JP2013077957A - Relay device, encryption communication system, encryption communication program, and encryption communication method - Google Patents

Abstract

PROBLEM TO BE SOLVED: To provide a router, an encryption communication system, an encryption communication program, and an encryption communication method which reduce communication delay of encryption packets to a reception side router.SOLUTION: When a router 6 determines that a detected processing load is greater than a threshold, the router 6 transmits to at least one of a router 2 and router 3, an IP address of the other router and connection information packets including an authentication parameter to be used for authentication of a communication partner when a VPN is to be established between the router 2 and the router 3.

Description

  The present invention relates to a relay device, an encrypted communication system, an encrypted communication program, and an encrypted communication method that cause encrypted communication to be performed between communication devices connected to the relay device according to the processing load of the relay device. is there.

  Conventionally, a technique for performing encrypted communication between a plurality of nodes via the Internet or a dedicated / public line is known. For example, in the technique disclosed in Patent Document 1, a packet is encrypted at a transmitting node in accordance with a protocol such as IPsec (Internet Protocol security), and is decrypted at a receiving node. In the technique disclosed in Patent Document 1, a VPN (Virtual Private Network) is constructed in a format called a hub and spoke type, and encrypted communication is performed. When the VPN is constructed in the hub-and-spoke type, the node on the transmission side encrypts the packet. The router on the transmission side transmits the encrypted packet to the relay node. The relay node decrypts the encrypted packet, selects a receiving node to be transmitted, and encrypts the packet again. Next, the relay node transmits the encrypted packet again to the selected receiving node.

  In the technique disclosed in Patent Document 1, when the transmission side node detects that the amount of traffic between the transmission side node and the relay node exceeds a threshold, the transmission side node and the reception side node Build a VPN directly between them.

JP 2004-140482 A

  In the encrypted communication described in Patent Document 1 described above, the transmission-side node detects the amount of traffic between the transmission-side node and the relay node, which may cause the following problem.

  When another transmitting node is connected to the relay node and performs encrypted communication, the transmitting node cannot detect the amount of traffic between the other transmitting node and the relay node. As a result, when there is a large amount of traffic between another transmission-side node and a relay node, a VPN is not directly constructed between the transmission-side node and the reception-side node, and encrypted communication via the relay node is not possible. Will continue. Also, if the traffic volume between the relay node and each transmission side node does not exceed the threshold, a VPN is not directly constructed between the transmission side node and the reception side node, and encrypted communication via the relay node Is continued.

  If the amount of traffic between the transmission-side node and the relay node increases, it is considered that the processing load of the encryption processing and decryption processing of the packet transmitted from the transmission-side node increases in the relay node. When the processing load of the encryption process and the decryption process increases, the encryption packet to be transmitted to the receiving node is delayed from the relay node, or the encryption packet to be transmitted to the receiving node There is a possibility that the packet may not be transmitted from the relay node.

  The present invention has been made to solve the above-described problems, and a relay device, an encrypted communication system, an encrypted communication program, and a communication device that reduce a communication delay of an encrypted packet to a communication device on the receiving side, and An object is to provide an encrypted communication method.

  In order to achieve the above object, the present invention according to claim 1 is a relay apparatus that performs encrypted communication with a plurality of communication apparatuses, the storage unit storing IP addresses of the plurality of communication apparatuses, First construction means for constructing a VPN with a first communication apparatus among the communication apparatuses, reception means for receiving data encrypted via the VPN constructed by the first construction means, and the reception An IP address of the second communication device for transmitting the data received by the receiving means from the IP address of the destination specified in the data decrypted by the decrypting means, and the decrypting means for decrypting the encrypted data received by the means Conversion from the storage means, the second construction means for constructing a VPN between the second communication device, the process for decrypting the data, and the process for encrypting the data A detection means for detecting a processing load including a physical load; a determination means for determining whether or not a processing load detected by the detection means is greater than a threshold; and a case in which the processing load is determined to be large by the determination means A VPN is established between at least one of the first communication device and the second communication device, the IP address of the other communication device, and the first communication device and the second communication device. Transmission means for transmitting VPN construction information including an authentication parameter used for authentication of a communication partner at the time of communication.

  In order to achieve the above object, according to a second aspect of the present invention, in the relay apparatus according to the first aspect, the transmission means is at least one construction means of the first construction means and the second construction means. The IP address of the other communication device and the VPN construction information are transmitted via the VPN constructed by the above.

  To achieve the above object, the present invention according to claim 3 is the relay apparatus according to claim 1 or 2, wherein a VPN is constructed by the first construction means, and the second construction means. Generating means for generating the authentication parameter different from the parameter used for authentication of the communication partner when the VPN is constructed by the transmission means, wherein the transmitting means sends the authentication parameter generated by the generating means to the other communication device. It is characterized by transmitting.

  In order to achieve the above object, the present invention according to claim 4 is the relay apparatus according to any one of claims 1 to 3, wherein the detecting means performs the decrypting process and the encrypting process. Among the included data, the conversion processing load of data that requires real-time property is detected as part of the processing load, and when the determination unit determines that the processing load is large, the transmission unit includes the plurality of communication devices. Among them, the first communication device and the second communication device that transmit and receive data that requires real-time property are extracted, and at least one of the communication devices includes the IP address of the other communication device, and VPN construction information is transmitted.

  In order to achieve the above object, the present invention according to claim 5 is the relay apparatus according to any one of claims 1 to 4, wherein the transmission means determines that the determination means has a large processing load. After that, when it is determined that the processing load detected by the detection means has become smaller than a threshold value, a load reduction notification is transmitted to the first communication device and the second communication device. .

  In order to achieve the above object, the present invention according to claim 6 is an encrypted communication system in which a plurality of communication devices perform encrypted communication via a relay device, and the relay device includes a plurality of communication devices. Encryption via the VPN constructed by the first construction means, the first construction means for constructing the VPN between the storage means for storing the IP address, the first communication device of the plurality of communication devices, and the first construction device Relay device receiving means for receiving the received data, decoding means for decoding the data received by the relay device receiving means, and receiving the relay device from the IP address of the destination specified in the data decoded by the decoding means Extraction means for extracting the IP address of the second communication device that transmits the data received by the means from the storage means, and second construction means for constructing a VPN between the second communication device Detecting means for detecting a processing load including a conversion processing load of a process for decrypting data and a process for encrypting data, and a determination for determining whether the processing load detected by the detecting means is greater than a threshold value And at least one of the first communication device and the second communication device, the IP address of the other communication device, and the first communication device. Relay apparatus transmitting means for transmitting VPN construction information including authentication parameters used for authentication of a communication partner when a VPN is constructed between the first communication apparatus and the second communication apparatus, At least one of the first communication device and the second communication device is a communication device receiver that receives the IP address of the other communication device and the VPN construction information. A communication device designated by the IP address of the other communication device received by the communication device reception means, a communication device construction means for constructing a VPN based on the authentication parameter, and a communication device construction means. Communication device transmitting means for transmitting data encrypted via the VPN to the other communication device.

  In order to achieve the above object, the present invention according to claim 7 is an encrypted communication method used in a relay apparatus that performs encrypted communication with a plurality of communication apparatuses, and is a first of the plurality of communication apparatuses. A reception step for receiving encrypted data via a VPN established with a communication device, a decryption step for decrypting the data received in the reception step, and designation in the data decrypted in the decryption step An extraction step of extracting the IP address of the second communication device that transmits the data received by the reception step from the IP address of the received destination from the storage means for storing the IP addresses of the plurality of communication devices; and decoding the data And a detection step of detecting a processing load including a conversion processing load of a process of encrypting data and a process of encrypting data, and detected by the detection step A determination step of determining whether or not a logical load is greater than a threshold; and if the determination step determines that the processing load is large, communication between at least one of the first communication device and the second communication device VPN construction information including an IP address of the other communication device, and an authentication parameter used for authentication of a communication partner when a VPN is constructed between the first communication device and the second communication device. And a transmitting step of transmitting.

  In order to achieve the above object, the present invention according to claim 8 is directed to a computer that controls a relay apparatus that performs encrypted communication with a plurality of communication apparatuses, between the first communication apparatus and the first communication apparatus. A first construction step for constructing a VPN; a reception step for receiving encrypted data via the VPN constructed by the first construction step; and a decryption step for decrypting the data received by the reception step; The IP address of the second communication device that transmits the data received by the first reception step from the IP address of the destination specified in the data decrypted by the decryption step, and the IP addresses of the plurality of communication devices are stored. A processing load including an extraction step of extracting from the storage means, a process of decrypting the data, and a conversion processing load of the process of encrypting the data A detection step to be issued; a determination step for determining whether or not the processing load detected by the detection step is greater than a threshold; and when the determination step determines that the processing load is large, At least one of the communication devices with the second communication device has an IP address of the other communication device and a communication partner when a VPN is constructed between the first communication device and the second communication device. This is a program characterized by executing a transmission step of transmitting VPN construction information including an authentication parameter used for authentication.

  According to the relay device according to claim 1, when it is determined by the determination means that the processing load is large, at least one of the first communication device and the second communication device is assigned to the IP of the other communication device. An address and VPN construction information are transmitted. As a result, the one communication apparatus that has received the IP address of the other communication apparatus and the VPN construction information can perform encrypted communication with the other communication apparatus via the VPN without using the relay apparatus. . That is, the conversion processing load of the process of decrypting data and the process of encrypting data is reduced in the relay device. Therefore, it is possible to reduce the occurrence frequency when data to be transmitted to the second communication device is transmitted with a delay, or when data to be transmitted to the second communication device is not transmitted.

  According to the relay device according to claim 2, the IP address of the other communication device and the VPN construction information are transmitted to one communication device via the VPN constructed by at least one construction means of the relay device. . Therefore, the IP address and the VPN construction information are more than the IP address and the VPN construction information of the other communication device transmitted to one communication device without going through the VPN constructed by the construction means. Leakage to other devices other than the first communication device, the second communication device, and the relay device can be suppressed.

  According to the relay device of the third aspect, the authentication parameter different from the parameter used for authentication of the communication partner when the VPN is constructed by the first construction unit or the second construction unit is generated. That is, the authentication parameter is newly generated by the relay device. When the VPN construction information includes the same authentication parameter as that used for authentication of the communication partner when the VPN is constructed by the first construction means or the second construction means, the first communication device, the second communication device, and The relay device holds the same authentication parameter. If the authentication parameter is held in a plurality of communication devices, it may not be possible to uniquely authenticate with the communication device. On the other hand, the relay device according to claim 3 generates an authentication parameter different from the parameter used for authentication of the communication partner when the VPN is constructed by the first construction unit or the second construction unit. This authentication parameter is transmitted to the first communication device and the second communication device, and is used for authentication of a communication partner when a VPN is constructed between the first communication device and the second communication device. Therefore, the first communication device, the second communication device, and the relay device are not authenticated with the same authentication parameter. Therefore, each communication device can be uniquely authenticated. At the same time, since authentication parameters are generated in the relay device, management of authentication parameters is facilitated. Accordingly, it is possible to increase the accuracy of authentication of the communication partner when the first communication device and the second communication device construct the VPN, and to facilitate management of authentication parameters.

  According to the relay device according to claim 4, the IP address of the other communication device is assigned to at least one of the first communication device and the second communication device that transmits and receives data requiring real-time performance. And VPN construction information are transmitted. Data that requires real-time performance is used for voice communication and the like. Encrypted communication between the first communication device and the second communication device including data that requires real-time performance is executed without using a relay device. Therefore, the occurrence frequency when data requiring real-time property to be transmitted to the second communication device is delayed or transmitted when data requiring real-time property to be transmitted to the second communication device is not transmitted is reduced. It can be made.

  According to the relay device of the fifth aspect, the first communication device and the second communication device that have received the load reduction notification can perform encrypted communication again via the relay device. Since the processing load of the relay device does not exceed the threshold value, even if the first communication device and the second communication device that have received the load reduction notification perform encrypted communication via the relay device, they are transmitted to the second communication device. It is possible to reduce the frequency of occurrence when data to be transmitted is delayed or when data to be transmitted to the second communication device is not transmitted.

  According to the encrypted communication system of claim 6, when the determination unit determines that the processing load is large, at least one of the first communication device and the second communication device is connected to the other communication device. The IP address of the communication device and VPN construction information are transmitted. One of the communication devices constructs a VPN based on the communication device specified by the received IP address of the other communication device and the authentication parameter, and encrypts the data through the constructed VPN. Send to communication device. As a result, the one communication apparatus that has received the IP address of the other communication apparatus and the VPN construction information can perform encrypted communication with the other communication apparatus via the VPN without using the relay apparatus. . That is, the conversion processing load of the process of decrypting data and the process of encrypting data is reduced in the relay device. Therefore, it is possible to reduce the occurrence frequency when data to be transmitted to the second communication device is transmitted with a delay, or when data to be transmitted to the second communication device is not transmitted.

  According to the encrypted communication method of claim 7, when it is determined that the processing load is large in the determination step, the IP address of the other communication device and the VPN construction information are sent to the first communication device and the second communication device. And are sent. As a result, the one communication apparatus that has received the IP address of the other communication apparatus and the VPN construction information can perform encrypted communication with the other communication apparatus via the VPN without using the relay apparatus. . That is, the conversion processing load of the process of decrypting data and the process of encrypting data is reduced in the relay device. Therefore, it is possible to reduce the occurrence frequency when data to be transmitted to the second communication device is transmitted with a delay, or when data to be transmitted to the second communication device is not transmitted.

  According to the encrypted communication program of claim 8, when it is determined in the determination step that the processing load is large, at least one of the first communication device and the second communication device is connected to the other communication device. IP address and VPN construction information are transmitted. As a result, the one communication apparatus that has received the IP address of the other communication apparatus and the VPN construction information can perform encrypted communication with the other communication apparatus via the VPN without using the relay apparatus. . That is, the conversion processing load of the process of decrypting data and the process of encrypting data is reduced in the relay device. Therefore, it is possible to reduce the occurrence frequency when data to be transmitted to the second communication device is transmitted with a delay, or when data to be transmitted to the second communication device is not transmitted.

It is a figure which shows schematic structure of the encryption communication system 1 which concerns on one Embodiment of this invention. 2 is a hardware diagram of a router 2 in the encrypted communication system 1. FIG. It is a schematic diagram showing the content of SPD. It is a schematic diagram showing the content of SAD. It is a sequence diagram showing the process at the time of transmitting an encryption packet from PC7 to PC8 when the processing load of the router 6 is small. It is a sequence diagram showing the process at the time of transmitting an encryption packet from PC7 to PC8 when the processing load of the router 6 is large. It is a sequence diagram showing the process at the time of VPN being constructed | assembled in main mode. It is a sequence diagram showing the process at the time of VPN being constructed | assembled by aggressive mode. It is a schematic diagram showing the content of an encryption packet. 4 is a flowchart showing a load detection process of a router 6. FIG. 3 is a schematic diagram showing the contents of table 1. 3 is a schematic diagram showing the contents of a table 2. FIG. 6 is a flowchart showing switching target determination processing of a router 6; It is a sequence diagram showing the process at the time of transmitting an encryption packet from PC7 to PC8 when the processing load of the router 6 becomes small again.

  An encrypted communication system 1 according to an embodiment of the present invention will be described with reference to FIG. FIG. 1 is a diagram showing a schematic configuration of an encrypted communication system.

  The encryption communication system 1 includes routers 2 to 6 and personal computers (PCs) 7 to 10. The PCs 7 to 10 are connected to the routers 2 to 5 via the LAN. The routers 2 to 5 construct a VPN with the router 6. The VPN is a virtual private network configured on the Internet. That is, the routers 2 to 6 are VPN gateways. The router 2 and the router 3 are examples of the first communication device and the second communication device of the present invention, respectively. The router 6 is an example of the relay device of the present invention.

  The routers 2 to 5 encrypt the packets transmitted from the PCs 7 to 10, respectively. Next, the routers 2 to 5 transmit the encrypted packet to the router 6. When the router 6 receives the encrypted packet, the router 6 decrypts the encrypted packet. Next, the router 6 transmits the decoded packet to the routers 2 to 5. The routers 2 to 5 decrypt the encrypted packet. The routers 2 to 5 transmit the decrypted packets to the PCs 7 to 10. That is, packets transmitted from the PCs 7 to 10 are transmitted to the PCs 7 to 10 via the router 6. This form of encrypted communication is called a hub-and-spoke type, in which routers 2 to 5 correspond to spokes and router 6 corresponds to a hub.

  In this embodiment, for example, when encrypted communication is performed via a VPN constructed on the Internet, IPsec (Security Architecture for Internet Protocol) is employed. IPsec is a protocol for encrypting data in a network layer.

  IPsec is composed of a plurality of protocols such as AH (Authentication Header), ESP (Encapsulated Security Payload), and IKE (Internet Key Exchange). Since these protocols are known, they will be briefly described.

  AH is a security protocol having an authentication function. ESP is a security protocol that encrypts the payload portion. IKE is a protocol for exchanging keys.

[Hardware configuration of router]
The hardware configuration of the router 2 will be described with reference to FIG. Since the hardware configurations of the routers 3 to 6 are the same as the hardware configuration of the router 2, description thereof is omitted. The router 2 includes a CPU 21, a flash memory 22, a RAM 23, a WAN-side Ethernet (registered trademark) interface 24, and a LAN-side Ethernet (registered trademark) interface 25. The CPU 21, flash memory 22, RAM 23, WAN-side Ethernet (registered trademark) interface 24, and LAN-side Ethernet (registered trademark) interface 25 are connected via a bus. The flash memory 22 stores a control program such as a VPN construction process described later that is processed by the CPU 21. The flash memory 22 stores SA (Security Association) as SAD (Security Association Database) described later. The flash memory 22 stores SP (Security Policy) as an SPD (Security Policy Database). The flash memory 22 is an example of the storage means of the present invention.

  The RAM 22 stores temporary data when the CPU 21 executes the control program. The CPU 21 is an example of a computer according to the present invention.

  The WAN-side Ethernet (registered trademark) interface 24 includes a port to which a LAN cable is connected, and transmits / receives encrypted packets to / from the router 6 via the VPN constructed in the IP network. The Ethernet (registered trademark) interface 25 on the LAN side includes a port to which a LAN cable is connected, and transmits and receives unencrypted packets to and from the PC 7 via the LAN cable.

  The SPD will be described with reference to FIG. The SPD is a database that stores SP. SP is information indicating whether or not to perform encrypted communication with two routers capable of encrypted communication. The SP stores a source address, a destination address, an upper layer protocol, an operation, and the like. The source address is the IP address of the PC that is the source of the packet. The destination address is the IP address of the destination PC of the packet. The upper layer protocol is a packet protocol including a payload portion. The operation is information on whether or not to perform encrypted communication.

  The SAD will be described with reference to FIG. SAD is a database that stores SA. SA is a connection established between two routers that perform encrypted communication. The SA stores a source address, a destination address, a start point address, an end point address, a security protocol, an SPI (Security Parameter Index), an encryption key, an encryption algorithm, and the like. The start point address is the IP address of the router that transmits the encrypted packet. The end point address is the IP address of the router that receives the encrypted packet. AH or ESP is designated as the security protocol. SPI is information for identifying the SA. The encryption key is a key used for packet encryption when encrypted communication is executed between two routers. The encryption algorithm is an algorithm such as 3DES-CBC or DES-CBC.

  A sequence when a packet is transmitted from the PC 7 to the PC 8 will be described with reference to FIGS. 5 and 6. 5 and 6, the process executed by the CPU 21 of the router 6 will be described as a process executed by the VPN control unit, a process executed by the switching control unit, and a process executed by the load monitoring unit. The storage unit shown in FIGS. 5 and 6 is the flash memory 22 of the router 6.

[Operation when the processing load of the router 6 is small]
In S1, the VPN control unit of the router 2 and the VPN control unit of the router 6 construct a VPN. Next, in S2, the VPN control unit of the router 6 and the VPN control unit of the router 3 construct a VPN. The process of S1 is an example of the first construction means of the present invention. S2 is an example of the second construction means of the present invention.

  The construction of the VPN in S1 and S2 will be described with reference to FIG. 7 and FIG. 7 and 8 show an example of the process of S1 in which a VPN is constructed between the router 2 and the router 6. FIG. In order for a VPN to be established, an SA must be generated between two routers that perform encrypted communications. SA is dynamically generated by IKE (Internet Key Exchange). In this SA generation process, the VPN control unit of the router 2 and the VPN control unit of the router 6 execute known processes called phase 1 and phase 2. Phase 1 is processed in either the main mode or the aggressive mode. When the execution of the phase 1 and phase 2 processes is completed, a VPN is established between the router 2 and the router 6. FIG. 7 is a sequence diagram in which the phase 1 process is executed in the main mode. FIG. 8 is a sequence diagram in which the phase 1 processing is executed in the aggressive mode.

[Main mode]
In S101 illustrated in FIG. 7, the router 2 transmits an ISAKMP SA generation request to the router 6. This ISAKMP SA generation request is a packet that proposes generation of an ISAKMP SA between the router 2 and the router 6. ISAKMP SA is a channel for controlling IKE when SA is automatically generated by IKE. When this proposal packet is transmitted to the router 6, the process proceeds to S102.

  The proposal packet includes parameters for establishing an ISAKMP SA. This parameter includes an encryption algorithm, a hash algorithm, an authentication method, a parameter used for Diffie-Hellman exchange, and the like.

  The encryption algorithm is an algorithm used when ISAKMP SA is encrypted. One encryption algorithm is designated in S102, which will be described later, from 3DES-CBC, DES-CBC, and the like.

  The hash algorithm is an algorithm used for authentication in the establishment process of ISAKMP SA. One hash algorithm is designated from SHA-1, MD5, and the like.

  The authentication method is a method for authenticating a communication destination router. One authentication method is designated from PSK (Pre-Shared Key) authentication and public key authentication. In the following description, it is assumed that PSK authentication is designated as a parameter.

  The parameters used for the Diffie-Hellman exchange are parameters used when a common key is generated by the Diffie-Hellman exchange.

  In S102, the router 6 authenticates the parameters included in the received ISAKMP SA generation request. When the parameter is authenticated, it is determined that the generation of the ISAKMP SA is accepted, and a packet notifying the acceptance of the generation of the ISAKMP SA is transmitted to the router 2. When this notification packet is transmitted to the router 2, the process proceeds to S103 and S104.

  In S103 and S104, the router 2 and the router 6 generate random numbers. When the generation of the random number is finished, the process proceeds to S105 and S106.

  In S105 and S106, the router 2 and the router 6 transmit the generated random number to the other routers 2 and 6. This transmission and reception of random numbers is called Diffie-Hellman exchange. When the transmission of the random number is completed, the process proceeds to S107 and S108.

  In S107, the router 2 generates a common key from the random number generated in S103 and the random number received in S106. In S108, the router 6 generates a common key from the random number generated in S104 and the random number received in S105. That is, the router 2 and the router 6 generate the same common key. When the generation of the common key ends, the process proceeds to S109.

  In S109, the router 2 generates a hash value from the PSK preset between the router 2 and the router 6. The PSK is stored in the storage unit of the router 2 and the router 6 in association with the IP addresses of the router 2 and the router 6. The router 2 transmits the generated hash value to the router 6. This hash value is encrypted with the common key generated in S107 and transmitted to the router 6. When the transmission of the hash value is completed, the process proceeds to S110.

  In S110, the router 6 decrypts the hash value using the common key generated in S108. Based on the decrypted hash value and the IP address of the router 2 assigned to the source address, it is authenticated that the communicating router is the router 2 in the processing of S101 to S109. If it is determined that the communicating router is the router 2, the process proceeds to S111. That is, PSK is used for authentication of a communication partner when constructing a VPN.

  In S <b> 111, the router 6 generates a hash value from PSK that is preset between the router 2 and the router 6. This hash value is encrypted with the common key generated in S108 and transmitted to the router 6. When the transmission of the hash value ends, the process proceeds to S112.

  In S112, the router 2 decrypts the hash value from the common key generated in S107. Based on the decrypted hash value and the IP address of the router 6 assigned to the transmission source address, it is verified in the processing of S101 to S109 that the router that is communicating is the router 6. If it is determined that the communicating router is the router 6, the process proceeds to S113.

  The processing of S101 to S112 is called phase 1. The ISAKMP SA is established by the processing of S101 to S112. In subsequent steps S113 to S116, packets transmitted and received between the router 2 and the router 6 are encrypted with the common key generated in the ISAKMP SA establishment process.

  In S113, the router 2 transmits an IPsec SA generation request to the router 6. This IPsec SA generation request is a packet that proposes generation of an IPsec SA between the router 2 and the router 6. The router 2 adds a random number, an encryption algorithm, and a security protocol to the proposal packet. In S113, the random number assigned to the proposed packet is used to generate an encryption key used for packet encryption when communication is performed between the router 2 and the PC connected to the router 6. It is a random number. The encryption algorithm is an algorithm such as 3DES-CBC or DES-CBC. AH or ESP is designated as the security protocol. When this proposal packet is transmitted to the router 6, the process proceeds to S114.

  In S114, when the router 6 accepts the generation of the IPsec SA between the router 2 and the router 6, the router 6 generates an encryption key from the random number assigned to the received proposal packet. When the key generation is completed, the process proceeds to S115.

  In S <b> 115, the router 6 transmits a packet notifying acceptance of generation of the IPsec SA to the router 2. The router 6 gives a random number to this notification packet. When this notification packet is transmitted to the router 2, the process proceeds to S116.

  In S116, the router 2 generates an encryption key from the random number given to the notification packet. When the generation of the encryption key is completed, an establishment notification packet for notifying that the IPsec SA has been established is transmitted to the router 6.

  The processing of S113 to S116 is called phase 2. The VPN is constructed by executing Phase 1 that is the processing of S101 to S112 and Phase 2 that is the processing of S113 to S116. That is, in order to construct a VPN between two routers, PSK must be set between the router 2 and the router 6. When the VPN is constructed, a security protocol, an encryption key, and an encryption algorithm are stored in association with the SAD start and end addresses stored in the storage units of the router 2 and the router 6. At this time, an SPI for identifying the SA is given to the SA. Two SAs are created: the SA of the encrypted packet transmitted from the router 2 to the router 6 and the SA of the encrypted packet transmitted from the router 6 to the router 2.

[Aggressive mode]
The aggressive mode will be described with reference to FIG. In S201, the router 2 generates a random number. When the generation of random numbers is completed, the process proceeds to S202.

  In S202, the router 2 transmits an ISAKMP SA generation request. This ISAKMP SA generation request includes the random number generated in S201. When the ISAKMP SA generation request is transmitted, the process proceeds to S203.

  In S203, the router 6 generates a random number. When the random number is generated, the process proceeds to S204.

  In S204, the router 6 authenticates the parameters included in the ISAKMP SA generation request. If it is determined to authenticate this parameter, a packet notifying acceptance of generation of ISAKMP SA is transmitted to the router 2. This notification packet includes the random number generated in S203 and the hash value generated from the PSK preset between the router 2 and the router 6. When the notification packet is transmitted to the router 2, the process proceeds to S205.

In S205, the router 2 determines that the communicating router is the router in the processing of S201 to S204 based on the hash value included in the received notification packet and the IP address of the router 6 assigned to the transmission source address. 6 is authenticated. If it is determined that the communicating router is the router 6, the process proceeds to S206.

  In S206, the router 2 generates a common key from a random number included in the received notification packet. When the generation of the common key ends, the process proceeds to S207.

  In S <b> 207, the router 2 transmits to the router 6 an authentication packet including a hash value generated from PSK set in advance between the router 2 and the router 6. When the transmission of the authentication packet ends, the process proceeds to S208. This hash value is encrypted with the common key generated in S206.

  In S208, based on the hash value included in the authentication packet and the IP address of the router 2 assigned to the transmission source address, the router 6 determines that the router in communication is the router 2 in the processing of S201 to S204. Authenticate. If it is determined that the communicating router is the router 6, the phase 1 in the aggressive mode is terminated, and the process proceeds to the phase 2.

  Returning to FIG. 5, the description will be continued. In the following description, description will be given with reference to FIG. In S <b> 3, the VPN control unit of the router 2 receives an unencrypted packet from the PC 7. As shown in FIG. 9A, this packet is a packet in which the IP address of the PC 8 is designated as the destination IP address and the IP address of the PC 7 is designated as the source IP address. A description will be given assuming that data according to RTP (Real-time Transport Protocol) is included in the payload portion of this packet. When the VPN control unit of the router 2 receives the packet transmitted from the PC 7, the process proceeds to S4.

  In S <b> 4, the VPN control unit of the router 2 refers to the SPD stored in the storage unit of the router 2. It is determined whether there is an SP that matches the destination IP address of the packet transmitted from the PC 7, the IP address of the transmission source, and the protocol of the payload portion. If it is determined that there is an SP, it is determined that a packet is transmitted to the destination PC 8 by the communication method indicated by the operation of the SP. If there is no SP, it is determined that no packet is transmitted to the destination PC 8. In the following description, it is assumed that IPSec is stored in the SP operation and a packet is transmitted by encrypted communication. If it is determined that the packet is transmitted by encrypted communication, the SAD is referred to. Next, the encryption key and the encryption algorithm are extracted from the SA that has the destination IP address given to the packet, the IP address of the transmission source, and the protocol of the payload portion, and the start address is the IP address of the router 2 To do. Next, the packet transmitted from the PC 7 is encrypted with this encryption key and encryption algorithm. The IP address of the destination router, the IP address of the transmission source router, and the SPI specified by the SA are assigned to the encrypted packet. The IP address of the router 6 which is the end point address is given to the address of the destination router. The IP address of the router 2 that is the start point address is given to the address of the transmission source router. When the encryption is completed, the process proceeds to S5. FIG. 9B shows an encrypted packet. The end point address, start point address, and SPI are added to the encrypted packet. In the following description, an encryption key and an encryption method used between the router 2 and the router 6 are a first encryption key and a first encryption algorithm, respectively. The address of the destination router is stored in advance in the storage unit as the SA end point address. That is, if the IP address of the destination router is not stored in the storage unit, encrypted communication with the router cannot be performed.

  In S <b> 5, the VPN control unit of the router 2 transmits the encrypted packet to the VPN control unit of the router 6. The encrypted packet is transmitted to the VPN control unit of the router 6 via the VPN constructed in S1. The VPN control unit of the router 6 receives the encrypted packet transmitted from the VPN control unit of the router 2. When the VPN control unit of the router 6 receives the encrypted packet, the process proceeds to S6. In the following description, the encrypted packet is referred to as an encrypted packet. The process of receiving the encrypted packet of the VPN control unit of the router 6 shown in S6 is an example of the receiving means of the present invention.

  In S6, the VPN control unit of the router 6 that has received the encrypted packet transmitted from the VPN control unit of the router 2 refers to the SPI assigned to the encrypted packet, refers to the first encryption key, and the first encryption algorithm. Is extracted from the SAD stored in the storage unit of the router 6. The encrypted packet is decrypted with the first encryption key and the first encryption algorithm. When the decoding is completed, the process proceeds to S7. The decrypted packet is the same as the packet transmitted from the PC 7 shown in FIG. The process of S6 is an example of the decoding means of the present invention.

  In S <b> 7, the VPN control unit of the router 6 stores the source address, destination address, protocol, and packet size included in the decrypted packet in the storage unit of the router 6. This process will be described later. That is, the IP address of the PC 7 is a source address, the IP address of the PC 8 is a destination address, RTP which is a protocol of data included in the payload portion is a protocol, and the size of data included in the payload portion is a packet size. When each item included in the decrypted packet is stored in the storage unit, the process proceeds to S8.

  In S <b> 8, the VPN control unit of the router 6 refers to the SPD stored in the storage unit of the router 6. It is determined whether there is an SP that matches the destination IP address of the packet transmitted from the PC 7, the IP address of the transmission source, and the protocol of the payload portion. If it is determined that there is an SP, it is determined that a packet is transmitted to the destination PC 8 by the communication method indicated by the operation of the SP. If there is no SP, it is determined that no packet is transmitted to the destination PC 8. If it is determined that the packet is transmitted by encrypted communication, the SAD is referred to. Next, the encryption key and the encryption algorithm are extracted from the SA whose IP address is the IP address of the router 6 that matches the destination IP address, transmission source IP address, and payload part protocol assigned to the packet. To do. The packet transmitted from the PC 7 is encrypted using this encryption key and encryption algorithm. It matches the destination IP address, the source IP address, and the payload protocol assigned to the packet decoded in S6, and the start point address is stored in the end point address from the SA that is the IP address of the router 6. Extract the IP address of the router. The IP address of the destination router, the IP address of the transmission source router, and the SPI specified by the SA are assigned to the encrypted packet. The address of the destination router is the IP address of the router 3 that is the extracted end point address, and the address of the source router is the IP address of the router 6 that is the start point address. When the encryption is completed, the process proceeds to S9. In the following description, an encryption key and an encryption algorithm used between the router 6 and the router 3 are referred to as a second encryption key and a second encryption algorithm, respectively. The process of S8 is an example of the extracting means of the present invention.

  In S <b> 9, the VPN control unit of the router 6 transmits the encrypted packet to the VPN control unit of the router 3. When the transmission of the encrypted packet is completed, the process proceeds to S10.

  In S10, the VPN control unit of the router 3 that has received the encrypted packet transmitted from the VPN control unit of the router 6 refers to the SPI assigned to the encrypted packet, and the second encryption key and the second encryption algorithm. Is extracted from the SAD stored in the storage unit of the router 3. The encrypted packet is decrypted with the second encryption key and the second encryption algorithm. When the decoding is completed, the process proceeds to S11.

  In S11, the VPN control unit of the router 3 refers to the destination address included in the header of the decrypted packet and transmits the packet to the PC 8.

[Operation when the processing load on the router is heavy]
A sequence when the load increases will be described with reference to FIG. In S21, the load monitoring unit of the router 6 detects the current load based on the amount of packets stored in the storage unit. The load detection process in S21 is periodically executed. Specific processing for load detection will be described later. When the current load is detected, the process proceeds to S22. The process of S21 is an example of the detection means of the present invention.

  In S22, the load monitoring unit determines whether the load is greater than a threshold value. This threshold value is set in advance and stored in the storage unit of the router 6. If it is determined that the detected load is greater than the threshold, the process proceeds to S23. When it is determined that the detected load is smaller than the threshold value, encrypted communication is performed in a hub-and-spoke manner. The process of S22 is an example of the determination means of the present invention.

  In S23, the load monitoring unit transmits a switching request to the switching control unit. The switching request is a request for encrypted communication without using the router 6. When the switching request is transmitted to the switching control unit, the process proceeds to S24.

  In S <b> 24, the switching control unit that has received the switching request acquires from the storage unit of the router 6 a switching target for encrypted communication without using the router 6. The switching target is any two of routers 2 to 5. Specifically, the transmission source address, the destination address, the start point address, and the end point address are extracted as information to be switched. Specific switching target acquisition processing will be described later. When extraction of the switching target is completed, the process proceeds to S25. In the following description, the switching target is described as the router 2 and the router 3. Further, the router 6 is not included in the switching target.

  In S25, the switching control unit generates PSK. This PSK is used when a VPN is constructed between the router 2 and the router 3. This PSK is different from the PSK used when constructing the VPN in S1 and S2. When the generation of PSK ends, the process proceeds to S26. PSK is an example of the authentication parameter of the present invention. The process of S25 is an example of the generation unit of the present invention.

  In S26, the switching control unit generates two connection information packets. The connection information packet includes the created PSK, the address of PC 7, the address of PC 8, the IP addresses of router 2 and router 3 in the payload portion. When the generation of the connection information packet is completed, the process proceeds to S27. The connection information packet is an example of VPN construction information according to the present invention.

  In S27, the switching control unit transmits two connection information packets to the VPN control unit of the router 6, and the process proceeds to S28.

  In S28, the VPN control unit of the router 6 that has received the two connection information packets refers to the SAD stored in the storage unit and encrypts the connection information packet. One connection information packet is encrypted with the first encryption key and the first encryption algorithm. The other connection information packet is encrypted with the second encryption key and the second encryption algorithm. When the encryption of the connection information packet is completed, the process proceeds to S29.

  In S29, the VPN control unit of the router 6 gives the IP address of the router 2 and the SPI to the connection information packet encrypted with the first encryption key and the first encryption algorithm. The VPN control unit of the router 6 transmits the IP address of the router 2 and the connection information packet to which the SPI is assigned to the VPN control unit of the router 2 via the VPN established between the router 2 and the connection information packet. The VPN control unit of the router 6 gives the IP address of the router 3 and the SPI to the connection information packet encrypted by the second encryption key and the second encryption method. The VPN control unit of the router 6 transmits the connection information packet provided with the IP address of the router 3 and the SPI to the VPN control unit of the router 3 via the VPN established between the router 3 and the router 3. When the transmission of the connection information packet is completed, the process proceeds to S30. The process of S29 is an example of the transmission means of the present invention.

  In S30, the VPN control unit of the router 2 and the router 3 that has received the encrypted connection information packet refers to the SPI assigned to the encrypted connection information packet, and includes the first encryption key and the first encryption key. The encryption algorithm or the second encryption key and the second encryption algorithm are extracted from the SA stored in the storage unit. The connection information packet encrypted using the first encryption key and the first encryption algorithm, or the second encryption key and the second encryption algorithm is decrypted. When decoding of the connection information packet ends, the process proceeds to S31.

  In S31, the VPN control unit of the router 2 extracts the SA based on the IP address of the PC 7, the IP address of the PC 8, and the IP address of the router 3 included in the decrypted connection information packet. Specifically, the VPN control unit of the router 2 is configured such that the destination address includes the IP address of the PC 7 and the source address includes the IP address of the PC 8, the IP address of the PC 8 as the destination address, and the PC 7 as the source address. The SA including the IP address is extracted. A switched flag is assigned to the extracted SA. Next, the VPN control unit of the router 2 newly creates an SA. The newly created SA destination address, source address, and protocol are the same as the extracted SA destination address, source address, and protocol. In the newly created SA, the IP address of the router 3 is stored in one of the end point address and the start point address, and the IP address of the router 2 is stored in the other. On the other hand, the VPN control unit of the router 3 extracts the SA based on the IP address of the PC 7, the IP address of the PC 8, and the IP address of the router 2 included in the decrypted connection information packet. Specifically, the VPN control unit of the router 3 includes the SA including the IP address of the PC 7 in the destination address and the IP address of the PC 8 in the source address, the IP address of the PC 8 in the destination address, and the PC 7 in the source address. The SA including the IP address is extracted. A switched flag is assigned to the extracted SA. Next, the VPN control unit of the router 3 newly creates an SA. The newly created SA destination address, source address, and protocol are the same as the extracted SA destination address, source address, and protocol. In the newly created SA, the IP address of the router 2 is stored in one of the end point address and the start point address, and the IP address of the router 3 is stored in the other. When the creation of a new SA and the assignment of the switched flag are completed, the process proceeds to S32.

  In S <b> 32, the VPN control unit of the router 2 constructs a VPN between the router 2 and the router 3 using PSK included in the connection information packet. The PSK is included in the connection information packet and is stored in the storage unit in association with the IP addresses of the router 2 and the router 3. This VPN construction process is the same as the process of S1. When the VPN construction is completed, the VPN control unit of the router 2 and the router 3 assigns the encryption key, the encryption algorithm, and the SPI created in the VPN construction process to the newly created SA in S31. When the assignment of the encryption key, encryption algorithm, and SPI ends, the process proceeds to S33. In the following description, the encryption key and the encryption algorithm generated in the process of S32 are referred to as a third encryption key and a third encryption algorithm.

  In S <b> 33, the VPN control unit of the router 2 transmits a switch completion notification to the VPN control unit of the router 6. This switching completion notification is a notification indicating that a VPN has been established between the router 2 and the router 3. When the switch completion notification is transmitted, the process proceeds to S34.

  In S34, the VPN control unit of the router 6 stores the switching target in the storage unit. That is, information indicating the router that transmitted the connection information packet is stored in the storage unit. Specifically, the IP address of the PC 7 and PC 8 is stored in the destination address and the source address, and the flag is switched to the SA to which the IP address of the router 2 or the router 3 is assigned as the start address or the end address. Stand up. When the switched flag is set, the process proceeds to S35.

  In S <b> 35, the VPN control unit of the router 2 receives an unencrypted packet from the PC 7. As shown in FIG. 9A, this packet is a packet in which the IP address of the PC 8 is designated as the destination address. When the packet transmitted from the PC 7 is received, the process proceeds to S36.

  In S36, the VPN control unit of the router 2 refers to the IP address specified as the destination address and the SPD stored in the storage unit, and determines to transmit the packet to the destination PC 8 by encrypted communication. . When it is determined that the packet is to be transmitted by encrypted communication, the SA that is stored in the storage unit and that has not been given the switched flag is referred to. Since the end point address of the SA is the IP address of the router 3, the third encryption key and the third encryption algorithm are extracted from the SA. Next, the packet transmitted from the PC 7 is encrypted with the third encryption key and the third encryption algorithm. A destination address, a start point address, and an SPI are added to the header of the encrypted packet. The IP address of the router 3 is designated as the destination address, and the IP address of the router 2 is designated as the start point address. When the encryption is completed, the process proceeds to S37.

  In the process of S37, the VPN control unit of the router 2 transmits the encrypted packet to the VPN control unit of the router 3. When the transmission of the encrypted packet is completed, the process proceeds to S38.

  In S <b> 38, the VPN control unit of the router 3 receives the encrypted packet transmitted from the router 2. Next, the third encryption key and the third encryption algorithm are extracted from the SPI assigned to the header of the encrypted packet, and the encrypted packet is decrypted. When the decoding is completed, the process proceeds to S39.

  In S39, the VPN control unit of the router 3 transmits the packet to the PC 8 according to the destination IP address specified in the decrypted packet.

[Load detection processing]
With reference to FIG. 10, the load detection process which is a process of the load monitoring part of the router 6 is demonstrated. In S301, the timer is set to zero. When the timer is set to zero, the process proceeds to S302.

  In S302, the packets decoded in S6 shown in FIG. 5 are extracted in the order decoded in S6. When the extraction of the decrypted packet is completed, the process proceeds to S303. The packet received by the router 6 in S5 shown in FIG. Next, the decrypted packet is encrypted by the CPU 21. The conversion process in which the CPU 21 decrypts and encrypts the packet received by the router 6 is the process of decrypting the data of the present invention and the conversion process of encrypting the data. The burden placed on the CPU 21 by this conversion processing is an example of the conversion processing load of the present invention.

  In S303, it is determined whether or not the protocol of data included in the payload portion of the extracted packet is a protocol that requires real-time characteristics. Examples of protocols that require real-time performance include RTP, UDP (User Datagram Protocol), and RTSP (Real Time Streaming Protocol). If it is determined that there is real-time property, the process proceeds to S304. If it is determined that there is no real-time property, the process proceeds to S305.

  In S304, the table 1 stored in the storage unit of the router 6 is selected. FIG. 11 shows the contents of Table 1. As shown in FIG. 11, the table 1 stores items of destination address, transmission source address, protocol, bps measurement field, and bps field as one record. When the selection of table 1 is completed, the process proceeds to S306.

  In S305, the table 2 stored in the storage unit of the router 6 is selected. FIG. 12 shows the contents of Table 2. As shown in FIG. 12, the table 2 records items of a destination address, a transmission source address, a protocol, a bps measurement field, and a bps field as one record. When the selection of table 2 is completed, the process proceeds to S306.

  In S306, it is determined whether there is a record in Table 1 or Table 2 that matches the destination address, the source address, and the protocol. If it is determined that there is a record, the process proceeds to S307. If it is determined that there is no record, the process proceeds to S308.

  In S307, the bps measurement field of the matched record is updated. Specifically, the data size of the payload portion of the decoded packet is added to the value of the bps measurement field. When the update is completed, the process proceeds to S309.

  In S308, a new record is registered in Table 1 or Table 2 in accordance with the protocol of the data included in the payload portion. When registration is completed, the data size of the payload portion of the decoded packet is added to the value of the bps measurement field. When registration of a new record is completed, the process proceeds to S309.

  In S309, it is determined whether or not the timer has elapsed for 1 second. If it is determined that one second has elapsed, the process proceeds to S310. If it is determined that one second has not elapsed, the process proceeds to S302.

  In S310, all the values of the bps measurement fields in Table 1 and Table 2 are overwritten in the corresponding bps field. Next, the sum of the bps field for each table is calculated. Next, the sum of the bps fields of Table 1 and the sum of the bps fields of Table 2 are added to calculate the sum of all bps fields. When the sum of all bps fields is calculated, the process proceeds to S311. The sum of all bps fields is an example of the conversion processing load of the present invention.

  In S311, the values of all bps measurement fields in Table 1 and Table 2 are set to zero. When all the bps measurement fields are set to zero, the process proceeds to S301.

[Switch target decision processing]
With reference to FIG. 13, the load monitoring unit of the router 6 and the switching target determination process of the switching control unit will be described. In S401, it is determined whether or not the traffic exceeds a threshold value. Specifically, in S310 shown in FIG. 10, it is determined whether or not the sum of all the bps fields calculated exceeds a predetermined threshold value. If it is determined that the threshold value is exceeded, the process proceeds to S402. If it is determined that it has not exceeded, the process proceeds to S401. The process of S401 is the process of S22 shown in FIG.

  In S402, the load monitoring unit of the router 6 transmits a switching request to the switching control unit. When the transmission of the switching request is completed, the process proceeds to S403. The process of S402 is the process of S23 shown in FIG.

  In S403, the switching control unit determines whether there is a record in the table 1 in which the bps field is not zero. If it is determined that there is a record in the table 1 whose bps field is not zero, the process proceeds to S404. If it is determined that there is no record in the table 1 in which the bps field is not zero, or there is no record in the table 1, the process proceeds to S405.

  In S404, the switching control unit extracts a record in which the bps field of Table 1 is not zero. Next, the sum of the bps field for each router corresponding to the destination address of the extracted record and the source address is calculated. Two routers corresponding to the destination address and the source address are extracted from the SAD. The IP address of the router having the largest calculated sum is extracted from the SAD. Two routers corresponding to these two IP addresses are to be switched. The IP address of the router to be switched, the destination address associated with the IP address of this router in the SA, and the transmission source address are included in the connection information packet described above. When the determination of the switching target is completed, the process proceeds to S401.

  In S405, the switching control unit calculates the sum of the bps field for each router corresponding to the destination address and the source address in Table 2. The IP addresses of the two routers having the largest calculated sum are extracted from the SAD. Two routers corresponding to the IP addresses of the two routers are set as switching targets. The IP address of the router to be switched, the destination address associated with the IP address of this router in the SA, and the transmission source address are included in the connection information packet described above. When the determination of the switching target is completed, the process proceeds to S401. The process of S404 or S405 is the process of S24 shown in FIG.

[Operation when it is detected that the processing load on the router is low]
With reference to FIG. 14, a case will be described in which the router 6 detects that the processing load has decreased in a state where the VPN is constructed between the router 2 and the router 3. In S51, the load monitoring unit of the router 6 detects that the sum of the bps fields of the table 1 and the table 2 stored in the storage unit is equal to or less than a predetermined threshold value. In the process of S310 shown in FIG. 10, when it is detected that the sum of the bps field is equal to or less than a predetermined threshold, the process proceeds to S52.

  In S <b> 52, the load monitoring unit of the router 6 transmits a switching request to the switching control unit of the router 6. When the transmission of the switching request is completed, the process proceeds to S53.

  In S53, the switching control unit of the router 6 refers to the SAD stored in the storage unit of the router 6 in S34 illustrated in FIG. 6, and extracts the SA for which the switched flag is set. The router corresponding to the extracted SA start point address and end point address is extracted as a switched terminal. When the extraction of the switched terminal is completed, the process proceeds to S54. In the following description, the switched terminals will be described as the router 2 and the router 3.

  In S54, the switching control unit of the router 6 generates a disconnection information packet. The disconnection information packet includes the IP addresses of the router 2 and the router 3 in the payload portion. When the generation of the disconnection information packet is completed, the process proceeds to S55. The disconnect information packet is an example of the load reduction notification of the present invention.

  In S55, the disconnection information packet is transmitted to the VPN control unit of the router 6. When the transmission of the disconnection information packet ends, the process proceeds to S56.

  In S <b> 56, the VPN control unit of the router 6 transmits a disconnection information packet to the router 2 and the router 3. When the transmission of the disconnection information packet ends, the process proceeds to S57.

  In S57, the VPN control unit of the router 2 executes a disconnection process. The VPN control unit of the router 2 refers to the IP addresses of the router 2 and the router 3 included in the disconnection information packet, and the SA start point address is the router 2 IP address and the end point address is the router 3 IP address. To extract. The extracted SA is deleted from the SAD. Next, the SA to which the switched flag is assigned, the SA whose start point address is the IP address of the router 2 and the end point address is the IP address of the router 6 are extracted. The switched flag given to the extracted SA is deleted. In S57, the VPN control unit of the router 3 refers to the IP addresses of the router 2 and the router 3 included in the disconnection information packet, and the SA start point address is the router 3 IP address and the end point address is the router 2 IP address. Is extracted. The extracted SA is deleted from the SAD. Next, the SA to which the switched flag is assigned, the SA whose start point address is the IP address of the router 3, and whose end point address is the IP address of the router 6 are extracted. The switched flag given to the extracted SA is deleted. When the cutting process is completed, the process proceeds to S58.

  In S <b> 58, the VPN control unit of the router 2 and the VPN control unit of the router 3 transmit a disconnection completion notification to the router 6. The disconnection completion notification indicates deletion of SA and deletion of the switched flag in S57. When the transmission of the disconnection completion notification is completed, the process proceeds to S59.

  In S59, the switching control unit of the router 6 deletes the switching target. Specifically, the VPN control unit of the router 6 sets the switched flag given to the SAs whose start point address and end point address are the IP addresses of the router 2 and the router 3 among the SAs stored in the storage unit. delete.

  In S60 to S65, the VPN control unit of the router 2 transmits the packet transmitted from the PC 7 to the router 3 by encrypted communication. This process is the same as the process of S3 to S9 shown in FIG. In S66 and S67, the VPN control unit of the router 3 decrypts the encrypted packet transmitted from the router 6, and transmits the decrypted packet to the PC 8. This processing is the same as the processing of S10 and S11 shown in FIG.

[Effect of the embodiment]
According to the router 6 of the present embodiment, when it is determined in S22 that the processing load is large, in S29, at least one of the router 2 and the router 3 is assigned the IP address of the other router, and the connection information packet. Is sent. Thus, the one router that has received the IP address of the other router and the connection information packet can perform encrypted communication with the other router via the VPN without going through the router 6. That is, in the router 6, the conversion processing load of the process of decrypting the packet and the process of encrypting the packet is reduced. Therefore, it is possible to reduce the frequency of occurrence when data to be transmitted to the router 3 is transmitted with a delay or when data to be transmitted to the router 3 is not transmitted.

  According to the router 6 of the present embodiment, the IP address of the other router and the connection information packet are transmitted to one router via the VPN constructed by S1 or S2. Therefore, the IP address and the connection information packet are sent to the router 2, the router 3, and the router 6 rather than the IP address of the other router and the connection information packet being transmitted to one router without going through the VPN. It is possible to suppress leakage to other devices.

  According to the router 6 of the present embodiment, a PSK different from the PSK used for authentication of the communication partner when the VPN is constructed by the process of S1 or the process of S2 is generated in S25. That is, the authentication parameter is newly generated by the router 6. If PSK is included in the connection information packet, the same PSK used for authentication of the communication partner when the VPN is constructed by the processing of S1 or the processing of S2, router 2, router 3, and router 6 are the same. PSK will be held. If PSK is held in a plurality of routers, it may not be possible to uniquely authenticate with a router that constructs a VPN. On the other hand, according to the router 6 of the present embodiment, a PSK different from the PSK used for authentication of the communication partner when the VPN is constructed by the process of S1 or the process of S2 is generated. This PSK is transmitted to the router 2 and the router 3 and is used for authentication of a communication partner when a VPN is constructed between the router 2 and the router 3. Therefore, the router 2, the router 3, and the router 6 are not authenticated by the same PSK. Therefore, each router can be uniquely authenticated. At the same time, since the PSK is generated in the router 6, the management of the PSK is facilitated. Therefore, the accuracy of authentication of the communication partner when the router 2 and the router 3 construct the VPN can be increased, and the management of the PSK can be facilitated.

  According to the router 6 of the present embodiment, the IP address and connection information packet of the other router are transmitted to the router 2 and the router 3 that transmit and receive data requiring real-time property. Data used for voice communication and the like is required to have real-time properties. Encrypted communication between the router 2 and the router 3 including a large amount of data requiring real-time performance is executed without the router 6. Therefore, it is possible to reduce the occurrence frequency when data requiring real-time property to be transmitted to the router 3 is transmitted with a delay, or when data requiring real-time property to be transmitted to the router 3 is not transmitted. .

  According to the router 6 of the present embodiment, when the router 6 determines that the processing load is smaller than a predetermined threshold, the router 6 transmits a disconnection information packet to the router 2 and the router 3 that transmitted the connection information packet. The router 2 and the router 3 that have received the disconnection information packet can perform encrypted communication via the router 6 again. This reduces the frequency of occurrence of encrypted communication via the router 6, when data to be transmitted to the router 3 is delayed, or when data to be transmitted to the router 3 is not transmitted. I can do it.

[Modification 1]
In the present embodiment, the PC is connected to the routers 2 to 5 and transmits the packet, but a terminal device such as an IP telephone smartphone may be connected to the routers 2 to 5 and transmit the packet. Further, a terminal device such as an analog telephone may be connected to the routers 2 to 5, and the routers 2 to 5 may convert signals from the analog telephones into digital data. This digital data constitutes a packet.

[Modification 2]
In the present embodiment, PSK is generated in the processing of S25, but it is not necessary to newly generate PSK. In S26, the switching control unit of the router 6 generates the connection information packet including the IP addresses of the router 2 and the router 3 and the PSK used for the authentication between the router 3 and the router 6 in the process of S2. good. The VPN control unit encrypts the connection information packet and transmits it to the router 2 in S28. The router 2 transmits an ISAKMP SA generation request to the router 3 based on the IP address of the router 3, and constructs a VPN based on the PSK when the VPN is constructed between the router 3 and the router 6. Thereby, even if the router 6 does not transmit the connection information packet to the router 3, a VPN is constructed between the router 2 and the router 3. Similarly, in S26, the switching control unit of the router 6 generates a connection information packet including the IP addresses of the router 2 and the router 3 and the PSK used for the authentication between the router 2 and the router 6 in the processing of S1. You may do it. The router 6 may transmit this connection information packet only to the router 3.

[Modification 3]
In the present embodiment, in S26, the VPN control unit of the router 6 includes the IP addresses of the PC 7, PC 8, the router 2, and the router 3, and the PSK in the connection information packet, but the present invention is not limited to this. In the process of S25, the VPN control unit of the router 6 may generate an encryption algorithm together with PSK, and include the IP addresses, PSK, and encryption algorithms of the PC 7, PC 8, router 2, and router 3 in the connection information packet. As a result, it is possible to omit the process of determining the encryption algorithm in the process of phase 2 in the VPN construction of S32. Similarly, the connection information packet may include mode designation information that designates whether the phase 1 process is executed in the main mode or the aggressive mode.

[Modification 4]
In the present embodiment, the connection information packet includes the PSK created in S25 and the IP addresses of the PC 7, PC 8, router 2, and router 3 in the payload portion, but is not limited thereto. In S404 or S405 shown in FIG. 13, the sum of the destination address, the source address, and the bps field for each protocol in Table 1 or Table 2 is calculated. Next, the destination address having the largest sum calculated for each protocol and the IP address of the router corresponding to the source address are extracted from the SAD. Two routers corresponding to these two IP addresses are to be switched. These two routers will be described as being a router 2 and a router 3. The connection information packet includes the PSK created in S25, the IP addresses of the PC 7, PC 8, router 2, and router 3, and the protocol. In S31, the VPN control unit of the router 2 extracts the SA based on the IP address of the PC 7, the IP address of the PC 8, the IP address of the router 3 and the protocol included in the decrypted connection information packet. Specifically, the VPN control unit of the router 2 includes the SA including the IP address of the PC 7 as the destination address, the IP address of the PC 8 as the source address, and the upper layer protocol that matches the protocol included in the connection information packet, and the destination. The IP address of the PC 8 is extracted as the address, the IP address of the PC 7 as the transmission source address, and the SA including the upper layer protocol that matches the protocol included in the connection information packet. A switched flag is assigned to the extracted SA. Next, the VPN control unit of the router 2 newly creates an SA. The newly created SA destination address, source address, and protocol are the same as the extracted SA destination address, source address, and protocol. In the newly created SA, the IP address of the router 3 is stored in one of the end point address and the start point address, and the IP address of the router 2 is stored in the other. On the other hand, the VPN control unit of the router 3 extracts the SA based on the IP address of the PC 7, the IP address of the PC 8, the IP address of the router 2, and the protocol included in the decrypted connection information packet. Specifically, the VPN control unit of the router 3 includes an IP address of the PC 7 as the destination address, an IP address of the PC 8 as the transmission source address, and an SA including an upper layer protocol that matches the protocol included in the connection information packet, The IP address of the PC 8 is extracted as the address, the IP address of the PC 7 as the transmission source address, and the SA including the upper layer protocol that matches the protocol included in the connection information packet. A switched flag is assigned to the extracted SA. Next, the VPN control unit of the router 3 newly creates an SA. The newly created SA destination address, source address, and protocol are the same as the extracted SA destination address, source address, and protocol. In the newly created SA, the IP address of the router 2 is stored in one of the end point address and the start point address, and the IP address of the router 3 is stored in the other. Thereby, when the processing load of the router 6 is large, encrypted communication is performed without passing through the router 6 for each protocol included in the payload portion of the packet transmitted from the PCs 7 to 10.

[Modification 5]
In the present embodiment, the monitoring unit of the router 6 decrypts the encrypted packet transmitted from the other router, and the data amount of the payload part is tabled according to the destination address, the source address, and the protocol of the decrypted packet. 1 or table 2 is stored, but the present invention is not limited to this. The monitoring unit of the router 6 may store the destination address, source address, and protocol of the decoded packet in one table. In this case, the process of S403 shown in FIG. 13 is not executed, and the largest destination address in the bps field stored in one table and the PC or router associated with the transmission source address are to be switched.

[Modification 6]
In this embodiment, the PSK is associated with the IP address of the router and stored in each router. However, any information that identifies the router such as fqdn (Fully Qualified Domain Name) may be used. When the phase 1 process is performed in the main mode, the hash value generated from the PSK is encrypted. Therefore, the information specifying the router is only the IP address. Therefore, when this IP address is a dynamic IP address, authentication cannot be performed. That is, when the IP address of the router is a dynamic IP address, information for specifying a router other than the IP address is used. Specific information such as fqdn may be used as information for specifying a router other than the IP address. Therefore, specific information such as fqdn is included in the connection information packet. When authentication is performed in the aggressive mode, the IP address may be a dynamic IP address. If the authentication is performed in the aggressive mode and the information for specifying the router is an IP address, the specific information such as fqdn may not be included in the connection information packet.

[Modification 7]
In the present embodiment, it is determined whether the processing load is greater than the threshold by determining whether the sum of all bps fields calculated in S310 exceeds a predetermined threshold. It is not limited to this. The CPU of the router 6 converts the packet transmitted from the PC connected to the router 6 in addition to the conversion process for decrypting and encrypting the packet transmitted from the other router and received by the router 6. Processing load such as processing load, conversion processing load for encrypting and decrypting a packet to be transmitted to a PC connected to the router 6, routing processing load for transmitting / receiving a packet that is not encrypted and transmitted to the PC connected to the router 6 It may be determined whether or not the total sum exceeds a predetermined threshold value. The total processing load is an example of the processing load of the present invention.

[Modification 8]
In the present embodiment, PSK is used, but the present invention is not limited to this. In S25, the switching control unit of the router 6 generates a secret key and a public key instead of PSK. In S 26, the private key is included in the connection information packet transmitted to the router 3, and the public key is included in the connection information packet transmitted to the router 2. In S32, the VPN control unit of the router 2 and the router 3 may construct the VPN using the public key and the secret key. This public key and secret key are examples of the authentication parameter of the present invention.

1 Encrypted communication system 2-6 Router 7-10 PC
21 CPU
22 Memory means

Claims (8)

A relay device that performs encrypted communication with a plurality of communication devices,
Storage means for storing IP addresses of the plurality of communication devices;
First construction means for constructing a VPN with a first communication device of the plurality of communication devices;
Receiving means for receiving encrypted data via the VPN constructed by the first construction means;
Decryption means for decrypting the encrypted data received by the reception means;
Extracting means for extracting from the storage means the IP address of the second communication device that transmits the data received by the receiving means from the IP address of the destination specified in the data decoded by the decoding means;
Second construction means for constructing a VPN with the second communication device;
Detection means for detecting a processing load including a conversion processing load of a process of decrypting data and a process of encrypting data;
Determination means for determining whether the processing load detected by the detection means is greater than a threshold;
When the determination unit determines that the processing load is large, at least one of the first communication device and the second communication device includes the IP address of the other communication device and the first communication device. Transmission means for transmitting VPN construction information including authentication parameters used for authentication of a communication partner when a VPN is constructed between the second communication apparatus and the second communication device;
A relay device comprising: The transmission means transmits the IP address of the other communication device and the VPN construction information via a VPN constructed by at least one construction means of the first construction means and the second construction means. The relay device according to claim 1. Generating means for generating the authentication parameter different from the parameter used for authentication of the communication partner when the VPN is constructed by the first construction means and when the VPN is constructed by the second construction means;
The relay device according to claim 1, wherein the transmission unit transmits the authentication parameter generated by the generation unit to the other communication device. The detection means detects, as part of the processing load, a conversion processing load of data that requires real-time property among the data included in the decrypting process and the encrypting process,
When the determination unit determines that the processing load is large, the transmission unit transmits and receives data that requires real-time property among the plurality of communication devices, and the second communication device. The relay apparatus according to claim 1, wherein an IP address of the other communication apparatus and the VPN construction information are transmitted to at least one of the communication apparatuses. When the determination unit determines that the processing load detected by the detection unit is smaller than a threshold after the determination unit determines that the processing load is large, the transmission unit and the second communication unit The relay apparatus according to claim 1, wherein a load reduction notification is transmitted to the apparatus. An encryption communication system in which a plurality of communication devices perform encrypted communication via a relay device,
The relay device is
Storage means for storing IP addresses of the plurality of communication devices;
First construction means for constructing a VPN with a first communication device of the plurality of communication devices;
A relay device receiving means for receiving the encrypted data via the VPN constructed by the first construction means;
Decoding means for decoding data received by the relay device receiving means; and a second communication device for transmitting data received by the relay device receiving means from an IP address of a destination designated in the data decoded by the decoding means Extracting means for extracting the IP address of the storage means from the storage means;
Second construction means for constructing a VPN with the second communication device;
Detection means for detecting a processing load including a conversion processing load of a process of decrypting data and a process of encrypting data;
Determination means for determining whether the processing load detected by the detection means is greater than a threshold;
When the determination unit determines that the processing load is large, at least one of the first communication device and the second communication device includes the IP address of the other communication device and the first communication device. And VPN construction information including an authentication parameter used for authentication of a communication partner when a VPN is constructed between the second communication device and the second communication device;
With
At least one of the first communication device and the second communication device is:
A communication device receiving means for receiving the IP address of the other communication device and the VPN construction information;
A communication device specified by the IP address of the other communication device received by the communication device reception means; a communication device construction means for constructing a VPN based on the authentication parameter;
Communication device transmission means for transmitting data encrypted via the VPN constructed by the communication device construction means to the other communication device;
An encryption communication system comprising: An encryption communication method used for a relay device that performs encrypted communication with a plurality of communication devices,
A receiving step of receiving encrypted data via a VPN established with a first communication device of the plurality of communication devices;
A decoding step of decoding the data received by the receiving step;
Storage means for storing the IP address of the second communication device that transmits the data received by the receiving step from the IP address of the destination specified in the data decoded by the decoding step, and the IP addresses of the plurality of communication devices An extraction step to extract from,
A detection step of detecting a processing load including a conversion processing load of a process of decrypting data and a process of encrypting data;
A determination step of determining whether the processing load detected by the detection step is greater than a threshold;
If it is determined in the determination step that the processing load is large, at least one of the first communication device and the second communication device is assigned an IP address of the other communication device, and the first communication device. Transmitting VPN construction information including authentication parameters used for authentication of a communication partner when a VPN is constructed between the second communication device and the second communication device; and
An encrypted communication method comprising: In a computer that controls a relay device that performs encrypted communication with a plurality of communication devices,
A first construction step of constructing a VPN with a first communication device of the plurality of communication devices;
A receiving step of receiving encrypted data via the VPN constructed by the first construction step;
A decoding step of decoding the data received by the receiving step;
The IP address of the second communication device that transmits the data received by the first reception step from the IP address of the destination specified in the data decrypted by the decryption step, and the IP addresses of the plurality of communication devices are stored. An extraction step of extracting from the storage means;
A detection step of detecting a processing load including a conversion processing load of a process of decrypting data and a process of encrypting data;
A determination step of determining whether the processing load detected by the detection step is greater than a threshold;
If it is determined in the determination step that the processing load is large, at least one of the first communication device and the second communication device is assigned an IP address of the other communication device, and the first communication device. Transmitting VPN construction information including authentication parameters used for authentication of a communication partner when a VPN is constructed between the second communication device and the second communication device; and
An encrypted communication program characterized in that

Images