WO2007128212A1 - Procédé et système de protection et de validation d'un message de mise à jour - Google Patents

Procédé et système de protection et de validation d'un message de mise à jour Download PDF

Info

Publication number
WO2007128212A1
WO2007128212A1 PCT/CN2007/001401 CN2007001401W WO2007128212A1 WO 2007128212 A1 WO2007128212 A1 WO 2007128212A1 CN 2007001401 W CN2007001401 W CN 2007001401W WO 2007128212 A1 WO2007128212 A1 WO 2007128212A1
Authority
WO
WIPO (PCT)
Prior art keywords
update message
information
update
integrity protection
message
Prior art date
Application number
PCT/CN2007/001401
Other languages
English (en)
Chinese (zh)
Inventor
Fuyou Miao
Original Assignee
Huawei Technologies Co., Ltd.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Huawei Technologies Co., Ltd. filed Critical Huawei Technologies Co., Ltd.
Publication of WO2007128212A1 publication Critical patent/WO2007128212A1/fr

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information

Definitions

  • the invention belongs to the field of computer network communication, and in particular relates to a method and system for updating message protection and verification.
  • Border Gateway Protocol is an external gateway routing protocol used to distribute routing information between autonomous systems (ASs).
  • the BGP is a distance vector routing protocol, and the bottom layer is transmitted through a Transmission Control Protocol (TCP). The reliability of its data transmission is guaranteed by the TCP protocol.
  • TCP Transmission Control Protocol
  • BGP uses incremental, triggered routing updates instead of the entire routing table of the general distance vector protocol, periodic updates.
  • BGP has a variety of metrics that measure routing paths, also known as routing attributes, to more accurately determine the optimal path.
  • the AS exchanges network reachability information through the BGP protocol.
  • the information includes prefix information, undo prefix information, and path attributes.
  • One of the important path attributes is the path (AS_PATH) of the AS through which the BGP update information reaches a certain network. By checking the attribute, the loop can be prevented.
  • AS_PATH the path
  • the BGP protocol design cannot solve some inherent security problems. One of them is to verify the authenticity of the AS_PATH attribute, that is, to determine whether the advertisement has actually passed the AS listed in the AS_PATH.
  • BGP has no mechanism to check, and the attacker can modify the path by modifying the AS_PATH to implement further Attack; and whether the routing information has been modified when passing through the AS in the path.
  • the AS along the ASJPATH is mainly used to sign the way to prove that the update message passes the path indicated by the AS-PATH, and is not modified. That is to say, in this mode, each AS along the way will perform a nested signature for the update, that is, the signed information includes the signature part of the previous AS in addition to the content of the message, and is used to prove that the message has passed.
  • This AS and provides integrity protection for previous signature operations.
  • the receiver checks each signature part layer by layer, if the test passes The message indicates that the message was actually passed through the path.
  • Embodiments of the present invention provide a method and system for protecting and verifying an update message, so as to reduce the number of times the update message is protected and the number of times the verification operation is invoked, and the system operation overhead is reduced.
  • an embodiment of the present invention provides a method for protecting and verifying a BGP update message, including the following steps:
  • the update message generator calculates and accumulates the summary information of the generated multiple update messages, and the accumulated summary information generates integrity protection information, and sends the integrity protection information along with the last update message;
  • the update message receiver calculates the summary information of the received plurality of update messages until the update message with the integrity protection information is received, and the update message is verified.
  • an embodiment of the present invention further provides a system for protecting and verifying an update message, where the system includes:
  • an update message generation processing device configured to calculate and accumulate summary information of the generated multiple update messages, and generate integrity protection information according to the accumulated summary information, and the integrity protection information is followed by the last update message.
  • the update message receiving processing means is configured to calculate the summary information of the plurality of update messages until the update message with the integrity protection information is received, and the update message is verified.
  • the update message generator calculates and accumulates the summary results of the plurality of update messages, and generates integrity protection information according to the accumulated summary information, and the update message receiver performs the plurality of updated summary information once.
  • the verification of the integrity protection information solves the problem that the number of update message protection and verification operations is large in the prior art, and the system operation overhead is large.
  • DRAWINGS 1 is a schematic diagram of an application scenario for protecting and verifying an update message according to an embodiment of the present invention
  • FIG. 2 is a schematic structural diagram of a system for protecting and verifying an update message according to an embodiment of the present invention
  • FIG. 3 is an update of the embodiment of the present invention
  • Flowchart of a method for message protection and verification a flow chart for generating information
  • FIG. 5 is a flowchart of generating a verification initiation update message in the method for updating message protection and verification according to an embodiment of the present invention
  • Figure 7 is the hair
  • FIG. 1 is a practical application scenario diagram of protection and verification of an update message according to an embodiment of the present invention.
  • the figure includes an update message producer 11 and an update message receiver 12, an update message receiver 13 and an update message receiver 14.
  • the function of the update message producer is to generate an initial BGP update message and transfer it between AS domains; the function of the update message receiver is to transfer the received update message between AS domains.
  • the functions of the producer and the receiver are relative, and one entity may be the producer for one prefix (i.e., the update producer or the update receiver), and the entity may be the receiver for another prefix.
  • FIG. 2 is a schematic structural diagram of a system for protecting and verifying an update message according to an embodiment of the present invention.
  • the system may be an update message producer or an update message receiver.
  • the update message generation processing means 21 and the update message reception processing means 22 are included.
  • the update message generation processing device 21 is invoked by the update message generator, configured to calculate and accumulate summary information of the generated multiple update messages, and generate integrity protection information according to the accumulated summary information, and The integrity protection information is sent with the last update message; the message reception processing device 22 is called by the update message receiver to calculate the summary information of the received multiple update messages until the integrity protection is received. informational When the message is updated, the update message is verified.
  • the update message generation processing device 21 includes: a first digest calculation unit 211, and a first integrity protection information generation unit 212.
  • the first digest computing unit 211 is configured to calculate and accumulate the digest information in the generated multiple update messages.
  • the first integrity protection information generating unit 212 is connected to the first digest cache unit 211. And generating integrity protection information according to the accumulated summary information, and sending the integrity protection information along with the last update message.
  • the update message generation processing device 21 further includes a first digest cache unit 213 and a sequence number addition unit 214.
  • the first digest buffer unit 213 is connected to the first digest computing unit 211, and is configured to store the accumulated digest information.
  • the sequence number adding unit 214 is connected to the first digest computing unit 211, and configured to be the accumulated digest. Add a sequence number to the message.
  • the processing procedure of each unit in the update message generation processing device 21 is: the first summary calculation unit 211 is configured to calculate summary information of the received multiple update messages, and accumulate, and the method for calculating the summary information is : Use the last calculated summary information and combine the contents of the update message that needs to be protected to calculate the summary together or calculate the summary separately for each update message. And storing the accumulated summary information in the first digest buffer unit 213, where the sequence number adding unit 214 is configured to sort the accumulated digest information stored in the first digest computing unit 211, and add a sequence number thereto.
  • the first digest cache unit 213 sends the accumulated digest information to the first integrity protection information generating unit 212, and the first integrity protection information generating unit 212 passes the digital information according to the received digest information.
  • the signature or hash message verification code generates integrity protection information and sends the integrity protection information along with the last update message.
  • the update message receiving and processing device 22 includes: a second digest computing unit 221, a second integrity protection information generating unit 222, and a verifying unit 223.
  • the second digest computing unit 221 is configured to calculate the digest information received in the update message.
  • the integrity protection information generating unit 222 is connected to the second digest buffer unit 221, and configured to generate, according to the accumulated digest information.
  • the integrity protection information is connected to the second integrity protection information generating unit 222, and is used to compare the calculation result of the integrity protection information with the integrity protection information carried in the received update message. If they are consistent, they are verified by integrity protection.
  • the update message receiving and processing device 22 further includes: a second digest buffer unit 224, connected to the second digest computing unit 221, configured to store the digest information of the received unverified update message, and the storage is filtered by the local policy. The summary information is dropped.
  • the specific processing procedure of each unit in the update message receiving processing apparatus is: the second digest calculating unit 221 is configured to calculate the digest information received in the update message, and accumulate, and the manner in which the digest is calculated
  • the calculation method in the update message generation processing device is corresponding, as described in detail above. And storing the accumulated summary information in the second summary cache unit 24; and sending the accumulated summary information to the second integrity protection information generating unit 222, the second integrity protection information generating unit 222
  • the integrity protection information is generated by a digital signature or a Hash Message Authentication Code (HMAC) based on the received summary information, but is not limited thereto, and then the integrity protection information is transmitted to the verification unit 223.
  • HMAC Hash Message Authentication Code
  • the verification unit 223 compares the calculated result with the integrity protection information carried in the received update message, and if the two are consistent, the integrity protection is verified. Otherwise, the summary information of the update message and the summary information filtered by the local policy are stored in the second digest cache unit 224, and the unit is connected to the second digest calculation unit 221.
  • the update message receiving and processing device 22 may further include: a first local policy and a second local policy.
  • the first local policy database 225 is connected to the second integrity protection information generating unit 222, and is called by the update message receiver to store a policy for updating the message filtering, and determines whether to filter the related update message according to the policy.
  • the second local policy library 226 is connected to the verification unit 223 and is called by the update message receiver for storing the update message verification result, and querying the relevant processing policy in the policy library according to the verification result of the update message.
  • FIG. 3 is a flowchart of a method for updating a message protection and a risk certificate according to an embodiment of the present invention, the method includes:
  • Step 301 The update message generator calculates and accumulates the generated summary of the multiple update messages, generates integrity protection information according to the accumulated summary information, and sends the last update message along with the accumulated summary.
  • Step 302 The update message receiver calculates the summary information of the received multiple update messages, and when the update message with the integrity protection information is received, performs the update message. Verification.
  • the update generator can generate two kinds of update messages, that is, a normal update message and a verification start update message.
  • the digital signature is taken as an example to illustrate the implementation process of the update message of the present invention.
  • a flowchart of a method for generating a normal update message includes:
  • Step 401 The update message generator generates a BGP update message, and generates a sequence number and adds the sequence number to the update message.
  • the sequence number is used to uniquely identify an update message and may reflect the order of the update message.
  • the standard BGP extension mode can be used. For details, refer to the extension mode in standard BGP, and details are not described here.
  • Step 402 The update message generator calculates summary information for the content to be protected in each update message, and accumulates, and generates the integrity information of the accumulated summary information, and the integrity protection information is followed by the last update message. Send out
  • the manner of calculating the digest includes: using the last calculated digest information and calculating the digest together with the content of the update message that needs to be protected this time, or separately calculating the digest for each update message, but is not limited thereto. It can also be other calculation methods.
  • the cumulatively calculated summary result and its corresponding sequence number are saved locally; wherein the integrity protection information (that is, the content to be protected in the update message) in the update message may be specified in a local configuration manner, for example, the specified path. Attributes, prefixes, etc.; the integrity protection information may also be generated by a digital signature or a hash message verification code.
  • the update message producer sorts the digests by sequence number information.
  • Step 403 The update message producer sends a normal update message containing the sequence number and the integrity protection information or the protection scope information according to the requirements of the BGP protocol.
  • Step 501 The update message producer generates a BGP update message, generates a sequence number at the same time, and adds the sequence number to the update message.
  • the way the serial number is added can be done using standard BGP extensions.
  • Step 502 The update message generator calculates summary information for the content to be protected in each update message, and accumulates;
  • the calculated summary information is saved locally together with the corresponding update sequence number information.
  • the content to be protected in the update message may be specified in a locally configured manner, such as a specified path attribute and a prefix.
  • the scope information of the content to be protected is added to the update message for use by the recipient for authentication, and the way of joining can be extended by standard BGP.
  • Step 503 The update message generator completes the signature by sorting the accumulated summary information stored locally according to the sequence number. That is to say, the accumulated summary information is sorted to generate integrity protection information, that is, the integrity protection information is generated by the digital signature or the hash message verification code.
  • determining the amount of summary information to be accumulated may be determined by the producer of the update message.
  • Step 504 The update message producer attaches the integrity protection information (such as signature information) to the last update message.
  • integrity protection information such as signature information
  • the last update message is negotiated by the update message producer and the update message receiver at a fixed interval, that is, verification of integrity protection information (such as signature) is performed every few update messages.
  • Step 505 Attach the signature and the filtered updated summary to the update message and send it.
  • the update message producer adds a summary of the update message filtered by the local filtering policy and the corresponding sequence number information to the last update message for sending;
  • the summary of the update message filtered by the local filtering policy and the corresponding sequence number information are added to the update message, and the final message is sent to the outside.
  • the main purpose is to tell the receiving end which packets are filtered locally (that is, BGP can implement filtering on the sending end), so the local needs to store the filtered summary information of the outgoing packets and add them to the last update message. in.
  • a flowchart of a method for receiving and verifying a normal update message includes:
  • Step 601 The update message receiver calculates the summary information of the content that needs to be protected according to the received update message, calculates the summary information for the content to be protected, and accumulates, and saves the sequence number corresponding to the summary and the update message to the local.
  • Step 602 The update message receiver queries the received update message for a local cache, and determines whether the update message is filtered by the local policy.
  • Step 603 If yes, it indicates that the update message is filtered by the local policy, and the update message receiver needs to save its own digest and sequence number information in the local cache.
  • Step 604 If no, it indicates that the update message is not filtered by the local policy, and the update message continues to be delivered.
  • the update message recipient When the update message recipient receives the update message with the integrity protection information, it first determines whether the update message is filtered, and if not, verifies the update message.
  • the update message receiver performs digest calculation on the protection content specified in the plurality of update messages by using the same digest calculation method as the update information producer, and locally stores the digest and the sequence number of the update message corresponding to the digest. .
  • the process of verifying the update message is: after the receiver of the update message sorts the cached summary information according to the sequence number, the integrity protection information calculation method is performed by using the same integrity protection calculation method as the sender of the update message, and the integrity is calculated. The calculation result of the protection information is compared with the integrity protection information carried in the update message. If the two are consistent, the integrity protection is verified; otherwise, the update message may be discarded or the update information may be retained.
  • the recipient of the update message needs to retrieve its additional summary information, sequence number and integrity protection verification information from the last update message, and take out the locally filtered
  • the summary information, serial number, and update message related to the update message sender combine the above information and continue to deliver.
  • a flowchart of a method for receiving a verification initiation update message includes: Step 701: The update message receiver performs a calculation summary on the content that needs to be protected according to the range information that needs to be protected in the received update message. And save the serial number corresponding to the summary and update messages.
  • Step 702 The update message receiver extracts the summary information of the update message filtered by the local filtering policy and the corresponding sequence number information from the local cache, and adds the summary information and the corresponding sequence number information to the update message. , preparation for subsequent dissemination.
  • Step 703 The update message receiver extracts the summary information related to the sender of the received update message and the corresponding sequence number, and performs the signature verification on the summary after the summary is arranged according to the sequence number.
  • the verification process is as follows: After the receiver of the update message sorts the cached summary information according to the sequence number, the integrity protection information calculation method is performed by using the same integrity protection calculation method as the sender of the update message, and the integrity protection information is calculated. The result is compared with the integrity protection information carried in the update message. If the two are consistent, the integrity protection is verified. The processing of the update message is followed by the result of the signature verification and the local policy.
  • Step 704 The update message receiver determines whether the update message is filtered.
  • Step 705 If yes, the update message receiver verifies the filtering information of the startup update message. If the verification initiation update message is filtered, the update message receiver extracts the additional summary information, sequence number and signature from the update message. Information, and take out the summary information and serial number related to the update message generator, and the update message receiver combines the above information and continues to transmit;
  • the verification initiation update message is filtered, but the filtered summary, sequence number information, and signature information must be delivered, and the routing information in the update message may not be delivered.
  • Step 706 If the verification initiation update message is not filtered, the update message receiver appends the summary and sequence number information related to the present update message producer in the cache to the update information to continue the delivery.
  • Step 707 The update message receiver releases the summary information related to the producer of the update message.
  • the update message producer and the update message receiver need to adopt the same digest calculation mode and integrity protection verification mode, so as to ensure the authentication.
  • the BGP standard protocol can be used to negotiate the digest algorithm and the signature algorithm, and the digest algorithm and the signature algorithm can be indicated by adding identification information to each update message.
  • the embodiment of the present invention further provides an optimization scheme for generating and storing the digest, that is, after receiving the new update information, the receiver appends the previous summary information of the update sender to the calculation digest in the current update information. For each update sender if the update message is not filtered, only one summary information is kept locally.
  • the update message generator calculates and accumulates the summary results of the plurality of update messages, and generates integrity protection information according to the accumulated summary information, and the update message receiver performs the plurality of updated summary information once.
  • the verification of the integrity protection information so as to solve the problem that the number of updated message protection and verification operations is large in the prior art, and the system operation overhead is large, and the large amount of calculation caused by the security mechanism introduced by the protection of the route advertisement information is alleviated to the network device. influences.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Mobile Radio Communication Systems (AREA)
  • Information Transfer Between Computers (AREA)

Abstract

L'invention concerne un procédé et un système de protection et de validation d'un message de mise à jour (UPDATE), ledit procédé comprend : le générateur de message de mise à jour qui calcule et accumule les informations abstraites du message multiple de mise à jour généré et génère les informations de protection intacte sur la base des informations abstraites accumulées, et transmet lesdites informations de protection intacte avec le dernier message de mise à jour (301); le récepteur de message de mise à jour qui calcule les informations abstraites du message multiple de mise à jour reçu et valide ledit message de mise à jour jusqu'à la réception du message de mise à jour avec les informations de protection intacte, (302). Ledit système comprend un dispositif de traitement de génération de messages de mise à jour et un dispositif de traitement de réception de messages de mise à jour. De cette manière, l'invention résout les problèmes où le nombre d'opérations de protection et de validation du message de mise à jour est trop important dans l'art antérieur et où les dépenses de fonctionnement du système sont élevées, et réduit l'influence d'une quantité importante de calcul sur les dispositifs du réseau en raison du mécanisme de sécurité introduit par les informations de notification de trajet de protection.
PCT/CN2007/001401 2006-04-27 2007-04-26 Procédé et système de protection et de validation d'un message de mise à jour WO2007128212A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CNA2006100605508A CN101047699A (zh) 2006-04-27 2006-04-27 一种bgp更新消息保护和验证的方法及装置
CN200610060550.8 2006-04-27

Publications (1)

Publication Number Publication Date
WO2007128212A1 true WO2007128212A1 (fr) 2007-11-15

Family

ID=38667427

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2007/001401 WO2007128212A1 (fr) 2006-04-27 2007-04-26 Procédé et système de protection et de validation d'un message de mise à jour

Country Status (2)

Country Link
CN (1) CN101047699A (fr)
WO (1) WO2007128212A1 (fr)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105704681A (zh) * 2014-11-25 2016-06-22 北京信威通信技术股份有限公司 一种对端到端加密呼叫的缜密监听方法
CN114537482A (zh) * 2020-11-26 2022-05-27 比亚迪股份有限公司 轨道交通信息数据的校验方法、校验装置和存储介质

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20030026482A (ko) * 2001-09-26 2003-04-03 주식회사 케이티 Isp간 최적 경로 선정을 위한 라우터 자동 설정 시스템및 방법
CN1599485A (zh) * 2003-09-19 2005-03-23 华为技术有限公司 一种在集群系统中更新组密钥的方法
CN1679283A (zh) * 2002-09-02 2005-10-05 意大利电信股份公司 用于在数据通信网络上进行连通性评估的方法和系统以及相关信息技术产品
JP2006067286A (ja) * 2004-08-27 2006-03-09 Kddi Corp 情報生成装置
CN1761244A (zh) * 2005-11-11 2006-04-19 清华大学 设置边界网关协议路由选择通知功能的方法

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20030026482A (ko) * 2001-09-26 2003-04-03 주식회사 케이티 Isp간 최적 경로 선정을 위한 라우터 자동 설정 시스템및 방법
CN1679283A (zh) * 2002-09-02 2005-10-05 意大利电信股份公司 用于在数据通信网络上进行连通性评估的方法和系统以及相关信息技术产品
CN1599485A (zh) * 2003-09-19 2005-03-23 华为技术有限公司 一种在集群系统中更新组密钥的方法
JP2006067286A (ja) * 2004-08-27 2006-03-09 Kddi Corp 情報生成装置
CN1761244A (zh) * 2005-11-11 2006-04-19 清华大学 设置边界网关协议路由选择通知功能的方法

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105704681A (zh) * 2014-11-25 2016-06-22 北京信威通信技术股份有限公司 一种对端到端加密呼叫的缜密监听方法
CN114537482A (zh) * 2020-11-26 2022-05-27 比亚迪股份有限公司 轨道交通信息数据的校验方法、校验装置和存储介质

Also Published As

Publication number Publication date
CN101047699A (zh) 2007-10-03

Similar Documents

Publication Publication Date Title
US11212294B2 (en) Data packet security with expiring time-based hash message authentication codes (HMACs)
JP6144783B2 (ja) 情報中心のネットワークにおけるトラストアンカーを用いたプロトコルのルーティングに基づく名前/プレフィックスの増加
Murphy et al. Digital signature protection of the OSPF routing protocol
RU2378773C2 (ru) Подписание и проверка достоверности заголовков маршрутизации протокола инициирования сеанса
US9065842B2 (en) Methods and systems for authenticating electronic messages using client-generated encryption keys
EP2947845B1 (fr) Validation de propriété de bordure pour réseaux de données nommées
US8843751B2 (en) IP address delegation
Wu et al. Enabling efficient source and path verification via probabilistic packet marking
CN105376098A (zh) 一种路由源和路径双重验证方法
US11558399B2 (en) Network transmission path verification
US7290281B1 (en) Method and apparatus for cryptographically blocking network denial of service attacks based on payload size
US10999250B1 (en) System and method for validating a message conveyed via a network
CN104539578B (zh) 一种rpki数据的主动同步方法和系统
Pallickara et al. A framework for secure end-to-end delivery of messages in publish/subscribe systems
CN114389835A (zh) 一种IPv6选项显式源地址加密安全验证网关及验证方法
US20200322334A1 (en) Authentication of network devices based on extensible access control protocols
CN108055285B (zh) 一种基于ospf路由协议的入侵防护方法和装置
WO2007128212A1 (fr) Procédé et système de protection et de validation d'un message de mise à jour
Refaei et al. Data authentication for NDN using hash chains
Chandrasekhar et al. A trapdoor hash-based mechanism for stream authentication
Mosko et al. Content-centric networking-architectural overview and protocol description
CN115943603A (zh) 区块链增强路由授权
He et al. A hybrid and efficient scheme of multicast source authentication
He et al. A New Approach For Source Authentication Of Multicast Data.
CN110855690B (zh) 一种基于ibc的安全bgp协议实现方法

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 07720974

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 07720974

Country of ref document: EP

Kind code of ref document: A1