CN114826559A - Data symmetry processing method and system - Google Patents
Data symmetry processing method and system Download PDFInfo
- Publication number
- CN114826559A CN114826559A CN202210433155.9A CN202210433155A CN114826559A CN 114826559 A CN114826559 A CN 114826559A CN 202210433155 A CN202210433155 A CN 202210433155A CN 114826559 A CN114826559 A CN 114826559A
- Authority
- CN
- China
- Prior art keywords
- calculation
- data
- input value
- pair
- result
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000003672 processing method Methods 0.000 title claims description 4
- 238000004364 calculation method Methods 0.000 claims abstract description 90
- 238000012545 processing Methods 0.000 claims abstract description 27
- 238000000034 method Methods 0.000 claims abstract description 9
- 238000013507 mapping Methods 0.000 claims description 11
- 102100033189 Diablo IAP-binding mitochondrial protein Human genes 0.000 claims description 8
- 101710101225 Diablo IAP-binding mitochondrial protein Proteins 0.000 claims description 8
- 238000011144 upstream manufacturing Methods 0.000 claims 2
- 238000004891 communication Methods 0.000 description 3
- 235000017166 Bambusa arundinacea Nutrition 0.000 description 1
- 235000017491 Bambusa tulda Nutrition 0.000 description 1
- 241001330002 Bambuseae Species 0.000 description 1
- 235000015334 Phyllostachys viridis Nutrition 0.000 description 1
- 238000004458 analytical method Methods 0.000 description 1
- 238000013473 artificial intelligence Methods 0.000 description 1
- 239000011425 bamboo Substances 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000005540 biological transmission Effects 0.000 description 1
- 230000007423 decrease Effects 0.000 description 1
- 230000002950 deficient Effects 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 239000006185 dispersion Substances 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 238000001914 filtration Methods 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/0643—Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/12—Applying verification of the received information
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Power Engineering (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention discloses a method and a system for processing data symmetry, wherein the method comprises the following steps: s1: extracting a set of data pairs (s, d) in the message; s2: for the data S input in step S1, the calculated value rs is obtained by the first calculation, and for the data d in S1, the calculated value rd is obtained by the first calculation, S3: performing second calculation on the rs and rd obtained in the step S2 to obtain a new data pair; s4: and performing third calculation on the new data pair obtained in the step S3 to obtain a result rh. The technical scheme of the invention supports the use of any asymmetrical hash algorithm such as CRC16, CRC32 and the like, improves the discreteness of the calculation result, and realizes the symmetrical output of IPV6 address data.
Description
Technical Field
The present invention relates to the field of data communication technologies, and in particular, to a method and a system for processing data symmetry.
Background
Under the drive of the vigorous development of industries such as cloud computing, internet, artificial intelligence and the like, the network flow is rapidly increased like a bamboo shoot in spring after rain. With the arrival of the 5G era, compared with the 4G, the data transmission speed is higher, the number of connectable terminals is more, the data generation rate is further increased, and the difficulty of processing the data of the heaven and earth quantity by industries such as network operators, network security industry, intelligent service recommendation and the like is further increased; at the same time, since the connection terminals exhibit an exponential growth, a large number of IPV6 addresses replace the addresses of IPV4 that were previously nearly exhausted; thus, how to ensure the homologous homography of the data of the IPV6 address becomes a key factor of the system processing capacity. Under the background, how to ensure the consistency and integrity of data in the field of data communication is important to further improve the overall performance of the system;
in the data communication industry, when large-capacity flow filtering analysis is carried out, an uplink message and a downlink message belonging to the same flow are expected to be output from the same interface, namely the uplink message and the downlink message of the same flow can obtain the same hash value; the current common calculation mode adopts a symmetric calculation expression of XOR16, and the principle is that the switching law of XOR calculation is adopted, that is, s ^ d ^ s; in the calculation mode, when the calculated data changes in a certain regular way (for example, s increases at a certain interval, and d decreases at the same interval), the change range of the calculated value is small, and the discreteness is poor, especially for 128-bit IPV6 addresses in a local area network, when the global prefix and subnet of an IPV6 address are the same, and when the interface ID of an IPV6 address changes in a regular way, the calculated value is limited in a small range, and the discreteness is poor, so that data collision is aggravated.
As shown in fig. 1, the common way of processing the IPV6 message to calculate the hash is as follows:
for a group of data pairs (s, d), obtaining a calculated value rh after XOR calculation;
after the exchanged data pair (s, d) is subjected to XOR calculation, the obtained value is determined to be rh because the XOR algorithm has symmetry; but the result of the XOR calculation is less discrete.
In summary, when the symmetric hash algorithm such as XOR16 is adopted for IPV6 addresses, when the calculation factor shows regular change, the discreteness of the calculated hash result is very poor, and the hash collision is particularly serious.
Accordingly, the prior art is deficient and needs improvement.
Disclosure of Invention
The invention mainly aims to provide a data symmetry processing method and a data symmetry processing system, which aim to support the use of any asymmetric hash algorithm such as CRC16 and CRC32, improve the discreteness of a calculation result and realize the symmetric output of IPV6 address data.
In order to achieve the above object, the present invention provides a method for processing data symmetry, which comprises the following steps:
s1: extracting a set of data pairs (s, d) in the message;
s2: obtaining a calculation value rs as a first input value through a first calculation for the data S input in the step S1, and obtaining a calculation value rd as a second input value through a first calculation for the data d input in the step S1;
s3: performing second calculation on the first input value rs and the second input value rd obtained in the step S2 to obtain a new data pair; specifically, the formula of the second calculation is "first input value/(second input value +1) -1", if the second calculation result is a positive number, the obtained new data pair is (rs, rd), and if the second calculation result is a negative number, the obtained new data pair is (rd, rs);
s4: and performing third calculation on the new data pair obtained in the step S3 to obtain a result rh.
Preferably, the messages include an uplink message and a downlink message, the data pair extracted from the uplink message is (s1, d1), and the data pair extracted from the downlink message is (s2, d2), where s1 is equal to d2, and d1 is equal to s 2.
Preferably, the data pair is derived from a pair of metadata of the message, including smac/dmac, SIPV6/DIPV6, a field of any length with symmetry meaning.
Preferably, the first calculation and the third calculation both adopt the calculation including CRC16 calculation, CRC32 calculation, MD5SUM calculation, SHA calculation.
In order to achieve the above object, the present invention further provides a data symmetry processing system, including:
the Mapping module is used for respectively calculating a group of data pairs (s, d) in the message to obtain a first input value rs and a second input value rd;
the result checking module is used for receiving the data pair (s, d), the first input value rs and the second input value rd, and calculating the first input value rs and the second input value rd to obtain a new data pair; specifically, the calculation formula is "first input value/(second input value +1) -1", if the second calculation result is a positive number, the obtained new data pair is (rs, rd), and if the second calculation result is a negative number, the obtained new data pair is (rd, rs);
and the data processing module is used for recalculating the data calculated and output by the result checking module and outputting a final result rh.
Preferably, the messages include an uplink message and a downlink message, the data pair extracted from the uplink message is (s1, d1), and the data pair extracted from the downlink message is (s2, d2), where s1 is equal to d2, and d1 is equal to s 2.
Preferably, the data pair is derived from a pair of metadata of the message, including smac/dmac, SIPV6/DIPV6, a field of any length with symmetry meaning.
Preferably, the calculation of the Mapping module and the data processing module adopts calculation including CRC16 calculation, CRC32 calculation, MD5SUM calculation and SHA calculation.
Compared with the prior art, the invention has the beneficial effects that: by adopting an asymmetric algorithm and an asymmetric device, the same calculation result can be obtained by one group of data pairs, different results can be obtained by different data pairs, and the discreteness of the calculation result can be ensured.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only some embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to the structures shown in the drawings without creative efforts.
Fig. 1 is a schematic diagram of a processing manner of computing hash of a common IPV6 message;
FIG. 2 is a schematic view of a processing system of the present invention;
the implementation, functional features and advantages of the objects of the present invention will be further explained with reference to the accompanying drawings.
Detailed Description
The method for processing data symmetry provided by the embodiment comprises the following steps:
s1: extracting a set of data pairs (s, d) in the message;
s2: obtaining a calculation value rs as a first input value through a first calculation for the data S input in the step S1, and obtaining a calculation value rd as a second input value through a first calculation for the data d input in the step S1;
s3: performing second calculation on the first input value rs and the second input value rd obtained in the step S2 to obtain a new data pair; specifically, the formula of the second calculation is "first input value/(second input value +1) -1", if the second calculation result is a positive number, the obtained new data pair is (rs, rd), and if the second calculation result is a negative number, the obtained new data pair is (rd, rs);
s4: and performing third calculation on the new data pair obtained in the step S3 to obtain a result rh.
Further, the messages include an uplink message and a downlink message, the data pair extracted from the uplink message is (s1, d1), and the data pair extracted from the downlink message is (s2, d2), where s1 is equal to d2, and d1 is equal to s 2.
Further, the data pair is derived from a pair of metadata of the message, including smac/dmac, SIPV6/DIPV6, and a field with any length and symmetry meaning.
Further, the first calculation and the third calculation both adopt the calculation including CRC16 calculation, CRC32 calculation, MD5SUM calculation, SHA calculation.
The processing system for data symmetry provided by this embodiment includes:
the Mapping module is used for respectively calculating a group of data pairs (s, d) in the message to obtain a first input value rs and a second input value rd;
the result checking module is used for receiving the data pair (s, d), the first input value rs and the second input value rd, and calculating the first input value rs and the second input value rd to obtain a new data pair; specifically, the calculation formula is "first input value/(second input value +1) -1", if the second calculation result is a positive number, the obtained new data pair is (rs, rd), and if the second calculation result is a negative number, the obtained new data pair is (rd, rs);
and the data processing module is used for recalculating the data calculated and output by the result checking module and outputting a final result rh.
Further, the messages include an uplink message and a downlink message, the data pair extracted from the uplink message is (s1, d1), and the data pair extracted from the downlink message is (s2, d2), where s1 is equal to d2, and d1 is equal to s 2.
Further, the data pair is derived from a pair of metadata of the message, including smac/dmac, SIPV6/DIPV6, and a field with any length and symmetry meaning.
Further, the data pair is derived from a pair of metadata of the message, including smac/dmac, SIPV6/DIPV6, and a field with any length and symmetry meaning.
The following is illustrated by way of specific examples:
for uplink messages, a set of data pairs (s1, d1) is taken, such as smac and dmac of the message;
for input data s1, after passing through a Mapping module, a calculated value rs1 is obtained as a first input value;
for the input data d1, after passing through a Mapping module, obtaining calculated data rd1 as a second input value;
inputting original input values s1 and d1 and calculated values rs1 and rd1 which pass through a Mapping module into a result checking module, calculating a first input value rs1 and a second input value rd1 by the result checking module, namely calculating a first input value/(a second input value +1) -1', if the calculation result is a positive number, obtaining a group of data pairs (rs1 and rd1), and if the calculation result is a negative number, obtaining another group of data pairs (rd1 and rs 1);
inputting the result obtained by the result checking module into the data processing module, and outputting a corresponding result rh1 after MD5SUM calculation is carried out by the data processing module;
for downlink messages, a group of data pairs (s2, d2) is taken, and the following relations must exist, wherein s2 is equal to d1, and d2 is equal to s 1;
for the input data s2, obtaining calculated data rs2 as a first input value after passing through a Mapping module;
for the input data d2, after passing through a Mapping module, obtaining calculated data rd2 as a second input value;
inputting original input values s2 and d2 and calculated values rs2 and rd2 which pass through a Mapping module into a result checking module, calculating a first input value rs2 and a second input value rd2 by the result checking module, namely calculating a first input value/(a second input value +1) -1', if the calculation result is a positive number, obtaining a group of data pairs (rs2 and rd2), and if the calculation result is a negative number, obtaining another group of data pairs (rd2 and rs 2);
the relationships combining the above data, (d2, s2) and (s1, d1) are equivalent.
Inputting the result obtained by the result checking module into a data processing module, and outputting a corresponding result rh1 after performing MD5SUM calculation by the data processing module;
for the data not in the (a, b) or (b, a) pair, after MD5SUM operation, the value not in rh1 is obtained, and the dispersion of the distribution of the calculated values is realized.
The above description is only a preferred embodiment of the present invention, and is not intended to limit the scope of the present invention, and all equivalent structures or equivalent processes performed by the present invention or directly or indirectly applied to other related technical fields are also included in the scope of the present invention.
Claims (8)
1. A data symmetry processing method is characterized by comprising the following steps:
s1: extracting a set of data pairs (s, d) in the message;
s2: obtaining a calculation value rs as a first input value through a first calculation for the data S input in the step S1, and obtaining a calculation value rd as a second input value through a first calculation for the data d input in the step S1;
s3: performing second calculation on the first input value rs and the second input value rd obtained in the step S2 to obtain a new data pair; specifically, the formula of the second calculation is "first input value/(second input value +1) -1", if the result of the second calculation is a positive number, the obtained new data pair is (rs, rd), and if the result of the second calculation is a negative number, the obtained new data pair is (rd, rs);
s4: and performing third calculation on the new data pair obtained in the step S3 to obtain a result rh.
2. The method for processing data symmetry as claimed in claim 1, wherein the messages include an uplink message and a downlink message, the data pairs extracted from the uplink message are (s1, d1), the data pairs extracted from the downlink message are (s2, d2), wherein s1 equals d2, and d1 equals s 2.
3. The method of claim 1, wherein the pair of data is derived from a pair of metadata of the packet, comprising smac/dmac, SIPV6/DIPV6, a field of any length with symmetry meaning.
4. The method for processing data symmetry as claimed in claim 1, wherein the first calculation and the third calculation each employ a calculation including CRC16 calculation, CRC32 calculation, MD5SUM calculation, SHA calculation.
5. A system for processing data symmetry, comprising:
the Mapping module is used for respectively calculating a group of data pairs (s, d) in the message to obtain a first input value rs and a second input value rd;
the result checking module is used for receiving the data pair (s, d), the first input value rs and the second input value rd, and calculating the first input value rs and the second input value rd to obtain a new data pair; specifically, the calculation formula is "first input value/(second input value +1) -1", if the second calculation result is a positive number, the obtained new data pair is (rs, rd), and if the second calculation result is a negative number, the obtained new data pair is (rd, rs);
and the data processing module is used for recalculating the data calculated and output by the result checking module and outputting a final result rh.
6. The data symmetry processing system of claim 5, wherein the messages include upstream messages and downstream messages, the data pairs extracted in the upstream messages are (s1, d1), the data pairs extracted in the downstream messages are (s2, d2), wherein s1 equals d2, and d1 equals s 2.
7. The data symmetry processing system of claim 5, wherein the pair of data is derived from a pair of metadata of a message, including smac/dmac, SIPV6/DIPV6, a field of arbitrary length with symmetry meaning.
8. The data symmetry processing system as claimed in claim 5, wherein the Mapping module and the data processing module each employ a calculation including CRC16 calculation, CRC32 calculation, MD5SUM calculation, SHA calculation.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210433155.9A CN114826559A (en) | 2022-04-22 | 2022-04-22 | Data symmetry processing method and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210433155.9A CN114826559A (en) | 2022-04-22 | 2022-04-22 | Data symmetry processing method and system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN114826559A true CN114826559A (en) | 2022-07-29 |
Family
ID=82507047
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202210433155.9A Pending CN114826559A (en) | 2022-04-22 | 2022-04-22 | Data symmetry processing method and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114826559A (en) |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102546364A (en) * | 2010-12-22 | 2012-07-04 | 深圳市恒扬科技有限公司 | Network data distribution method and device |
| US8854972B1 (en) * | 2013-01-25 | 2014-10-07 | Palo Alto Networks, Inc. | Security device implementing flow lookup scheme for improved performance |
| US9270592B1 (en) * | 2014-01-24 | 2016-02-23 | Google Inc. | Hash collision avoidance in network routing |
| CN112468469A (en) * | 2020-11-17 | 2021-03-09 | 武汉绿色网络信息服务有限责任公司 | Method and device for ensuring homologous co-homing of multi-homing messages of SCTP (stream control Transmission protocol) |
-
2022
- 2022-04-22 CN CN202210433155.9A patent/CN114826559A/en active Pending
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102546364A (en) * | 2010-12-22 | 2012-07-04 | 深圳市恒扬科技有限公司 | Network data distribution method and device |
| US8854972B1 (en) * | 2013-01-25 | 2014-10-07 | Palo Alto Networks, Inc. | Security device implementing flow lookup scheme for improved performance |
| US9270592B1 (en) * | 2014-01-24 | 2016-02-23 | Google Inc. | Hash collision avoidance in network routing |
| CN112468469A (en) * | 2020-11-17 | 2021-03-09 | 武汉绿色网络信息服务有限责任公司 | Method and device for ensuring homologous co-homing of multi-homing messages of SCTP (stream control Transmission protocol) |
Non-Patent Citations (1)
| Title |
|---|
| 潘洁;高峰;刘栋;董昭;侯慧芳;: "基于DPI不对称流量的同源同宿解决方案", 电信科学, no. 12, 20 December 2016 (2016-12-20) * |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| EP3654192B1 (en) | Configuration management method, apparatus and device | |
| US8274980B2 (en) | Ethernet link aggregation | |
| CN107295036B (en) | Data sending method and data merging equipment | |
| US10476629B2 (en) | Performing upper layer inspection of a flow based on a sampling rate | |
| EP4012980A1 (en) | Application identification method and apparatus, and storage medium | |
| CN108337179B (en) | Link flow control method and device | |
| CN107579925B (en) | Message forwarding method and device | |
| CN103618733A (en) | Data filtering system and method applied to mobile internet | |
| CN111654406B (en) | Bidirectional forwarding detection method and device | |
| CN110572441B (en) | Ultra-large-scale DPI data processing system and method based on edge calculation | |
| CN106850547A (en) | A kind of data restoration method and system based on http protocol | |
| CN104615765A (en) | Data processing method and data processing device for browsing internet records of mobile subscribers | |
| CN102857547B (en) | The method and apparatus of distributed caching | |
| CN105245588A (en) | Separation processing method of web service port | |
| CN114826559A (en) | Data symmetry processing method and system | |
| CN110677314B (en) | Network interface testing method, system, electronic device and storage medium | |
| CN116955355A (en) | Block data processing method and device and electronic equipment | |
| CN108199975B (en) | Flow control method and device | |
| CN114978986B (en) | Data transmission method, device and storage medium | |
| CN113505326B (en) | Dynamic coding data transmission control method based on http protocol family | |
| US10411995B2 (en) | Network system control method and network system related to aggregation operation using redundant flow entry | |
| CN112751791B (en) | Message forwarding and information processing method and device, electronic equipment and storage medium | |
| CN114884893A (en) | Forwarding and control definable cooperative traffic scheduling method and system | |
| CN117014501A (en) | Stateless SRv6 service chain proxy method and system based on programmable switch | |
| CN104901947A (en) | Continuous numerical matching method and continuous numerical matching device based on TCAM |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |