JP2007295273A - Mail server apparatus - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To prevent "leakage", "alteration", "spoofing", "intrusion", and "attack" of data on the Internet in communication between a personal computer and the external terminals. <P>SOLUTION: A mail server apparatus 600 is provided with NIC (Network Interface Card) drivers 1a, 1b connected to networks 200, 300, respectively. A network layer including an application analysis function 20 for defining a communication method for executing communication while routing between two arbitrary nodes, and a transport layer are provided on a physical layer including the NIC drivers 1a, 1b and a data link layer. A function of "TCP2" 30 previously proposed by the inventor is provided between the data link layer and the network layer. <P>COPYRIGHT: (C)2008,JPO&INPIT

Description

  The present invention relates to a mail server device suitable for use when, for example, electronic information is communicated by adding an encryption function to a TCP or UDP protocol located in a transport layer. More specifically, it is intended to prevent a security system in communication, in particular, “leakage” and “tampering” of data on the Internet, as well as “spoofing”, “entry” or “attack”.

  In order to strengthen the function of preventing data leakage, tampering, impersonation, entry, and attack without changing the upper application program first, the present inventor has the encryption / decryption logic between the transmission side and the reception side. A new encryption system TCP2 that provides an agreement and applies it to the payload of a protocol corresponding to TCP or UDP existing in the transport layer is provided (see, for example, Patent Document 1).

  In recent years, communication using the Internet is rapidly spreading in society because anyone can access a computer on a network by connecting it to a network as long as it has a personal computer. On the other hand, along with the spread of Internet communication, there are social problems such as hackers and crackers intruding into other people's computer systems to steal software, data, and tamper and destroy them. It is getting bigger.

  As a specific case of illegal interference, first of all, there is a system interference in which a large number of messages are sent from the network and the operation of the computer system is interrupted so that the central system cannot be used. If the host is overloaded due to this interference, the system may go down.

  In addition, there is an illegal interception of “illegal access and impersonation” that illegally obtains a host password, steals confidential information, or alters or destroys information. Some of these obstructions mean that the information held by the computer can be rewritten and the person can fall. In addition, fraudulent acts called spyware that sneak into specific computers and exploit personal sensitive data such as email addresses and passwords have also occurred. In this way, it is impossible to deny the possibility that so-called eavesdropping is frequently performed in which the contents of a database held by a computer connected to a network are illegally stolen.

  In addition, there is no risk of cyber terrorism caused by intentional stealing of personal information or cyber terrorism lurking inside the company at the site or server operator.

  In addition, fraudulent disturbances such as sending "viruses" that are programs that cause computer problems to other people's computers have recently been increasing. This sent virus infects a computer that used e-mail at home, and when it is connected to the company, the entire company computer is infected, or the virus destroys files in the computer. There are also problems such as bringing down the entire network.

  For this reason, as a function for preventing data “leakage”, “tampering”, etc. in communication on the Internet using conventional Transmission Control Protocol / Internet Protocol (TCP / IP) or User Datagram Protocol (UDP), IPsec ( IPSEC: Encrypted communication called Security Architecture for Internet Protocol (SSL) or Secure Socket Layer (SSL) is used.

  In general, encrypted communication includes a common key (also referred to as a secret key) encryption method and a public key encryption method, and IPsec often uses a common key encryption method. The common key cryptosystem has a feature that the encryption / decryption speed is faster than the public key cryptosystem. The common key encryption method used for IPsec is a method in which encryption and decryption are performed with the same key, and the key may be generated on either the transmission side or the reception side. In order to use a common key, it is necessary to pay close attention not to leak the contents to the outside when exchanging keys.

  A typical algorithm used in the common key cryptosystem is DES (Data Encryption Standard: a common key (secret key) encryption algorithm developed by IBM Corporation, USA). IPsec also uses this DES as one of the encryption algorithms. IPsec is standardized by the IETF (Internet Engineer Task Force), and this feature encrypts all communications sent from the host at the IP level, not just a specific application. In the point.

  As a result, the user can perform secure communication without being aware of the application. In addition, IPsec can change the encryption algorithm to be used without changing its own mechanism so that it can be used in the future. A 32-bit code called SPI (Security Pointer Index) is used as a common encryption key used in IPsec, and IKE (Internet Key Exchange) is used as a key exchange protocol. Furthermore, in IPsec, a protocol AH (Authentication Header) for integrity authentication is prepared.

  SSL is an HTTP protocol with security function developed by Netscape Corporation (currently merged with AOL). By using this protocol, the client and server can authenticate each other on the network, and credit card information It is possible to exchange highly confidential information such as. This prevents data eavesdropping, replay attacks (attack of eavesdropping on data flowing over the network and repeatedly sending data), spoofing (communication by pretending to be the person), data tampering, etc. be able to.

  FIG. 8A shows an example of a protocol stack when performing encrypted communication using conventional IPsec, and FIG. 8B shows an example of a protocol stack when performing encrypted communication using conventional SSL. Yes.

  In the OSI reference model, the lowest layer (first layer) is the physical layer, the second layer is the data link layer, the third layer is the network layer, the fourth layer is the transport layer, the fifth layer is the session layer, and the sixth layer is The presentation layer and the top layer (seventh layer) are application layers. Seven layers in the OSI reference model are obtained by dividing the communication function into seven stages, and standard function modules are defined for each layer. In FIG. 8A, up to the fifth session layer is shown. The protocol stack is a software group in which protocols for realizing functions in each layer of the network are selected and stacked in a hierarchical manner.

  First, an outline of the OSI reference model will be described. The physical layer of the first layer is a layer that defines physical electrical characteristics of a signal line, a code modulation method, and the like. However, this layer alone is rarely defined and implemented alone, and is usually defined as, for example, the Ethernet standard together with the data link layer of the second layer.

  The data link layer of the second layer is a layer that defines data packetization, physical node address, packet transmission / reception method, and the like. This layer defines a protocol for exchanging packets between two nodes through a physical communication medium. Each node is assigned some address, and the packet destination is based on that address. And the packet is transmitted on the communication medium.

  There are various communication media such as copper wiring, radio, and optical fiber. Also, there are many types of connections (topologies) such as a bus type, a star type, and a ring type as well as a one-to-one facing connection. When the packet transmitted on the communication medium arrives at the receiving node, the packet is taken into that node and passed to a higher protocol layer.

  A NIC (Network Interface Card) driver arranged across the physical layer and the data link layer is an expansion board for connecting a personal computer, a printer, and the like to a local area network (LAN). If it is simply a network card, it is often connected to Ethernet.

  With this NIC driver, a node (device) that wants to transmit data monitors the availability of the cable and starts transmission when the cable is available. At this time, if a plurality of nodes start transmission at the same time, data collides in the cable and is destroyed, so both stop transmission and wait for a random time to resume transmission. Thus, a plurality of nodes can share a single cable and communicate with each other.

  The network layer of the third layer is a layer that defines a communication method between any two nodes. TCP / IP corresponds to the IP layer. In the data link layer, communication between nodes on the same network medium can be performed, but communication is performed while performing routing between any two nodes existing on the network by using the function. This is the role of this network layer.

  Here, routing refers to selecting and transmitting an optimum route when transmitting a packet to a target host in a TCP / IP network. For example, in Ethernet, only nodes on the same segment can communicate with each other, but in the network layer, communication is performed by routing packets between two Ethernet segments.

  In addition, routing to a dial-up PPP (Point to Point Protocol) line that connects a computer to a network (Ethernet) through a telephone line, and routing to a dedicated line using optical fiber, regardless of the physical network medium. Packets can be routed to For this purpose, an address independent of a physical medium (IP address in the case of TCP / IP) is normally assigned to each node, and routing is performed based on this.

  Since IPsec encrypts all communications transmitted from the host at this network layer, that is, at the IP level, the user can enable secure communications without being aware of the application.

  The transport layer of the fourth layer is a layer that provides a function of performing communication between two processes executed on each node, and is a protocol layer. TCP corresponds to TCP / IP. Also, the network layer provides a function to perform communication between two nodes. By using this function, a virtual communication path without error can be provided between two processes (applications). It is the role of TCP.

  In other words, data can be sent at the network layer, but there is no guarantee that the data will reach the other party. There is no guarantee that the data will arrive correctly in the order of transmission. Therefore, in order to make it easy for applications to use, TCP provides an error-free communication path. If necessary, resend / restore data.

  In addition to TCP, UDP is also placed in this transport layer. The difference between UDP and TCP is that TCP is slower than UDP because it is a protocol that compensates for data. Is faster because there is no data compensation. TCP is used when mainly sending data as in communication between computers, and UDP is often used when sending voice and images like IP telephones. This communication system was first proposed by the present inventor in Patent Document 1.

  The session layer of the fifth layer is a layer that defines the procedure of a session (from the start to the end of communication), and is a layer that establishes a connection between applications and enables communication. A socket arranged in this layer means a network address that combines an IP address corresponding to an address in the network of the computer and a port number that is a sub-address of the IP address.

  When connecting computers, be sure to specify a socket (a pair of IP address and port number). As shown in FIG. 8B, SSL, which is a typical conventional encrypted communication technology, realizes encrypted communication in this session layer.

  The sixth presentation layer is a layer that prescribes a representation method, encoding, encryption, and the like of data exchanged in a session (from the start to the end of communication). In the TCP / IP protocol, there is no portion corresponding to this layer, and normally, the application itself handles stream data processing.

  The application layer of the seventh layer is a layer for defining data exchange between applications, and there is no portion corresponding to this layer in the TCP / IP protocol. For example, it is a layer that defines a common data structure and the like necessary for exchanging data between applications such as an e-mail format and an internal structure of a document.

  FIG. 8A shows a standard protocol stack equipped with IPsec. First, a NIC (Network Interface Card) driver is provided in the physical layer (first layer) and the data link layer (second layer). This driver is a driver for an interface card for connecting hardware such as a computer to a network, and its contents are data transmission / reception control software. For example, a LAN board or a LAN card for connecting to Ethernet corresponds to this.

  In the third network layer, there is an IP emulator partially extending to the transport layer (fourth layer). A function as a transport is not mounted on the portion extending to the transport layer. It only provides network layer functionality to the session layer. This IP emulator functions to switch between a protocol that performs encrypted communication by IPsec and an IP that is a protocol that does not perform encrypted communication, depending on the application.

  An ARP (Address Resolution Protocol) is arranged in the third network layer. This ARP is a protocol used for obtaining a MAC (Media Access Control) address, which is an Ethernet physical address, from an IP address. The MAC is a transmission control technique used in a LAN or the like called medium access control, and is used as a technique for specifying a frame transmission / reception method, a frame format, error correction, and the like as a data transmission / reception unit.

  In addition, to this network layer, in order to efficiently deliver the same data to a plurality of hosts or to receive the delivery, there is ICMP (Internet Control Message Protocol) which is a protocol for transferring IP error messages and control messages. IGMP (Internet Group Management Protocol), which is a protocol for controlling a group of configured hosts, is provided. TCP and UDP are arranged in the transport layer above the network layer, and a socket interface is arranged in the session layer which is the upper layer.

  B of FIG. 8 is an example of a standard protocol having SSL as an encryption processing protocol. SSL is mounted on a socket (session layer) instead of mounting IPsec on the network layer. Other protocols are the same as those shown in FIG.

  Among typical encryption communication technologies in the past, IPsec is a method for encrypting and transmitting / receiving IP packets. Therefore, IPsec is used as application software that uses a higher-level protocol such as TCP or UDP. There is no need to be aware that

  On the other hand, in SSL, digital certificates using RSA (Rivest Shamir Adleman: an acronym for three developers of public key cryptography) public key cryptography are used at the mutual authentication level, and DES is used for data encryption. Common key encryption technology is used. Since this SSL is in the session layer of the fifth layer, it depends on a specific application.

  IPsec is realized as a function for preventing data “leakage” and “tampering” in the third layer (network layer) lower than the fourth layer (transport layer) in OSI (see Non-Patent Document 1). ). On the other hand, SSL is an encryption technology in the session layer of the fifth layer, and encrypts data such as WWW (World Wide Web) and FTP (File Transfer Protocol) that are widely used in the Internet at present, It is for safely transmitting and receiving information related to privacy and confidential business information.

  Table 1 shown in FIG. 9 compares the functions of IPsec and SSL. As can be seen from this table, IPsec and SSL have advantages and disadvantages that conflict with each other.

  For example, in the communication between the client and the client, in the case of SSL, since the command system and the communication content become a master-slave relationship, that is, a client / server, communication between the client and the client cannot be performed without going through the server. It was. That is, when secret data is sent from terminal A to terminal B after being encrypted by SSL, a server must be interposed between them. On the other hand, since there is no such restriction in IPsec, direct communication is possible.

  Also, in a PPP (Point to Point Protocol) mobile environment or ADSL (Asymmetric Digital Subscriber Line) environment, IPsec performs encryption determination, key exchange, and mutual authentication before starting encrypted data communication. In communication using the IKE (Internet Key Exchange) protocol, which is a protocol to be used, the other party is authenticated.

  Therefore, in the PPP mobile environment (remote client) or ADSL environment, since the IP address cannot be fixed, the IKE main mode most used between the IPsec gateways, that is, the IP address information of the communication partner at the time of authentication Cannot use the mode to use.

  As a solution, by using the Aggressive mode, it is not necessary to use an IP address for ID information. For example, user information is used for ID information, and a user password is used for a known shared key. The partner can be specified. However, in the Aggressive mode, since the ID of the connection partner is transmitted in the same message as the key exchange information, the ID is transmitted as plain text without being encrypted.

  In addition, by using XAUTH (Extended Authentication within IKE), the problem of authentication can be solved. However, since the IP address is unknown for access from a remote client in the firewall setting, IKE and IPsec are not used. All must be allowed, leaving a security problem. SSL can communicate even in this environment.

  Further, IPsec has a problem that it cannot cope with NAT (Network Address Translation) or IP masquerade. In order to deal with these, it must be used in combination with other functions such as loading on the UDP payload.

  NAT is a technology that allows companies connected to the Internet to share a single global IP address among multiple computers. An IP address (local address) that can be used only within an organization and an Internet address (global address) are used. It is a technology for mutual conversion. NAT cannot be supported because the IP header is within the authentication range of AH (Authentication Header), so it is not possible to convert global addresses from each other, and communication between local addresses in different subnets becomes impossible. is there.

  In addition, IP masquerade is a mechanism that allows a plurality of clients having private addresses in the LAN to access the Internet. When this is used, IP masquerade operates from the outside (Internet). It can be said that it is desirable from the viewpoint of security because only the terminal that is present can be seen. The reason why IPsec cannot cope with IP masquerading is that the IPsec ESP (Encapsulating Security Payload) header is immediately after the IP header.

  A normal router equipped with IP masquerading determines that there is a TCP / UDP port number immediately after the IP header. Therefore, since this port number is changed when passing through a router equipped with IP masquerade, IPsec determines that it has been tampered with, and there is a problem that the host cannot be authenticated. This problem can be avoided by using a product that supports NAT-T (NAT-Traversal) for mounting on the UDP payload.

  However, if the draft version of NAT-T is different, even NAT-T compatible products cannot be connected. SSL can communicate even in this environment.

  On the other hand, SSL is ineffective against various attacks on TCP / IP by unauthorized intruders of networks called hackers and crackers, so-called DoS attacks (Denial of Service). When a DoS attack to the TCP / IP protocol stack, for example, a TCP disconnection attack is performed, the TCP session is cut and the SSL service is stopped.

  Since IPsec is implemented in the third layer (IP layer), since the IP layer has a security function, it is possible to prevent a DoS attack on TCP / IP (fourth layer, third layer). However, since SSL is an encryption protocol implemented in a layer (fifth layer) above TCP / IP (fourth layer, third layer), it cannot prevent a DoS attack on TCP / IP. .

  Furthermore, SSL is more effective than IPsec for communication in a poor communication environment where there are many physical noises and many communication errors occur. In other words, when IPsec detects an error, it leaves the retransmission operation to the upper TCP. TCP sends retransmission data to IPsec, but IPsec cannot recognize that it is this retransmission data and re-encrypts it. Since SSL performs error recovery processing with TCP, the same data is not re-encrypted.

  Also, communication between different LANs is not possible with IPsec. That is, since distribution management of subnet addresses in the LAN is managed by a DHCP (Dynamic Host Configuration Protocol) server in the LAN, the same subnet address is not allocated in the LAN, but different LANs. In the case of communication between the two, the DHCP server in each other's LAN individually assigns a subnet address, so there is a possibility that the same address is assigned.

  When the same address is assigned in this way, communication cannot be performed by IPsec. However, if an IPsec-DHCP server is set up separately and managed so as not to have the same address, communication is possible. Since SSL is located in the fifth layer (session layer) of the OSI reference model as described above, it is possible to perform error recovery processing with lower-layer TCP and communicate even in the above-mentioned poor environment. Is possible.

  Also, for communication under different network environments, IPsec has to manage all the nodes through which it has to change settings so that IPsec can pass through. Even under the environment, it is possible to communicate without being aware of the environment of the node through which it passes.

  In addition, since SSL does not support UDP communication, it is not possible to perform encrypted communication of UDP. Since TCP also supports only a specific port, it is impossible to perform cryptographic communication on all TCP ports. On the other hand, IPsec can perform encrypted communication using either UDP or TCP.

  Furthermore, SSL is problematic in that it is not compatible with applications. An application uses a socket (5th layer) as a program interface when performing Internet communication. For this reason, when an application uses SSL (5th layer), this socket interface must be changed to an SSL interface. Therefore, SSL does not have application compatibility.

  On the other hand, since IPsec is located below the socket (5th layer), the application can use the socket (5th layer) as a program interface as it is, so that the application is compatible. In addition, IPsec can be controlled in units of IP addresses, whereas SSL is controlled in units of sources (URL units, folder units).

  Further, IPsec has a problem that the maximum segment size becomes small. In other words, since the ESP header and ESP trailer are used in IPsec, the payload becomes small, so that fragments (packet division) occur and throughput decreases. In addition, since fragmentation is prohibited in a TCP packet, it is necessary to grasp the environment through which IPsec passes at the end end and set the maximum segment size at which no fragment occurs. On the other hand, since SSL does not need to grasp the environment through which it passes, it is not necessary to set the maximum segment size.

  The function comparison between IPsec and SSL has been described with reference to Table 1 (FIG. 9). However, as described above, IPsec and SSL have mixed advantages and disadvantages. In contrast, the present inventor previously proposed TCP2, which is an epoch-making encryption communication protocol that includes all the advantages of IPsec and SSL and has many other merits (see Patent Document 1). .)

  That is, in the invention described in Patent Document 1, it is not necessary to implement an “encryption function” for preventing unauthorized entry into a computer terminal in each application program, and therefore it is necessary to recreate the application program itself. In addition, communication with a communication partner that does not support the above-mentioned encryption function can be performed in the conventional plaintext, and further, the benefits of encryption and authentication can be obtained even in an environment where IPsec cannot be used (or a situation where it is not desired to use). .

  FIG. 10 shows a protocol stack used in an embodiment of the encrypted communication system previously proposed by the present inventor in Patent Document 1. In FIG.

  As shown in FIG. 10, the protocol stack used in the invention described in Patent Document 1 includes a NIC (Network) in a layer corresponding to the physical layer (first layer) and the data link layer (second layer) of the OSI layer. Interface Card) driver 11 is arranged. As described above, this driver is a driver for an interface card for connecting hardware such as a computer to a network, and its contents are data transmission / reception control software. For example, a LAN board or a LAN card for connecting to Ethernet corresponds to this.

  In the third network layer, there is an IP emulator 3 partially extending to the transport layer (fourth layer). A function as a transport is not mounted on the extended portion. It only provides network layer functionality to the session layer. The IP emulator 3 functions to switch between “IPsec on CP” 13b and “IP on CP” 13a, which are protocols for performing encrypted communication, depending on the application. Here, “on CP” means that it is subject to monitoring, destruction, disconnection or passage restriction of “entry” and “attack” by a cracking protector (CP), or that can be set. Show.

  In the network layer, “ARP on CP (Address Resolution Protocol on Cracking Protector)” is arranged. This “ARP on CP” is a protocol used to obtain a MAC (Media Access Control) address, which is an Ethernet physical address, from an IP address provided with protection measures against a cracker. The MAC is a transmission control technique used in a LAN or the like called medium access control, and is used as a technique for specifying a frame transmission / reception method, a frame format, error correction, and the like as a data transmission / reception unit.

  Here, the IP emulator 13 is software or firmware for matching various security functions according to the present invention with a conventional IP peripheral stack. That is, ICMP (Internet Control Message Protocol) 14a, which is a protocol for transferring IP error messages and control messages, and a group of hosts configured to efficiently deliver or receive the same data to a plurality of hosts Software (IGMP) for controlling the Internet 14b, TCP15, UDP16, and software for matching with the socket interface 17, firmware, or hardware (electronic circuit, electronic component) is there. This IP emulator 13 can perform adaptation processing before and after IPsec encryption / decryption and addition / authentication of necessary authentication information.

  In the upper transport layer (fourth layer) of the IP emulator 13, a TCP emulator 15 and a UDP emulator 16 are arranged. The TCP emulator 15 functions to switch between “TCPsec on CP” 15b, which is a protocol for performing encrypted communication, and “TCP on CP” 15a, which is a normal communication protocol. Similarly, the UDP emulator 16 functions to switch between “UDPsec on CP” 16b, which is a protocol for performing encrypted communication, and “UDP on CP” 16a, which is a normal communication protocol.

  The most characteristic feature of Patent Document 1 is that the transport layer (fourth layer) is equipped with encrypted communication protocols of TCPsec 15b and UDPsec 16b. TCPsec15b and UDPsec16b will be described later.

  In the session layer (fifth layer), which is an upper layer of the transport layer (fourth layer), a socket interface 17 for exchanging data with protocols such as TCP and UDP is provided. The meaning of this socket is a network address that combines an IP address corresponding to an address in the network of a computer and a port number that is a sub-address of the IP address as described above. It consists of a single software program module (execution program, etc.) or a single hardware module (electronic circuit, electronic component, etc.) that is added or deleted collectively.

  The socket interface 17 provides a unified access method from a higher-level application, and maintains the same interface as in the past, such as the types and types of arguments.

  The TCP emulator 15 has a function of preventing data leakage / falsification in the transport layer, that is, a TCPsec 15b having functions such as encryption, integrity authentication and partner authentication, and such encryption, integrity authentication, and partner It has a function of distributing packets to any one of the normal protocols TCP15a having no function such as authentication. Further, since both the TCPsec 15b and the TCP 15a are provided with a cracking protector (CP), it is possible to realize a function of protecting against “entrance” and “attack” by a cracker, regardless of which one is selected. The TCP emulator 15 also serves as an interface with a socket, which is an upper layer.

  Further, as described above, TCP has an error compensation function, whereas UDP does not have an error compensation function, but has a feature that the transfer speed is correspondingly faster and a broadcast function is provided. As with the TCP emulator 15, the UDP emulator 16 has a function of preventing data leakage / falsification, that is, a UDPsec 16b having functions such as encryption, integrity authentication and counterpart authentication, and such encryption, integrity authentication, And has a function of distributing the packet to any one of the normal protocols UDP 16a having no function such as counterpart authentication.

  As shown in FIG. 10, socket 17, TCP emulator 15, UDP emulator 16, "TCPsec on CP" 15b, "UDPsec on CP" 16b, "TCP on CP" 15a, "UDP on CP" 16a, "ICMP on CP" ”14 a,“ IGMP on CP ”14 b, IP emulator 13,“ IP on CP ”13 a, and“ ARP on CP ”12 are protocol stacks for performing the encryption processing of the present invention. This protocol stack is generically called TCP2.

  Note that “IPsec on CP” 13b is not included as essential in TCP2, but TCP2 including “IPsec on CP” 13b may be used.

  TCP2 disclosed in Patent Document 1 includes standard protocol stacks of TCP, UDP, IP, IPsec, ICMP, IGMP, and ARP, in addition to the protocol stack for performing the above-described encryption processing. And, CP (cracking protection) is implemented in these standard protocols, attacks from communication against each protocol stack, and attacks from application programs (Trojan horse, program tampering, unauthorized use by authorized users, etc.) To be able to defend.

  Also, in TCP2, a TCP emulator 15 is mounted, and this TCP emulator 15 is outward-facing to maintain compatibility when viewed from the socket 17 in the session layer and the IP emulator 13 in the network layer. It can look the same as standard TCP. Actually, the TCP2 function is executed by switching between TCP and TCPsec. TCPsec is an encryption and authentication function in the transport layer according to the present invention.

  Similarly, in TCP2, the UDP emulator 16 is mounted, and the UDP emulator 16 is compatible with the socket 17 that is a session layer and the IP emulator 13 that is a network layer in order to maintain compatibility. From the outside, it can be shown as standard UDP. Actually, as a function of TCP2, UDP and UDPsec are switched and executed. UDPsec is an encryption and authentication function in the transport layer, which is the invention described in Patent Document 1.

  Next, TCPsec15b and UDPsec16b, which are functions that prevent “data leakage”, which is a particularly important function in TCP2, will be described.

  As an encryption / decryption method (algorithm, logic (logic)) for TCPsec15b and UDPsec16b, a known secret key (common key) encryption algorithm is used. For example, DES (Data Encryption Standard), which is a secret key encryption algorithm developed by IBM in the 1960s, and 3DES as an improved version thereof are used.

  As another encryption algorithm, IDEA (International Data Encryption Algorithm) announced by James L. Massey and Xuejia Lai of Swiss Institute of Technology in 1992 is also used. In this encryption algorithm, data is divided into 64-bit blocks and encrypted, and the length of the encryption key is 128 bits. It is designed to have sufficient strength for linear cryptanalysis and differential cryptanalysis that efficiently decrypt private key cryptography.

  In addition, as encryption methods of TCPsec15b and UDPsec16b used in the invention described in Patent Document 1, encryption methods such as FEAL (Fast Data Encipherment Algorithm), MISTY, and AES (Advanced Encryption Standard) are also used, and they are also created independently. A secret encryption / decryption algorithm can be used. Here, FEAL is an encryption method developed by Nippon Telegraph and Telephone Corporation (at that time), and is a secret key type encryption method that uses the same key for encryption and decryption. This FEAL has an advantage that encryption and decryption can be performed at a higher speed than DES.

  Next, MISTY, which is also an encryption method used in the invention described in Patent Document 1, is a secret key type encryption method developed by Mitsubishi Electric Corporation, and divides data into 64-bit blocks as in IDEA. To encrypt. The key length is 128 bits. The same program is used for encryption and decryption as in DES. This method is also designed to have sufficient strength against linear cryptanalysis and differential cryptanalysis that efficiently decrypt private key cryptography.

  AES is the next-generation standard encryption method of the US government, which is being selected by the US Department of Commerce's Standard Technology Bureau, as the next-generation encryption standard to replace DES, which is the current standard encryption method. Development has been advanced. Among a number of ciphers that were collected by public recruitment around the world, in October 2000, the Rijndael method developed by Belgian crypto developers Joan Daemen and Vincent Rijmen was adopted.

  As described above, as the TCPsec15b and UDPsec16b encryption methods applied to the invention described in Patent Document 1, various known secret key encryption algorithms can be adopted, and the user has independently developed the encryption methods. A secret key (common key) encryption method can also be used.

  Furthermore, as a method of “party authentication” and “integrity authentication” to prevent so-called “spoofing” and “data falsification”, an algorithm using a public key or pre-shared, for example, MD5 Authentication algorithms such as (Message Digest 5) and SHA1 (Secure Hash Algorithm 1) are used. An algorithm using a unique one-way function may be employed instead of such a known authentication algorithm.

  This MD5 is one of hash functions (one-way summarization functions) used for authentication and digital signatures, generates a fixed-length hash value based on the original text, and compares it at both ends of the communication path. It is possible to detect whether the original text has been tampered with during communication. This hash value takes a value like a pseudo random number, and based on this value, the original text cannot be reproduced. It is also difficult to create another message that generates the same hash value.

  SHA1 is also one of hash functions used for authentication, digital signatures, etc., and generates a 160-bit hash value from the original text of 2 <64> bits or less and compares it at both ends of the communication path. It detects the alteration of the original text. This authentication algorithm is also employed in IPsec, which is a typical example of conventional encrypted communication on the Internet.

These authentication algorithms are designed to enable secure key exchange using the DH (Diffie-Hellman) public key distribution method or the IKE (Internet Key Exchange) protocol (UDP 500) similar to IPsec. Moreover, it is scheduled by a protocol driver program (TCPsec15b, UDPsec16b, etc.) so that the encryption / integrity authentication algorithm (logic) itself and the key set / domain for that purpose are changed periodically.
International Publication WO 2005/015825 (A1) Publication R. Atkinson, August 1995 `` Security Architecture for the Internet Protocol '' RFC1825

  The invention described in Patent Document 1 uses the TCP2 proposed by the present inventor to enhance the function of preventing data leakage, tampering, spoofing, entry, and attack without changing the upper application program. It was aimed. As a means for achieving this purpose, a new encryption / decryption logic agreement is made between the transmission side and the reception side, and this is applied to the payload of the protocol corresponding to TCP or UDP existing in the transport layer. To realize a simple encryption system.

  However, in the invention described in Patent Document 1 described above, in order to provide TCP2 in the transport layer, the payload also includes an SMTP command for sending a so-called e-mail document and a POP command for receiving. include. Therefore, in the information encrypted in the transport layer, the SMTP command and the POP command are also encrypted, so that the information cannot be recognized from the outside as an electronic mail document.

  For this reason, conventionally, it has been necessary to take separate security measures for e-mail, and special effort for managing the expertise and security has been required. In particular, in a mail server device that mediates electronic mail, it is important to prevent “leakage” and “tampering” of data on the Internet, as well as “spoofing”, “entrance”, and “attack”. Management of such a mail server device requires extremely high expertise and a lot of labor.

  The present invention has been made in view of such problems, and an object of the present invention is to realize the TCP2 function in the entire mail system, and to send and receive electronic mail documents well and safely. The mail server apparatus which can do is implement | achieved.

  In order to solve the above problems and achieve the object of the present invention, the invention described in claim 1 stores mail information received from a transmission device, and stores the stored mail in response to a request from the reception device. A mail server device configured to transmit information, at least when transmitting electronic information by adding an encryption function to the TCP or UDP protocol located in the transport layer in the transmission device and the reception device Arrangement means for negotiating corresponding encryption and decryption logic between the apparatus and / or the receiving apparatus, and receiving a packet as an information unit in response to an SMTP command from the transmission apparatus, and decryption negotiated by the arrangement means A storage unit for decoding and storing in accordance with the logic, and an information unit stored in the storage unit in response to the POP3 command from the receiving device. Communication means for encrypting and transmitting the packet according to the encryption logic negotiated by the agreement means, and performing communication based on the encryption and decryption logic using the TCP or UDP protocol of the transport layer Is a mail server device.

  In the mail server device according to claim 2, in response to the SMTP command from the transmitting device, the first device that transmits a packet as an information unit to the counterpart device, and in response to the POP3 command from the receiving device. The second device for receiving the packet as the information unit from the counterpart device is provided independently.

  In the mail server device according to claim 3, encryption and decryption logic that can be an agreement candidate by the means for determining the encryption and decryption logic is stored in a memory or a circuit, and becomes an agreement candidate that is stored or implemented. It further comprises logic changing means for periodically changing possible encryption and decryption logic.

  In the mail server device according to claim 4, the means for determining the encryption and decryption logic can determine that the plaintext is handled without encryption in relation to the encryption and decryption logic. It is a thing.

  As described above, according to the present invention, since the mail server apparatus is equipped with the TCP2 function, data “leakage” and “tampering” on the Internet in the mail server apparatus, and “spoofing” ”,“ Entry ”or“ attack ”can be prevented, and transmission and reception of electronic mail documents can be performed safely and satisfactorily.

  Hereinafter, the present invention will be described with reference to the drawings. FIG. 1 is a block diagram showing the configuration of an embodiment of a mail server device to which the present invention is applied.

  In FIG. 1, a mail server device 600 has a function equivalent to that of a personal computer. Therefore, the mail server apparatus 600 is provided with NIC (Network Interface Card) drivers 1a and 1b connected to the networks 200 and 300, respectively. In addition, a communication method for performing communication while routing between any two nodes existing on the networks 200 and 300 with respect to the physical layer and the data link layer including the NIC drivers 1a and 1b. A defining network layer and a transport layer are provided.

  That is, the network layer and the transport layer are provided with an application analysis function 20 for analyzing SMTP commands and POP3 commands in e-mails. According to the commands analyzed by the analysis function 20, E-mail is stored and retrieved. In addition, according to the analyzed SMTP command and POP3 command, management of the reception source and transmission destination of the electronic mail is performed.

  The function of “TCP2” 30 previously proposed by the present inventor is provided between the data link layer and the network layer described above. The “TCP2” 30 can be provided with a conventional TCP / IP. Furthermore, the functions of the “TCP2” 30 can be provided as software or hardware. The functions of the “TCP2” 30 are controlled, and the encryption and decryption logic is changed periodically. An external function (EXP.) 40 is provided as a means for making an arrangement for handling plaintext without encryption as necessary.

  As described above, in the present embodiment, the function of “TCP2” is provided in the mail server device 600, so that even when the networks 200 and 300 are public networks such as the Internet, for example, “Leakage” and “tampering”, as well as “spoofing”, “entry” or “attack” can be prevented.

  FIG. 2 shows a specific embodiment of a communication network constructed using the mail server device 600 equipped with the above-described TCP2 function.

  In FIG. 2, a client apparatus (personal computer) 410 is provided with a MUA (Mail User Agent) 411, and an e-mail is created and displayed by this MUR 411. In addition, the client apparatus 410 is provided with an encryption application 412 that realizes the above-described TCP2 function, and plain text e-mail created by the MUA 411 is encrypted by the encryption application 412 equipped with this TCP2. The In the figure, ◎ represents an encryption function, and ● represents a decryption function.

  The MUA 411 described above is equipped with software for sending and receiving e-mails. In this MUA 411, an SMTP command is generated and attached to the e-mail created at the time of transmission. When receiving, the MUA 411 forms a received packet and analyzes a POP command attached to the received packet. Then, the reception is completed by the analysis of the POP command, and the received electronic mail is displayed.

  As a result, an e-mail document encrypted with TCP2 is transmitted from the client apparatus 410 to the relay apparatus 100 (◎). Therefore, this relay apparatus 100 is equipped with the above-described TCP2 function 101, and the corresponding encryption and decryption logic is negotiated with the client apparatus 410 in advance by IKE (key exchange) or the like. . When the information transmitted from the client device 410 is received, at least the payload of the TCP or UDP protocol is decoded according to a predetermined decoding logic (● mark) in the received packet as the information unit.

  Further, the relay apparatus 100 is provided with an application analysis function 102, and the application analysis function 102 analyzes the SMTP command of the decrypted packet. Then, the relay device 100 re-encrypts the packet excluding the analyzed SMTP command (marked with ◎) and transmits it to the first mail server device 600 on the partner side through the Internet 500 or the like. Note that the TCP 101 function 101 described above is used for re-encryption in the relay device 100. In this case, it is needless to say that it is necessary to make an agreement on encryption and decryption logic corresponding to the first mail server device 600 on the other party that performs e-mail communication in advance by IKE (key exchange) or the like. .

  In the first mail server device 600, decryption is performed by the TCP2 function 601 similar to that described above (● mark), and the SMTP command of the decrypted packet is analyzed by the application analysis function 602. Then, the e-mail is stored in the storage device (SMTP) 603 based on the analyzed SMTP command. Also, the e-mail stored in the storage device (SMTP) 603 is read out, encrypted again with the TCP2 function 601 (◎), and the second mail server device on the other side having the same configuration through the Internet 500 or the like. To 700. In this case, it is needless to say that the corresponding encryption and decryption logic must be negotiated with the second mail server device 700 on the other side in advance by IKE (key exchange) or the like.

  In the second mail server device 700, decryption is performed by the TCP2 function 701 similar to that described above (● mark), and the SMTP command of the decrypted packet is analyzed by the application analysis function 702. Then, the e-mail is stored in the storage device (POP3) 703 based on the analyzed SMTP command. When there is a reception request from the client device 410 through the relay device 100, a POP3 command is generated by the application analysis function 702 for the e-mail read from the storage device (POP3) 703, and the TCP2 function 701 encrypts it. Is transmitted (marked with ◎). In this case, it is needless to say that the encryption and decryption logic corresponding to the relay apparatus 100 needs to be made in advance by IKE (key exchange) or the like.

  The encrypted electronic mail received from the second mail server device 700 and received by the relay device 100 is decrypted by the TCP2 function 101 of the relay device 100 (● mark) and decrypted by the application analysis function 102. Analysis of the POP3 command of the packet is performed. Further, the packet including the analyzed POP3 command is encrypted by the TCP2 function 101 (◎).

  On the other hand, in the client device 410, the packet from the relay device 100 is decrypted by the encryption application 412 that realizes the function of TCP2 (● mark). Then, the decrypted plain text electronic mail is supplied to the MUA 411, and an electronic mail document is displayed based on the received POP3 command of the electronic mail. Although the client apparatus 410 at the time of transmission and reception is described as being the same here, it is needless to say that another client apparatus may be used. In this way, electronic mail communication based on encryption and decryption logic can be performed using the TCP or UDP protocol of the transport layer.

  In the communication network shown in FIG. 2, communication based on encryption and decryption logic is performed using a transport layer protocol in all sections between the client device 410 and the mail server devices 600 and 700. . This communication prevents data leakage and tampering, as well as “spoofing”, “entry”, and “attack” in all communication sections for communication between the client device and the outside. be able to. This is because, particularly in mail server devices, the occurrence of failures due to “attack” is prevented, and by using TCP2 at that time, it is possible to send and receive e-mail documents without requiring high-level specialized knowledge and labor. And it can be done safely.

  FIG. 3 shows a TCP2 packet structure previously proposed by the present inventor. FIG. 3A shows an Ethernet frame, for example. This frame is provided with a start signal, a reception side MAC (Media Access Control) address, and a transmission side MAC address following the head synchronization signal. After that, an error correction code such as a frame length / type area, a data area, and a CRC (Cyclic Redundancy Check) is arranged. In this data area, as shown in FIG. 3B, an IP packet is provided, and this IP packet includes an IP header and a payload.

  Also, the TCP packet shown in FIG. 3C is provided in the payload of the IP packet, and this TCP packet is composed of a TCP header and a payload. Further, application data shown in FIG. 3D is provided in the payload of the TCP packet. In the case of electronic mail, this application data is composed of an SMTP command or POP3 command and electronic mail document data.

  In this case, in the encryption by TCP2 previously proposed by the present inventor, since the entire payload of the TCP packet shown in FIG. 3C is encrypted, the SMTP command and the POP3 command are also encrypted, and the external The information cannot be recognized as an e-mail document. On the other hand, the present invention analyzes the SMTP command or POP3 command of the application data and encrypts only the part excluding these commands so that it can be recognized as an e-mail document from the outside. .

FIG. 4 is a flowchart showing processing at the time of transmission.
In FIG. 4, first, a transmission mail is created in the MUA 411 (step S11), and a mail transmission process is started (step S12). Thereafter, when a packet is sent to the encryption / decryption application 412 in the client apparatus 410, the client apparatus 410 performs mutual authentication with TCP2 of the relay apparatus 100 (step S13). If the authentication in step S13 is NG, that is, if the authentication fails, the setting of TCP2 is reviewed (step S14), and retransmission is performed (step S15).

  If the mutual authentication is OK in step S13, that is, if the authentication is successful, the packet is encrypted and sent to the relay device 100 (step S16). Subsequently, the packet is decrypted by the relay device 100, and the SMTP command is analyzed by the application analysis function 101 (step S17). Thereafter, mutual authentication is performed with TCP2 between the relay device 100 and the mail server device 600 (step S18). If the authentication is NG (failure), the setting of TCP2 is reviewed (step S19). Then, retransmission is performed (step S20).

  If the authentication is OK (success) in step S18, the other than the SMTP command of the packet to be transmitted is encrypted and sent to the mail server device 600 (step S21). Then, the mail server device 600 decrypts the packet, and the application analysis function 602 analyzes the SMTP command (step S22). Then, the packet converted into plain text is sent to the SMTP server (storage device) 603 in the mail server device 600 (step S23), and the transmission is completed (step S24). The above is the description of the e-mail transmission operation.

Next, processing upon receiving an e-mail will be described. FIG. 5 is a flowchart showing processing at the time of reception.
As shown in FIG. 5, when the mail reception process is started (step S31), the received mail is sent from the POP3 server in the mail server device 700 to the client (step S32). At this time, the received mail packet is read from the storage device 703 of the mail server device 700 (step S33). Then, the POP command is analyzed by the application analysis function 702 in the mail server device 700 (step S34). Subsequently, the mail server device 700 performs mutual authentication with the TCP2 of the relay device 100 (step S35). If the mutual authentication is NG (failure) in step S35, the setting of TCP2 is reviewed (step S36), and the received mail packet is retransmitted (step S37).

On the other hand, if the authentication is OK (successful) in step S35, other than the POP3 command in the email packet is encrypted and sent to the relay apparatus 100 (step S38). Subsequently, the received packet of the e-mail is decrypted by the relay device 100, and the POP3 command is analyzed by the application analysis function 102 of the relay device 100 (step S39).
Thereafter, the relay device 100 performs mutual authentication with the TCP2 of the client device 410 (step S40). If the authentication is NG (failure) in this step S40, the setting of TCP2 is reviewed (step S41), and the received mail Is retransmitted (step S42).

  On the other hand, if the authentication is OK (success) in step S40, the received mail packet is encrypted, sent to the client device 410, and decrypted by the encryption / decryption application function 412 in the client device 410 (step S43). . Then, the received mail packet is sent to the MUA 411 of the client terminal 410 (step S44), and the reception is completed (step S45). The above is the description of the e-mail reception process.

  According to the relay device of the present invention described above, in the communication between the personal computer and the outside, data “leakage” and “tampering” on the Internet, as well as “spoofing”, “entry” or “attack” are prevented. be able to.

  Finally, how the TCP 2 used in the present invention is superior to the conventional IPsec or SSL will be described with reference to FIGS. 6 and 7. FIG. FIG. 6 shows the TCP2 function added to the IPsec and SSL function comparison table shown in FIG.

  As is clear from FIG. 6, it can be seen that various problems of IPsec and SSL (these are shown in the background art) are completely solved by adopting TCP2. For example, client-client communication, TCP / IP protocol DoS attack, secure communication of all UDP ports or TCP ports, and applications that had to change socket programs, which were difficult to handle with SSL TCP2 is fully compatible with the restrictions in the above.

  Also, it is difficult to cope with IPsec, communication in a poor environment with frequent errors, communication between different LANs, connection via multiple carriers, communication in PPP mobile environment, ADSL environment TCP2 is fully supported. Furthermore, for the Internet using VoIP (Voice over Internet Protocol) in a mobile environment or an ADSL environment, both IPsec and SSL have problems as shown in Tables 1 and 2, but according to TCP2 of the present invention. Can be used in either environment.

  Also, Internet telephones using VoIP between different LANs cannot be handled by IPsec and SSL, but can be completely handled by TCP2 of the present invention.

  FIG. 7 is a diagram for explaining the superiority of TCP2, but a case (b) in which conventional SSL is applied to a protocol stack (a) without security, a case (c) in which IPsec is applied, A case (d) in which TCP2 (TCPsec / UDPsec) of the present invention is applied is shown in comparison.

  As described above, the SSL of FIG. 7B is provided in the socket of the session layer (fifth layer), so that it is not compatible with the upper application. For this reason, SSL itself has the above-mentioned problems. 7C is in the network layer (third layer) and is not compatible with the IP layer, it is subject to various restrictions as described above in configuring the network.

  On the other hand, TCP2 (TCPsec / UDPsec) in FIG. 7 (d) is an encryption technique introduced into the transport layer (fourth layer), so that the socket can be used as it is when viewed from the application. Also, when viewed from the network, the IP can be used as it is, so there are no restrictions on configuring the network.

  As described above, the relay apparatus according to the present invention uses the TCP2 previously proposed by the present inventor, and is particularly suitable for data leakage, falsification, spoofing, entry, and attack compared with the existing encryption processing system. On the other hand, it has an extremely high security function.

  It should be noted that the present invention is not limited to the embodiment described above, and it is needless to say that more embodiments are included without departing from the gist of the present invention described in the claims. .

It is a block diagram which shows the structure of one Embodiment of the mail server apparatus to which this invention is applied. It is a block diagram which shows one Embodiment of the concrete communication network to which the mail server apparatus by this invention is applied. It is a figure for the description. It is a flowchart for demonstrating the operation | movement at the time of the transmission. It is a flowchart for demonstrating the operation | movement at the time of the reception. It is a table | surface for demonstrating the comparison with a prior art. It is explanatory drawing for demonstrating the comparison with a prior art. It is a figure which shows the protocol stack of the standard communication using the conventional IPsec and SSL. It is a table | surface figure for demonstrating the prior art. It is a figure which shows the protocol stack of TCP2 which this inventor proposed previously.

Explanation of symbols

  600 ... mail server device, 200,300 ... network, 1a, 1b ... NIC driver, 20 ... application analysis function, 30 ... TCP2, 40 ... external circuit, 50 ... storage device

Claims (4)

A mail server device that stores mail information received from a transmission device and transmits the stored mail information in response to a request from the reception device,
When communicating electronic information by adding an encryption function to the TCP or UDP protocol located in the transport layer in the transmission device and the reception device,
Means for negotiating corresponding encryption and decryption logic at least with said transmitter and / or receiver;
A storage unit that receives a packet as an information unit in response to an SMTP command from the transmission device, and that is decrypted and stored according to a decoding logic negotiated by the negotiating unit;
Communication means for encrypting and transmitting the packet as the information unit stored in the storage means in response to the POP3 command from the receiving device according to the encryption logic decided by the agreement means;
A mail server device that performs communication based on the encryption and decryption logic using a TCP or UDP protocol of the transport layer.   A first device that transmits a packet as an information unit to a counterpart device in response to an SMTP command from the transmission device; and a counterpart device of a packet as an information unit in response to a POP3 command from the reception device 2. The mail server device according to claim 1, wherein a second device that performs reception from the second device is provided independently. The encryption and decryption logic that can be an agreement candidate by the encryption and decryption logic agreement means is stored in a memory or a circuit,
The mail server device according to claim 1, further comprising: a logic changing unit that periodically changes encryption and decryption logic that can be stored or implemented arrangement candidates. The means for determining the encryption and decryption logic can determine that the plaintext is handled without encryption in relation to the encryption and decryption logic. The described mail server device.

Images