摘要
IPv4协议中定义的IP数据包本身并不包含任何安全特性。很容易便可伪造出IP包的源地址、修改其内容、重发以前的包以及在传输途中拦截并查看包的内容。针对IPv4的先天不足,IPSec协议提供了一种标准的、健壮的以及包容广泛的安全机制,可用它为IP及上层协议(如UDP 和TCP)提供安全保证。
但是IPSec协议要得到广泛的应用,必须解决如何在Internet中进行密钥的自动协商问题,这就是本论文的重点。
本论文从介绍IPSec协议开始,重点论述了其中的解决密钥协商问题的IKE协议。并且结合具体的科研工作,描述了在Linux操作系统上如何实现IKE协议。全文共有六个章节。
第一章介绍了Internet的发展现状,存在的安全隐患和Internet上典型的攻击,阐述了在TCP/IP协议族的各层实现安全机制的优缺点,并介绍了虚拟私用网的概念,以及目前实现虚拟私用网的两种隧道协议。
第二章描述了IPSec协议族所包含的协议、IPSec的工作模式、建立安全关联的方法。然后重点介绍了IPSec协议族中的IKE协议,包括IKE协议的两阶段协商,IKE协议定义的负载格式,以及IKE协议定义的交换模式。
第三章结合我们的科研工作,阐述了如何在Linux操作系统中设计和实现IKE协议。包括如何在内核中创建和管理安全关联数据库,如何实现PF_KEY套接字接口和PF_KEY消息,如何设计IKE协议的主模式和快速模式的状态机
等等。
第四章描述了安全路由器的实现,安全路由器的外部接口,以及硬件加密设备的实现,并对安全路由器进行了测试。
第五章对全文进行了简单的总结,并给出了一些可用于提高虚拟私用网效率的技术。
Originally IP packets defined by IPv4 don.t contain any security characteristic.Attackers can easily forge the address of the IP packets, revise their content, replay them in a later time, and eavesdrop data during transmission. In order to make up the innate deficiency of the IPv4, IPSec protocol provides a kind of standard and robust security mechanism, and can be used to provide security protection for IP and higher layer protocols. But before IPSec protocol can be used widely, a problem must be resolved. The problem is how to negotiate keys automatically through Internet. And it is what this paper mainly deals with.
First, this paper introduces the concept of IPSec protocol and discusses emphatically the IKE protocol which resolves the problem of key negotiation. Then,according to our current research work, I describe in detail the procedure on how to realize IKE protocol in Linux. There are totally five chapters in this paper.
The first chapter shows the current development status of Internet , some network security problems and some classic Internet attacks, discusses the advantages and disadvantages to realize network security on different TCP/IP layers, and gives a simple introduce about Virtual Private Network and two kinds of VPN tunneling protocoals.
The second chapter introduces the protocols contained in IPSec protocol stack,the work modes and the methods to build Security Associations. Then the detail of IKE protocol is described, including the two negotiating phases, the format of all IKE payloads, and the exchange mode defined by IKE.
In the third chapter, combined with our current research, I describe how to design and realize IKE in Linux OS. The realization includes establishing and managing security association database in Linux kernel, developing PF_KEY socket interface and PF_KEY message, and designing the state machines of IKE main mode and IKE quick mode.
In the fourth chapter, I depict the realization of the VPN router, the out interface of the VPN router, and the realization of hardware encryption. In the end, I describe the test to the VPN router.
Chapter 5 draws the conclusion and indicts the future direction of the system.
引文
【1】 Bruce Schneier(美)著,吴世忠等译,《应用密码学》,机械工业出版
社,2000
【2】 孔雷,刘云新译,《虚拟私用网络技术》,清华大学出版社,1999
【3】 Thayer, R., Doraswamy, N., and R. Glenn, "IP Security Document Roadmap",
RFC 2411, November 1998.
【4】 S.Kent & R.Atkinson,IP Encapsulating Security Payload (ESP),RFC 2406,
Nov 1998
【5】 S.Kent & R.Atkinson,IP Authentication Header,RFC 2402, Nov 1998
【6】 S. Kent and R. Atkinson,Security Architecture for the IP,RFC 2401, Nov
1998
【7】 Harkins, D., and D, Carrel, D., The Internet Key Exchange(IKE), RFC 2409,
Nov. 1998
【8】 D. Maughan,M. Schertler,M. Schneider,and J. Turner,Internet Security
Association and Key Management Protocol (ISAKMP),RFC 2408,Nov
【9】 Orman, H., "The OAKLEY Key Determination Protocol", RFC 2412,
November 1998
【10】Krawczyk, H., "SKEME: A Versatile Secure Key Exchange Mechanism for
Internet", from IEEE Proceedings of the 1996 Symposium on Network and
Distributed Systems Security.
【11】Piper, D., "The Internet IP Security Domain Of Interpretation for ISAKMP",
RFC 2407, November 1998.
【12】Diffie, W., and Hellman M., "New Directions in Cryptography", IEEE
Transactions on Information Theory, V.IT-22, n. 6, June 1977.
【13】Krawczyk, H., Bellare, M., and R. Canetti, "HMAC: Keyed-Hashing for
Message Authentication", RFC 2104, February 1997.
【14】Rivest, R., Shamir, A., and Adleman, L., "A Method for Obtaining Digital
Signatures and Public-Key Cryptosystems",Communications of the ACM, v. 21, n.
2, February 1978.
【15】Eastlake, D. and C. Kaufman, "Domain Name System Security Extensions",
RFC 2065, January 1997.
【16】RSA Laboratories, "PKCS #1: RSAEncryption Standard",November 1993
【17】C.Metz, .PF_KEY Key Management API, Version 2., RFC2367, July 1998
【18】Shacham, A., Monsour, R., Pereira, R., and M. Thomas, "IP Payload
Compression Protocol (IPComp)", RFC 2393, August 1998.