KR101591306B1 - Method and apparatus for communication using virtual MAC address - Google Patents

Method and apparatus for communication using virtual MAC address Download PDF

Info

Publication number
KR101591306B1
KR101591306B1 KR1020150057902A KR20150057902A KR101591306B1 KR 101591306 B1 KR101591306 B1 KR 101591306B1 KR 1020150057902 A KR1020150057902 A KR 1020150057902A KR 20150057902 A KR20150057902 A KR 20150057902A KR 101591306 B1 KR101591306 B1 KR 101591306B1
Authority
KR
South Korea
Prior art keywords
node
mac address
virtual mac
shared key
communication
Prior art date
Application number
KR1020150057902A
Other languages
Korean (ko)
Inventor
김은기
안재원
이재원
최범진
Original Assignee
한밭대학교 산학협력단
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 한밭대학교 산학협력단 filed Critical 한밭대학교 산학협력단
Priority to KR1020150057902A priority Critical patent/KR101591306B1/en
Application granted granted Critical
Publication of KR101591306B1 publication Critical patent/KR101591306B1/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0838Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these
    • H04L9/0841Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these involving Diffie-Hellman or related key agreement protocols
    • H04L61/20
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/30Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
    • H04L9/3006Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy underlying computational problems or public-key parameters
    • H04L9/3013Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy underlying computational problems or public-key parameters involving the discrete logarithm problem, e.g. ElGamal or Diffie-Hellman systems

Abstract

The present invention relates to a communications method and a communications apparatus using a virtual MAC address, and more particularly, to a communications method and a communications apparatus using a virtual MAC address, which generate a predetermined public key through public code exchange between both nodes on a communications network, and then allocate a portion of the generated public key as a virtual MAC address for both nodes to perform communications. According to an embodiment, a communications method between a first node and a second node on a communications network comprises the steps of: generating a predetermined public key shared between the first node and the second node; generating a first virtual MAC address for the first node using a first portion of the public key; generating a second virtual MAC address for the second node using a second portion of the public key; and performing communications between the first node and the second node, using the first virtual MAC address and the second virtual MAC address.

Description

TECHNICAL FIELD [0001] The present invention relates to a communication method and apparatus using a virtual MAC address,

The present invention relates to a communication method and apparatus using a virtual MAC address, and more particularly, to a communication method and apparatus using a virtual MAC address, To a communication method and apparatus using a virtual MAC address that performs communication by allocating a virtual MAC address for both nodes.

With the generalization of communication services in recent years, there are various types of problems such as leakage of personal information due to hacking, network failure, financial accidents, and so on.

There are various kinds of hacking methods, but ARP (Address Resolution Protocol) spoofing, Denial-on-Service (DoS), and Distributed Denial-on-Service (DDoS) are examples of major hacking techniques for the network . For example, ARP spoofing can manipulate information on the ARP cache table of a switch or other network device by forging the MAC address of the attacking target, Refers to a method of detouring traffic between nodes to a third node such as an attacker's computer to obtain predetermined information from the detached traffic. The ARP spoofing technique or the like enables the attacker to acquire predetermined information such as password information about an attack target, to cause a malfunction of the attack target computer, or to disable the attack target.

As a conventional technique for preventing the ARP spoofing attack, if an ARP table of the same local network equipment is scanned and several IPs having the same MAC address are continuously found, an ARP spoofing attack is once performed , And a method of blocking an ARP spoofing attack by checking that an executable file containing malicious code is running on the problematic device. However, since malicious codes and the like constantly change or evolve, the above-mentioned countermeasures can only be temporary measures and can not be a fundamental solution.

In addition to the ARP spoofing attack, there are various hacking techniques that use the MAC address of an attack target. Therefore, a more fundamental scheme for hacking using the MAC address is required, but a proper solution has not been proposed yet have.

Korean Patent Laid-Open Publication No. 10-2011-0060271 (published on June 08, 2011)

SUMMARY OF THE INVENTION It is an object of the present invention to provide a communication method and apparatus capable of preventing an attacker from hacking an attack target communication using a MAC address of an attack target do.

According to an aspect of the present invention,

A method of communication between a first node and a second node in a communication network, the method comprising: generating a predetermined shared key shared between the first node and the second node; Generating a first virtual MAC address for the first node using a first portion of the shared key; Generating a second virtual MAC address for the second node using a second portion of the shared key; And performing communication between the first node and the second node using the first virtual MAC address and the second virtual MAC address.

Generating an encryption key using a third portion of the shared key; And encrypting communication data between the first node and the second node using the encryption key.

The method may further include decrypting communication data between the first node and the second node using the encryption key.

The generating of the shared key may include exchanging a first public code of the first node and a second public code of the second node with each other; And generating the shared key using the first public code and the second public code at the first node and the second node.

At this time, the first node and the second node exchange the first public code and the second public code with each other using a Diffie-Hellman key exchange scheme, And generate the shared key using the second public code.

According to another aspect of the present invention,

A communication device communicating with a second node in a communication network, the communication device comprising: a shared key generation unit generating a shared key shared with the second node; Generating a first virtual MAC address for the communication device using a first portion of the shared key and generating a second virtual MAC address for the second node using a second portion of the shared key, An address generator; And a communication unit for communicating with the second node using the first virtual MAC address and the second virtual MAC address.

An encryption key generation unit generating an encryption key using a third portion of the shared key; And a data encryption unit encrypting communication data to be transmitted to the second node using the encryption key.

The information processing apparatus may further include a data decoding unit decoding the communication data received from the second node using the encryption key.

The shared key generation unit may exchange the first public code of the communication device and the second public code of the second node with each other and then transmit the first public code and the second public code to the communication device and the second node, And generate the shared key using the second public code.

The shared key generation unit may exchange the first public code and the second public code with the second node using a Diffie-Hellman key exchange scheme, And generate the shared key using the second public code.

According to an embodiment of the present invention, after a predetermined shared key is generated through exchange of mutual public codes at both nodes of a communication network, a part of the shared key is allocated as a virtual MAC address for both nodes, It is possible to provide a communication method and apparatus using a virtual MAC address that can prevent an attacker from hacking communication of an attack target using a MAC address of an attack target.

1 is a configuration diagram of a communication system according to an embodiment of the present invention.
2 is a flowchart of a communication method according to an embodiment of the present invention.
FIG. 3 is an explanatory diagram illustrating a shared key generation process according to an embodiment of the present invention.
4 is a configuration diagram of a MAC frame according to an embodiment of the present invention.
5 is a configuration diagram of a MAC frame according to another embodiment of the present invention.
6 is a configuration diagram of a communication apparatus according to an embodiment of the present invention.

BRIEF DESCRIPTION OF THE DRAWINGS The present invention is capable of various modifications and various embodiments, and specific embodiments will be described in detail below with reference to the accompanying drawings.

The following examples are provided to aid in a comprehensive understanding of the methods, apparatus, and / or systems described herein. However, this is merely an example and the present invention is not limited thereto.

DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS Hereinafter, exemplary embodiments of the present invention will be described in detail with reference to the accompanying drawings. In the following description, well-known functions or constructions are not described in detail since they would obscure the invention in unnecessary detail. The following terms are defined in consideration of the functions of the present invention, and may be changed according to the intention or custom of the user, the operator, and the like. Therefore, the definition should be based on the contents throughout this specification. The terms used in the detailed description are intended only to describe embodiments of the invention and should in no way be limiting. Unless specifically stated otherwise, the singular forms of the expressions include plural forms of meanings. In this description, the expressions "comprising" or "comprising" are intended to indicate certain features, numbers, steps, operations, elements, parts or combinations thereof, Should not be construed to preclude the presence or possibility of other features, numbers, steps, operations, elements, portions or combinations thereof.

It is also to be understood that the terms first, second, etc. may be used to describe various components, but the components are not limited by the terms, and the terms may be used to distinguish one component from another .

Hereinafter, exemplary embodiments of a communication method and apparatus using a virtual MAC address according to the present invention will be described in detail with reference to the accompanying drawings.

First, FIG. 1 illustrates a configuration of a communication system 100 using a virtual MAC address according to an embodiment of the present invention.

As shown in FIG. 1, the communication system 100 using a virtual MAC address according to an embodiment of the present invention includes a first node 110 and a second node 110, which perform communication using a virtual MAC address, 120, and a communication network 140 for communication between the first node 110 and the second node 120.

Also, a third node 130 for hacking the communication of the first node 110 may be connected to the communication network 140.

Here, the first node 110, the second node 120, and the third node 130 may be communication equipment such as an exchange, a router, or the like, which are unit components of the communication network 140, A personal computer (PC), a notebook personal computer (PC), or the like, which can be connected to each other, or a portable terminal such as a smart phone, a tablet PC, a PDA, or a mobile phone.

The communication network 140 may include a wired network and a wireless network. The communication network 140 may be a local area network (LAN), a metropolitan area network (MAN), a wide area network (WAN) Network), and the like. Furthermore, the communication network 140 is not limited to the networks listed above, and may include, at least in part, a known wireless data network or a known wired or wireless network.

In FIG. 1, the first node 110 and the second node 120 generate a predetermined shared key through mutual exchange of public codes, and then transmit a part of the shared key to the first node 110 The MAC address of the first node 110 is transmitted to the first node 110 by using the MAC address of the first node 110 by using the third node 130, Can be prevented from being hacked.

2 is a flowchart illustrating a communication method using a virtual MAC address according to an embodiment of the present invention.

2, a communication method using a virtual MAC address according to an exemplary embodiment of the present invention includes a step S210 of generating a predetermined shared key shared between a first node and a second node, Generating a first virtual MAC address for the first node using a first portion of the keys (S220), generating a second virtual MAC address for the second node using the second portion of the shared keys (S240), encrypting the communication data between the first node and the second node using the encryption key (S250), encrypting the first virtual MAC address (S260) communication between the first node and the second node using a second virtual MAC address and a step (S270) of decrypting the communication data between the first node and the second node using the encryption key .

Hereinafter, a communication system 100 and a method using a virtual MAC address according to an embodiment of the present invention will be described in detail with reference to FIG. 1 and FIG.

First, in step S210, a predetermined shared key shared between the first node 110 and the second node 120 is generated. For example, the Diffie-Hellman key exchange (Diffie-Hellman key exchange) may be performed at the first node 110 and the second node 120. For example, ) Method to exchange the first public code and the second public code with each other and then generate the shared key using the first public code and the second public code.

3, the first node 110 and the second node 120 exchange the first public code and the second public code using the Diffie-Hellman key exchange scheme. And then generating the shared key using the first public code and the second public code.

3, the first node 110 generates the first secret code a and the second node 120 generates the second secret code b ((1) in FIG. 3) do.

Then, the first node 110 generates a first public code g a (mod p) from the first secret code a and transfers the generated first public code g a (mod p) to the second node 120, 120 generates a second public code g b (mod p) from the second secret code b and transfers it to the first node 110 (② in FIG. 3). Here, g and p may be values generated in advance and used as public values.

Next, the first node 110 calculates a shared key g ab (mod p) from the received second public code g b (mod p), and similarly the second node 120 3) of the shared key g ab (mod p) from the received first public code g a (mod p), so that the first node 110 and the second node 110 The node 120 can generate and share (④ in FIG. 3) a common shared key g ab (mod p).

Accordingly, the values of the first secret code a, the second secret code b, and the shared key g ab (mod p) are not known except for the first node 110 and the second node 120 do.

In addition, although a method of generating a secret shared key shared between the first node 110 and the second node 120 using the Diffie-Hellman key exchange scheme has been described above, The present invention is not necessarily limited to this and can be applied without any particular limitation as long as it is a method capable of appropriately generating a secret shared key shared between the first node 110 and the second node 120. [

Next, in step S220, a first virtual MAC address for the first node 110 is generated using the first part of the shared keys generated in step S210.

Here, the MAC address is a physical address used for node-to-node delivery in network communication such as Ethernet, and is a unique identifier of a network interface card (NIC) . In this regard, FIG. 4A illustrates a typical structure of a MAC frame, and as shown in FIG. 4A, a MAC address is included in a MAC frame to be used for network communication. At this time, the MAC frame may include a destination MAC address 11 and a sender MAC address 12, and may further include upper protocol type 13 information contained in the data 14 . Generally, a 48 bit value can be used for the destination MAC address 11 and the sender MAC address 12.

As shown in the MAC frame structure according to the prior art shown in FIG. 4A, when an attacker uses the third node 130 or the like to spoof the MAC frame, It is possible to easily identify the sender and the receiver of the MAC frame by referring to the destination MAC address 11 and the sender MAC address 12 included in the MAC frame, And the contents of the data 14 transmitted between the sender and the receiver can also be easily collected.

On the other hand, in the communication method using the virtual MAC address according to the embodiment of the present invention, the first virtual MAC address for the first node 110 from the first part, which is a part of the shared key generated in step S210, . For example, the most significant 48 bits of the shared key generated in step S210 may be used as the first virtual MAC address. Of course, in some cases, a first virtual MAC address for the first node 110 may be calculated through a predetermined process from a first portion of the generated shared key.

In this case, since the attacker can not know the shared key generated in step S210, the first virtual MAC address of the first node 110 to be attacked can not be known, and a packet for falsifying the IP address and MAC address It becomes difficult to attack the first node 110 by using an attack technique such as ARP spoofing.

Also in step S230, the second virtual MAC address for the second node 120 is generated using the second part of the shared key generated in step S210.

At this time, a second virtual MAC address for the second node 120 can be generated from a second part, which is a part of the shared keys generated in step S210, similar to the step S220. For example, the upper 49 bits to 96 bits of the shared key generated in step S210 may be used as the second virtual MAC address. Of course, in some cases, a second virtual MAC address for the second node 120 may be calculated through a predetermined process from a second portion of the generated shared key.

The first virtual MAC address and the second virtual MAC address generated in steps S220 and S230 may be transmitted to the receiving virtual MAC address 21 or the transmitting virtual MAC address 22 as shown in FIG. Thus, it is possible to configure the MAC frame so that the attacker can prevent the attacking target from using the MAC address of the attacking target and hacking the communication of the attacking object.

Further, in step S240, the encryption key may be generated using the third part of the shared key generated in step S210. For example, a lower byte of the shared key generated in step S210 may be used as the encryption key. Further, it is also possible to calculate the encryption key through a predetermined process from the third part, which is a part of the generated shared key.

When the cryptographic key is generated as described above, the first node 110 and the second node 120 share the same cryptographic key. Therefore, the cryptographic key is used to encrypt and transmit data to be transmitted, The encrypted data is decrypted and restored to the original state so that the attacker can protect the data even if the attacker intercepts the MAC frame.

In step S250, communication data between the first node 110 and the second node 120 is encrypted using the encryption key generated in step S240. As an example of this, FIG. 5 illustrates a structure of a MAC frame including encrypted data.

In step S260, the first node 110 and the second node 120 communicate with each other using the first virtual MAC address and the second virtual MAC address. In step S270, The second node 120 receiving the encrypted MAC frame transmitted from the second node 110 decrypts the communication data using the encryption key.

FIG. 6 illustrates a configuration of a communication device 110 using a virtual MAC address according to another embodiment of the present invention.

The communication device 110 may be a communication device such as an exchange or a router or may be a personal computer (PC), a notebook personal computer (PC), or the like capable of being connected to the communication network 140, A PDA, a mobile phone, and the like.

6, a communication device 110 using a virtual MAC address according to an exemplary embodiment of the present invention includes a shared key generation unit 111, a virtual MAC address generation unit 112, a communication unit 113, A cryptographic key generation unit 114, a data encryption unit 115, and a data decoding unit 116.

Hereinafter, the communication device 110 using a virtual MAC address according to an exemplary embodiment of the present invention will be described in detail with reference to FIG.

First, the shared key generation unit 111 generates a shared key shared with the second node 120 with respect to the second node 120 connected to the communication network 140. In this case, the shared key generation unit 111 exchanges a first public code generated in the communication device 110 and a second public code generated in the second node, The second node 120 may generate the shared key using the first public code and the second public code.

In addition, the shared key generation unit 111 may exchange the first public code and the second public code with the second node 120 using a Diffie-Hellman key exchange scheme. And generate the shared key using the first public code and the second public code.

Next, the virtual MAC address generation unit 112 generates a first virtual MAC address for the communication device 110 using the first part of the shared keys generated by the shared key generation unit 111, And generates a second virtual MAC address for the second node 120 using a second portion of the shared key.

In addition, the communication unit 113 performs communication with the second node using the first virtual MAC address and the second virtual MAC address.

Furthermore, the cryptographic key generation unit 114 generates the cryptographic key using the third part of the shared key generated by the shared key generation unit 111.

The data encryption unit 115 encrypts the data to be transmitted using the encryption key generated by the encryption key generation unit 114 and then the data decryption unit 116 encrypts the data to be transmitted from the second node 120 And decodes the received communication data.

By using the virtual MAC address as described above and further encrypting and transmitting the data, it is possible to effectively prevent the attacker from hacking the attack target communication using the MAC address of the attack target.

While the present invention has been particularly shown and described with reference to exemplary embodiments thereof, it is to be understood that the invention is not limited to the disclosed exemplary embodiments, but, on the contrary, . Therefore, the scope of the present invention should not be limited to the above-described embodiments, but should be determined by equivalents to the appended claims, as well as the appended claims.

100: communication system
110: First node
120: second node
130: Third node
140: Communication network
111: Shared key generation unit
112: Virtual MAC address generation unit
113:
114: Cryptographic key generation unit
115: Data encryption unit
116: Data decoding unit

Claims (10)

A method for communication between a first node and a second node in a communication network,
Generating a shared key shared between the first node and the second node;
Generating a first virtual MAC address for the first node using a first portion of the shared key;
Generating a second virtual MAC address for the second node using a second portion of the shared key; And
Performing communication between the first node and the second node using the first virtual MAC address and the second virtual MAC address,
Wherein the generating the shared key comprises:
Exchanging a first public code of the first node and a second public code of the second node with each other; And
And generating the shared key using the first public code and the second public code at the first node and the second node. The method according to claim 1,
Generating an encryption key using a third portion of the shared key; And
And encrypting communication data between the first node and the second node using the encryption key. 3. The method of claim 2,
And decrypting communication data between the first node and the second node using the encryption key. delete The method according to claim 1,
Exchanging the first public code and the second public code with each other using a Diffie-Hellman key exchange scheme at the first node and the second node,
And the shared key is generated using the first public code and the second public code. 1. A communication device for communicating with a second node in a communication network,
A shared key generation unit for generating a shared key shared with the second node;
Generating a first virtual MAC address for the communication device using a first portion of the shared key and generating a second virtual MAC address for the second node using a second portion of the shared key, An address generator; And
And a communication unit for communicating with the second node using the first virtual MAC address and the second virtual MAC address,
In the shared key generation unit,
After exchanging the first public code of the communication device and the second public code of the second node with each other using the first public code and the second public code at the communication device and the second node, Key to generate a key. The method according to claim 6,
An encryption key generation unit generating an encryption key using a third part of the shared key; And
And a data encryption unit encrypting communication data to be transmitted to the second node using the encryption key. 8. The method of claim 7,
Further comprising a data decoding unit for decoding the communication data received from the second node by using the encryption key. delete The method according to claim 6,
In the shared key generation unit,
Exchanges the first public code and the second public code with the second node using a Diffie-Hellman key exchange scheme,
And generates the shared key using the first public code and the second public code.
KR1020150057902A 2015-04-24 2015-04-24 Method and apparatus for communication using virtual MAC address KR101591306B1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
KR1020150057902A KR101591306B1 (en) 2015-04-24 2015-04-24 Method and apparatus for communication using virtual MAC address

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
KR1020150057902A KR101591306B1 (en) 2015-04-24 2015-04-24 Method and apparatus for communication using virtual MAC address

Publications (1)

Publication Number Publication Date
KR101591306B1 true KR101591306B1 (en) 2016-02-04

Family

ID=55356253

Family Applications (1)

Application Number Title Priority Date Filing Date
KR1020150057902A KR101591306B1 (en) 2015-04-24 2015-04-24 Method and apparatus for communication using virtual MAC address

Country Status (1)

Country Link
KR (1) KR101591306B1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US11599321B2 (en) 2018-02-23 2023-03-07 Samsung Electronics Co., Ltd Electronic device and operating method therefor

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR101410380B1 (en) 2009-03-31 2014-06-20 퀄컴 인코포레이티드 Apparatus and method for virtual pairing using an existing wireless connection key
KR101506564B1 (en) 2014-01-07 2015-03-31 한밭대학교 산학협력단 Method for generating parameter of public key infrastructure

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR101410380B1 (en) 2009-03-31 2014-06-20 퀄컴 인코포레이티드 Apparatus and method for virtual pairing using an existing wireless connection key
KR101506564B1 (en) 2014-01-07 2015-03-31 한밭대학교 산학협력단 Method for generating parameter of public key infrastructure

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US11599321B2 (en) 2018-02-23 2023-03-07 Samsung Electronics Co., Ltd Electronic device and operating method therefor

Similar Documents

Publication Publication Date Title
CN109428867B (en) Message encryption and decryption method, network equipment and system
US20200021982A1 (en) System and method of counter management and security key update for device-to-device group communication
US8533465B2 (en) System and method of encrypting network address for anonymity and preventing data exfiltration
KR100961087B1 (en) Context limited shared secret
CN103975552B (en) Via the data exchange of certified router
US7233782B2 (en) Method of generating an authentication
KR20040098962A (en) A method for discributing the key to mutual nodes to code a key on mobile ad-hoc network and network device using thereof
KR100512954B1 (en) RR method for secure communication
CN101529805A (en) Relay device
US10841840B2 (en) Processing packets in a computer system
Noh et al. Secure authentication and four-way handshake scheme for protected individual communication in public wi-fi networks
CN111726346A (en) Data secure transmission method, device and system
CN110832806B (en) ID-based data plane security for identity-oriented networks
CN109347836B (en) IPv6 network node identity safety protection method
KR101979157B1 (en) Non-address network equipment and communication security system using it
KR101591306B1 (en) Method and apparatus for communication using virtual MAC address
KR101784240B1 (en) Communication security method and system using a non-address network equipment
Modares et al. Enhancing security in mobile IPv6
Sinha et al. A Secure Three-Party Authenticated Key Exchange Protocol for Social Networks.
Lee et al. Design of secure arp on MACsec (802.1 Ae)
Junaid et al. Per packet authentication for IEEE 802.11 wireless LAN
Li Exploring the Application of Data Encryption Technology in Computer Network Security
CN111031075B (en) Network service security access method, terminal, system and readable storage medium
Jara et al. Secure mobility management scheme for 6lowpan id/locator split architecture
KR101952351B1 (en) Communication security method and system using a network equipment without unique number of network

Legal Events

Date Code Title Description
GRNT Written decision to grant
FPAY Annual fee payment

Payment date: 20190104

Year of fee payment: 4