Replay Attack over Wireless Network Environment
US8396985B2 (en) * 2010-08-11 2013-03-12 Lsi Corporation Packet sequence number tracking for an anti-replay window

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1794626A (en) * 2005-06-24 2006-06-28 华为技术有限公司 Method of preventing playback attack
CN104270390A (en) * 2014-10-23 2015-01-07 东南大学 System of IPSec embedded firewall based on IPv6 and operation method of system
CN109428867A (en) * 2017-08-30 2019-03-05 华为技术有限公司 A kind of message encipher-decipher method, network equipment and system
CN109587117A (en) * 2018-11-09 2019-04-05 杭州安恒信息技术股份有限公司 A kind of anti-replay-attack method of the whole network udp port scanning

Also Published As

Publication number Publication date
CN112511548A (en) 2021-03-16

Similar Documents

Publication Publication Date Title
CN108494725B (en) Encrypted communication method for vehicle-mounted CAN bus message
US5809140A (en) Session key distribution using smart cards
CA2148105C (en) Method and apparatus for authentication of client server communication
US5473689A (en) Method for authentication between two electronic devices
CN109559122A (en) Block chain data transmission method and block chain data transmission system
CN110380842B (en) CAN bus message signature method, device and system suitable for intelligent network-connected automobile
CN113114654B (en) Terminal equipment access security authentication method, device and system
CN111211905A (en) Identity management method for Fabric alliance chain members based on certificate-free authentication
CN112511548B (en) Method and device for preventing replay attack
CN111479269A (en) L ora node network access method capable of realizing synchronization
CN110061991A (en) A kind of gateway setting method for realizing expressway tol lcollection private network security access internet
CN114205133A (en) Information security enhancement method for vehicle-mounted CAN network and electronic equipment
CN101976365B (en) Safe radio frequency identification system
CN109586924A (en) A kind of intelligent distribution network data safe transmission method based on cloud computing
CN107249002B (en) Method, system and device for improving safety of intelligent electric energy meter
CN100512108C (en) Method for identifying physical uniqueness of networked terminal, and access authentication system for terminals
CN104079408A (en) Method for enhancing communication safety in industrial control system
CN111541699B (en) Method for safely transmitting data based on IEC102 communication protocol
CN113726743A (en) Method, device, equipment and medium for detecting network replay attack
CN112039654A (en) Electric meter data security acquisition method for resisting man-in-the-middle attack
CN112039663B (en) Data transmission method and system
CN115396149A (en) Efficient authentication key exchange method based on privacy protection
CN212305665U (en) Domestic communication encryption device suitable for rail transit
CN117640256B (en) Data encryption method, recommendation device and storage medium of wireless network card
CN113923656B (en) Interception-preventing wireless encryption transmission method and apparatus

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant