CN104135469B - A kind of method of raising RSSP II protocol safeties - Google Patents

A kind of method of raising RSSP II protocol safeties Download PDF

Info

Publication number
CN104135469B
CN104135469B CN201410320514.5A CN201410320514A CN104135469B CN 104135469 B CN104135469 B CN 104135469B CN 201410320514 A CN201410320514 A CN 201410320514A CN 104135469 B CN104135469 B CN 104135469B
Authority
CN
China
Prior art keywords
block cipher
mode
message
list
callee
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201410320514.5A
Other languages
Chinese (zh)
Other versions
CN104135469A (en
Inventor
闫连山
郭伟
崔允贺
李赛飞
潘炜
郭进
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Ansett optical technology Chengdu Co. Ltd.
Southwest Jiaotong University
Original Assignee
Southwest Jiaotong University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Southwest Jiaotong University filed Critical Southwest Jiaotong University
Priority to CN201410320514.5A priority Critical patent/CN104135469B/en
Publication of CN104135469A publication Critical patent/CN104135469A/en
Application granted granted Critical
Publication of CN104135469B publication Critical patent/CN104135469B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Landscapes

  • Mobile Radio Communication Systems (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The present invention relates to a kind of improvement project for improving Source of Railway Communication and Signalling system RSSP II protocol safeties, mainly including following aspect:Introduce block cipher and block cipher mode of operation selection negotiation mechanism;Add block cipher list and block cipher mode of operation list;In block cipher mode of operation, in addition to certification mode, the authenticated encryption pattern with associated data is also introduced as enhancing safe mode;Limit the maximum allowable message number of single secure connection;Strengthen the judgement of docking packet receiving content.The present invention program is expected to improve existing railway system's security.

Description

A kind of method of raising RSSP-II protocol safeties
Technical field
The present invention relates to a kind of method for improving RSSP-II protocol safeties in railway signalling network, belong to railway signal System regions, particularly railway system's safety communication between devices field.
Background technology
Vital role is served as in secure communication in railway signal system, once the signal of communication in railway is attacked The person of hitting monitors, distorts or even forged, it will and the failure of railway signal system is caused, even results in the generation of train operation accident, Immeasurable loss is brought for the country and people.In view of this, RSSP-II (Railway are used in railway signal system Signal Security Protocol) agreement ensures secure communication between railway system key equipment.RSSP-II agreements are advised Determine to carry out between signals security equipment the functional structure of security related information interaction by closed network or open network, It has been widely applied in current railway signal system.
The safety function module of RSSP-II agreements is divided into two layers:Message differentiates among safe floor (MASL) and safety applications Sublayer (SAI).The Core Feature of MASL layers be by produce message authentication code (Message Authentication Code, MAC), ensure message integrity while message source certification is provided, realize the safe transmission of user data, prevent message by Tripartite distorts or forged.SAI layers resist message by additionally adding the information such as sequence number, counter/timestamp in the message Repetition, delete, reorder and data delay etc. is attacked.
In RSSP-II agreements, the CBC-MAC schema recommendations algorithm 3 (Retail MAC algorithms) based on block cipher is used as Message Authentication Code algorithm in MASL layers;DES algorithms are used as block cipher therein.In view of code-breaking techniques is quick Development, CBC-MAC algorithms are presented in face of people more and more with the defects of DES algorithms, and these defects are malicious attacker Hidden attack meanses are provided, once above-mentioned algorithm is broken through by attacker, attacker can abandon, distort or even forge railway The message transmitted in signal system, and then control whole railway signalling network.Meanwhile at present through DES algorithms and CBC-MAC patterns Message after processing has only carried out integrity protection, and message content is still with plaintext transmission, for the information of railway signal system Safety brings great hidden danger.For problem above, prior art makes certain improvements, such as in RSSP-II agreement numbers The certification tail of data message Hash check values is stored with according to addition in message or replaces the DES algorithms in RSSP-II agreements For aes algorithm, but this improvement does not solve the safety problem in current RSSP-II agreements fundamentally.RSSP-II agreements It is the core protocol of whole high ferro signals security communication, existing safety analysis conclusion shows that this agreement has severe safety Hidden danger, high-speed railway operation security is formed and directly threatened.Therefore, there is an urgent need to the safety to current RSSP-II agreements Property is comprehensively improved.
The content of the invention
The purpose of the present invention is the deficiency for existing RSSP-II protocol safeties, proposes that one kind effectively improves RSSP-II The method of protocol safety, so as to solve the potential safety hazard in current RSSP-II agreements, ensure equipment room in railway signal system The safe transmission of message.
To reach above-mentioned purpose, the technical solution adopted by the present invention is as follows:
A kind of method of raising RSSP-II protocol safeties, in the railway signal system using RSSP-II agreements In, to improve the security to be communicated between railway system's key equipment;By closed network or opened between signals security equipment Put formula network and carry out security related information interaction, including following technological means:
1) block cipher and block cipher mode of operation selection negotiation mechanism, addition block cipher row, are introduced Table and block cipher mode of operation list;
2) in block cipher mode of operation, in addition to certification mode, introduce the authenticated encryption pattern with associated data and make To strengthen safe mode;
3) the maximum allowable message number of single secure connection is limited;
4) judgement of docking packet receiving content is strengthened.
Block cipher and block cipher mode of operation the selection negotiation mechanism is operated in calling party device with being called Method, apparatus is established in peer-entities verification process when connecting, the block cipher and block cipher for selecting session to use respectively Mode of operation;The block cipher list is used for caller direction callee and sends the block cipher that calling party supports; The block cipher mode of operation list is used for caller direction callee and sends the block cipher mode of operation that calling party supports.
On the basis of above-mentioned technical proposal, the present invention can also do following improvement.
Further, block cipher and block cipher the mode of operation negotiation mechanism, its step include:
Step 1:When peer-entities checking starts, caller direction callee sends the block cipher list that we support And block cipher mode of operation list;
Step 2:Callee is according to local security policy, the block cipher list sent from calling party and block cipher The block cipher and block cipher mode of operation that subsequent session uses are selected in mode of operation list;
Step 3:The block cipher list and the list of block cipher mode of operation of callee's calculating transmission containing calling party, The block cipher and the MAC of block cipher mode of operation field that one's own side chooses;
Step 4:Callee is by containing the block cipher and block cipher mode of operation and step 3 selected in step 2 The MAC of calculating message is sent to calling party;
Step 5:After calling party receives the message of callee's step 3 transmission, the message is verified, if verification is logical Cross, then into step 6, if verification is by the way that connection breaking, which is laid equal stress on, in calling party opens connection and establish program;
Step 6:Caller direction callee sends confirmation message.
Further, the block cipher list is used for the block cipher calculation that caller direction callee sends calling party's support Method, user can flexibly select block cipher therein, to ensure security, recommend selection block length to be equal to 128 ratios The domestic and international open block cipher standard that special, key length is more than or equal to 128 bits is calculated as block cipher therein Method.
Further, the block cipher mode of operation list is used to provide calling party's block cipher work supported to callee Operation mode, user can flexibly select block cipher mode of operation therein, to ensure security, selected block cipher work Operation mode recommends selection possess complete Security Proof, have the higher block cipher mode of operation for realizing efficiency, can examine Worry uses International Publication standard.
Further, the block cipher mode of operation in the block cipher mode of operation list includes two types:Certification Pattern with associated data authenticated encryption pattern (Authenticated Encryption with Associated Data, AEAD), certification mode is by calculating the integrality of mac authentication message, and the authenticated encryption pattern with associated data is to associated data Completed while completeness check encryption and the completeness check of dereferenced data.
Further, the block cipher and block cipher mode of operation collective effect, it is close according to selected packet The difference of code mode of operation, to needing message to be processed to provide different safeguard functions:When selecting certification mode, message is entered Row integrity protection, when selecting the authenticated encryption pattern with associated data, integrality and Confidentiality protection are carried out to message.
Further, the maximum allowable message number of the limitation single secure connection is used to reduce in single secure connection week The possibility that MAC is collided in phase;Suitable single secure connection is set according to railway signal system network actual conditions first Maximum allowable message count, secondly the message in single secure connection is counted, when message sum reaches limit value, restarted Secure connection.
Further, the method that the content of the bag for strengthening receiving judges includes:
Recipient is judged the packet received, if there is meaningless mess code more than continuous 4 byte, recipient Disconnect former connection and rebuild secure connection with sender;
Recipient is when judging packet, if packet occur can not parse, parse situations such as abnormal parameters, Recipient should disconnect former connection and rebuild secure connection with sender.
The beneficial effects of the invention are as follows:
1. compared with prior art, introduce block cipher list, the list of block cipher mode of operation and algorithm association Business opportunity system has very big lifting for the security of system, versatility, flexibility, robustness aspect;First, block cipher arranges The block length for the single block cipher for recommending to select in table reaches more than 128 bits with key length, with DES algorithms The block length of 64 and key length used is compared, and its security is stronger, and then improves the security of whole system;Its It is secondary, country variant and ground can be supported using the individual equipment of block cipher list and block cipher mode of operation list The safety standard in area, be advantageous to the outlet of equipment, be more beneficial for the high ferro outlet of China;Again, to block cipher list And block cipher mode of operation list is when being modified, it is only necessary to updates corresponding algoritic module, does not influence other algorithm moulds Block, it ensure that the flexibility of system;Finally, when detecting that signal is cracked in system, using block cipher list with And the equipment of block cipher mode of operation list allows railway operator to be switched fast block cipher and its mode of operation, Attack is made in short time and timely and effectively being reacted, prevents the further destruction of attacker;
By AE schemes, (2. Authenticated Encryption, refer to the authenticated encryption side based on block cipher to the present invention Case) RSSP-II agreements are introduced, to ensure railway system's signals security communication, there is higher feasibility;First, with existing skill Art is compared, and AE schemes have outstanding advantage in terms of security:1) cryptographic services end to end can be provided, solve railway letter The problem of part messages are transmitted with clear-text way in number system;2) safety higher than known most strong security definitions can be provided Property, the safe transmission of railway system's signal will be ensured to the full extent;Secondly, it is highly developed at present with associated data Authenticated encryption pattern (AEAD), functionally it is fully able to meet the needs of railway system's signal transmission, and typical AE schemes It is each provided with the support to AEAD characteristics;Finally, simple encryption or certificate scheme are substituted with AE schemes, TLS, It is widely applied in the network security protocols such as IPsec and 802.11i;
Occur 3. the maximum allowable message number connected by limiting single can effectively reduce in single secure connection The probability of MAC collisions, reduce possibility of the phone system by birthday attack;
4. when attacker has cracked session key and communication system is disturbed using erroneous packets, mess code bag, pass through The content for strengthening bag judges and restarts secure connection, improves the susceptibility of system, and then prevents attacker close using having cracked Key carries out follow-on attack.
Brief description of the drawings
Fig. 1 is the block cipher and block cipher mode of operation negotiations process schematic diagram;
Fig. 2 is the block cipher list field (ENATY, Encryption Algorithm Type) structure chart;
Fig. 3 is block cipher mode of operation list field (MDTY, the Mode Type) structure chart;
Fig. 4 is selected block cipher field (CKENA, the Checked Encryption Algorithm) knot Composition;
Fig. 5 is described selected block cipher mode of operation field (CKMD, Checked Mode) structure chart;
Fig. 6 connects maximum allowable message number schematic diagram of mechanism for limitation individual security.
Embodiment
The present invention will be further described below in conjunction with the accompanying drawings, and example is only used for explaining the present invention, is not intended to limit Determine the scope of the present invention.
Present invention is generally directed to the security of the RSSP-II agreements in railway signal system, introduce block cipher and Block cipher mode of operation selects negotiation mechanism, adds block cipher list and block cipher mode of operation list;Packet In password mode of operation, in addition to certification mode, the authenticated encryption pattern with associated data is also introduced as enhancing safe mode; Limit the maximum allowable message number of single secure connection;Strengthen the judgement of docking packet receiving content.
Block cipher selection in the block cipher list meets the algorithm of following condition:Algorithm is packet Length is more than or equal to the domestic and international open block cipher standard of 128 bits equal to 128 bits, key length.
Block cipher mode of operation in the block cipher mode of operation list includes two types:Certification mode and band The authenticated encryption pattern of associated data, in addition, after to overcome current grouped cryptographic algorithm to be handled with block cipher mode of operation Message content still with plaintext transmission the defects of, calling party sends in the negotiating algorithm mechanism block cipher mode of operation Mode of operation in list recommends authenticated encryption pattern of the selection with associated data, ensures to carry out the same of completeness check to message When ensure message confidentiality.
AES selection negotiation mechanism is operated in caller device and peer-entities when establishing is connected with called equipment safety In verification process, former peer-entities verification process detailed step see " European Wireless electric system functional interface specification " (specification number, " Euroradio FIS subset-037 ") the peer-entities verification process after algorithms selection is consulted is added as shown in figure 1, encryption Algorithms selection negotiation mechanism comprises the following steps:
Step 1:Caller direction callee send containing we support block cipher list (ENATY, Encryption Algorithm Type) and block cipher mode of operation list (MDTY, Mode Type) message 1;
Step 2:After callee receives the message 1 of calling party's transmission, according to local security policy, point sent from calling party The block cipher and be grouped close that subsequent session uses are selected in group cryptographic algorithm list and block cipher mode of operation list Code mode of operation, the block cipher of selection are designated as CKENA (Checked Encryption Algorithm), point of selection Group password mode of operation is designated as CKMD (Checked Mode);
Step 3:Callee calculates the block cipher list (ENATY) sent containing calling party, packet using CBC-MAC Block cipher (CKENA) that password mode of operation list (MDTY), one's own side select, block cipher mode of operation (CKMD) word The MAC of section:(CBC-MAC(KS,Text3|RA|CKENA|CKMD|RB|ENATY|MDTY|DA|p));
Step 4:Callee is by containing the selected block cipher (CKENA) of step 2, block cipher mode of operation (CKMD) And the MAC of step 3 calculating message 2 is sent to calling party;
Step 5:After calling party receives message 2, the message is verified using CBC-MAC algorithms, if verification passes through, Then enter step 6, if verification is by the way that connection breaking, which is laid equal stress on, in calling party opens connection and establish program;
Step 6:Caller direction callee sends confirmation message.
For ease of explaining, it is assumed that totally 8 kinds of block cipher for being available for block cipher list to select, then such as Fig. 2 institutes Show, block cipher list (ENATY, the Encryption Algorithm Type) field is formed by 8, Ge Weiqu It is worth and represents that calling party does not support the alternative block cipher for " 0 " or " 1 ", " 0 ", " 1 " represents that calling party supports this alternatively to divide Group cryptographic algorithm (the unified block cipher that calling party maintains to arrange in advance with callee represents to gather), such as A block ciphers Algorithm corresponds to the 1st alternative block cipher in ENATY fields, and B block ciphers correspond to the 2nd in ENATY fields Individual block cipher;Then when ENATY fields value is " 01010011 ", represent calling party support arrange in advance the 2nd, 4, 7th, 8 block ciphers.
For ease of explaining, it is assumed that totally 8 kinds of block cipher for being available for the list of block cipher mode of operation to select, then as schemed Similar with ENATY field definitions shown in 3, block cipher mode of operation list (MDTY, the Mode Type) field is by 8 hytes Into every value is " 0 " or " 1 ", and " 0 " represents that calling party does not support the alternative block cipher mode of operation, and " 1 " represents calling party Support the alternative block cipher mode of operation.
As shown in figure 4, block cipher (CKENA, the Checked Encryption that callee selectes Algorithm) field is formed by 4, and every value is " 0 " or " 1 ", and its corresponding decimal value represents point selected by callee Group cryptographic algorithm (the unified block cipher that calling party maintains to arrange in advance with callee represents to gather), such as CKENA fields Value is that " 0001 " represents the 1st block cipher of the block cipher as session that callee's selection is arranged in advance, " 0011 " represents the 3rd block cipher of the block cipher as session that callee's selection is arranged in advance.
As shown in figure 5, similar with CKENA field definitions, block cipher mode of operation that callee selectes (CKMD, Checked Mode) field forms by 4, and every value is " 0 " or " 1 ", and its corresponding decimal value is represented selected by callee Block cipher (the unified block cipher that calling party and callee maintain to arrange in advance represents set).
As shown in fig. 6, for limit single secure connection maximum allowable message number the step of it is as follows:
Step 1:After secure session connection is established, callee's initiation message number counter, to hereafter communicating pair Conversation message is counted;
Step 2:When calling party has message to reach or callee has message transmission, Counter Value adds one;
Step 3:The value of counter is set to reach limited threshold value when the arrival of calling party's message or callee's message are sent When, callee notifies calling party to restart secure connection and disconnects this connection, and closes message number counter;
Step 4:After secure connection disconnects, calling party resends secure connection and establishes request to restart secure connection;
To determine the maximum allowable message count of single connection, it is different most that the setting of railway signal system different scenes need to be directed to It is big to allow message count, it is now assumed that listener has carried out 106Secondary secure connection is monitored, for the birthday attack probability of success is limited in into ten thousand Within/mono-, it is proposed that by the maximum allowable message total number threshold restriction of single connection 216Within.
Strengthening the method that docking packet receiving content judges includes:
When callee is judged the packet received, if there is meaningless mess code more than continuous 4 byte, it is called Side disconnects former connection and notifies calling party to rebuild secure connection;
Callee is when judging packet, if multibyte mess code can not be parsed or continuously occur by packet occur Situations such as, callee should disconnect former connection and notify calling party to rebuild secure connection.

Claims (7)

1. a kind of method of raising RSSP-II protocol safeties, in the railway signal system using RSSP-II agreements, To improve the security to be communicated between railway system's key equipment;Pass through closed network or open between signals security equipment Network carries out security related information interaction, it is characterised in that including following technological means:
1) block cipher and block cipher mode of operation selection negotiation mechanism are introduced, block cipher list is added and divides Group password mode of operation list;
2) in block cipher mode of operation, in addition to certification mode, the authenticated encryption pattern with associated data is introduced as increasing Strong safe mode;
3) the maximum allowable message number of single secure connection is limited;
4) judgement of docking packet receiving content is strengthened;
Block cipher and block cipher mode of operation the selection negotiation mechanism is operated in calling party device and set with callee In the standby peer-entities verification process established when connecting, block cipher and block cipher work that session uses are selected respectively Pattern;The block cipher list is used for caller direction callee and sends the block cipher that calling party supports;It is described The list of block cipher mode of operation is used for caller direction callee and sends the block cipher mode of operation that calling party supports.
2. the method for raising RSSP-II protocol safeties according to claim 1, it is characterised in that the block cipher Algorithm and block cipher mode of operation selection negotiation mechanism, its key step include:
Step 1:When peer-entities verifies beginning, caller direction callee sends the block cipher list of we's support and divided Group password mode of operation list;
Step 2:Callee is according to local security policy, the block cipher list sent from calling party and block cipher work The block cipher and block cipher mode of operation that subsequent session uses are selected in mode list;
Step 3:Callee calculates the block cipher list sent containing calling party and the list of block cipher mode of operation, one's own side The block cipher and the MAC of block cipher mode of operation field chosen;
Step 4:Callee will calculate containing the block cipher and block cipher mode of operation selected in step 2 and step 3 MAC message send to calling party;
Step 5:After calling party receives the message of callee's step 3 transmission, the message is verified, if verification passes through, Into step 6, if verification is by the way that connection breaking, which is laid equal stress on, in calling party opens connection and establish program;
Step 6:Caller direction callee sends confirmation message.
3. the method for raising RSSP-II protocol safeties according to claim 1, it is characterised in that the block cipher Block cipher in algorithm list is selected by user.
4. the method for raising RSSP-II protocol safeties according to claim 1, it is characterised in that the block cipher Block cipher mode of operation in mode of operation list is selected by user.
5. the method for raising RSSP-II protocol safeties according to claim 1, it is characterised in that the limitation single The method of the maximum allowable message number of secure connection is used to limit message number in single secure connection:First according to railway signal Grid actual conditions set the maximum allowable message count of single secure connection, secondly when single secure connection starts to session Message is counted, and finally when message sum reaches limit value, is disconnected former connection and is restarted secure connection.
6. the method for RSSP-II protocol safeties is improved according to claim 1 or 5, it is characterised in that the limitation is single The key step of the maximum allowable message number of secondary secure connection is as follows:
Step 1:After secure session connection is established, callee's initiation message number counter, the session to hereafter communicating pair Message is counted;
Step 2:When calling party has message to reach or callee has message transmission, Counter Value adds one;
Step 3:When calling party's message reaches or the transmission of callee's message the value of counter is reached limited threshold value, quilt The side of crying notifies calling party to restart secure connection and disconnects this connection, and closes message number counter;
Step 4:After secure connection disconnects, calling party resends secure connection and establishes request to restart secure connection.
7. the method for raising RSSP-II protocol safeties according to claim 1, it is characterised in that described to strengthen receiving The method that bag content judges:Transmitting-receiving side is main when occurring exception in parsing process data packet or continuously multibyte mess code occur Dynamic circuit breaker Kaiyuan connects and restarts secure connection.
CN201410320514.5A 2014-07-04 2014-07-04 A kind of method of raising RSSP II protocol safeties Active CN104135469B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201410320514.5A CN104135469B (en) 2014-07-04 2014-07-04 A kind of method of raising RSSP II protocol safeties

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201410320514.5A CN104135469B (en) 2014-07-04 2014-07-04 A kind of method of raising RSSP II protocol safeties

Publications (2)

Publication Number Publication Date
CN104135469A CN104135469A (en) 2014-11-05
CN104135469B true CN104135469B (en) 2017-11-24

Family

ID=51807991

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201410320514.5A Active CN104135469B (en) 2014-07-04 2014-07-04 A kind of method of raising RSSP II protocol safeties

Country Status (1)

Country Link
CN (1) CN104135469B (en)

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108011867B (en) * 2017-11-13 2020-11-06 北京全路通信信号研究设计院集团有限公司 Safe encryption method and system for railway signals
CN108933788B (en) * 2018-07-03 2020-11-06 西南交通大学 FPGA-based RSSP-II protocol MAC code rapid verification device
CN112769773B (en) * 2020-12-24 2022-08-30 卡斯柯信号有限公司 Railway security communication protocol simulation system based on state cryptographic algorithm
CN113904789B (en) * 2021-08-17 2024-03-29 卡斯柯信号有限公司 Encryption method, equipment and storage medium of railway safety communication protocol

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101997834A (en) * 2009-08-10 2011-03-30 北京多思科技发展有限公司 Device for supporting high-performance safety protocol
CN103051616A (en) * 2012-12-17 2013-04-17 中国科学院信息工程研究所 RSSP-II protocol-based datagram transmission method
CN103560879A (en) * 2013-10-09 2014-02-05 中国科学院信息工程研究所 Method for achieving lightweight authentication and key agreement
CN103685181A (en) * 2012-09-13 2014-03-26 北京大唐高鸿软件技术有限公司 Key negotiation method based on SRTP

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101997834A (en) * 2009-08-10 2011-03-30 北京多思科技发展有限公司 Device for supporting high-performance safety protocol
CN103685181A (en) * 2012-09-13 2014-03-26 北京大唐高鸿软件技术有限公司 Key negotiation method based on SRTP
CN103051616A (en) * 2012-12-17 2013-04-17 中国科学院信息工程研究所 RSSP-II protocol-based datagram transmission method
CN103560879A (en) * 2013-10-09 2014-02-05 中国科学院信息工程研究所 Method for achieving lightweight authentication and key agreement

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
RSSP-II安全通信协议的建模和仿真;许孟华;《中国优秀硕士学位论文全文数据库工程科技II辑》;20131215;正文第5页第1段至倒数第7行,正文第37页第1行至第68页最后一行 *

Also Published As

Publication number Publication date
CN104135469A (en) 2014-11-05

Similar Documents

Publication Publication Date Title
CN108650227B (en) Handshaking method and system based on datagram secure transmission protocol
FI113119B (en) A method for securing communications over telecommunications networks
CN107248994A (en) A kind of method for sending information, processing method and processing device
CN102045210B (en) End-to-end session key consultation method and system for supporting lawful interception
CN104135469B (en) A kind of method of raising RSSP II protocol safeties
CN104303583B (en) System and method for establishing secure connection in a communications system
CN104811427B (en) A kind of safe industrial control system communication means
CN107360175A (en) Car networking control car safety method
CN106357690A (en) Data transmission method, data sending device and data receiving device
CN106941491A (en) The safety application data link layer device and communication means of power information acquisition system
CN109714360A (en) A kind of intelligent gateway and gateway communication processing method
CN103220279A (en) Safe data transmission method and system
CN102098307A (en) Password type instant message (IM) encryption method and system in self-service bank
CN104811451A (en) Link login method and system
CN103546442B (en) The communication monitoring method and device of browser
CN103986716B (en) Establishing method for SSL connection and communication method and device based on SSL connection
CN106209384B (en) Use the client terminal of security mechanism and the communication authentication method of charging unit
CN105610577B (en) A kind of system and method preventing IPSec VPN device Multiple tunnel ike negotiations failure
CN112350823B (en) CAN FD communication method between vehicle-mounted controllers
CN107104888A (en) A kind of safe instant communicating method
CN105306437B (en) A kind of encryption of network security and method of calibration
CN107395552A (en) A kind of data transmission method and device
CN102739660A (en) Key exchange method for single sign on system
CN115766271A (en) Network isolation equipment based on backward hash chain information source authentication
CN1996960B (en) A filtering method for instant communication message and instant communication system

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
TA01 Transfer of patent application right

Effective date of registration: 20170621

Address after: 610031 Chengdu City, Sichuan Province, No. two North Ring Road, Southwest Jiao Tong University,

Applicant after: Yan Lianshan

Applicant after: Southwest Jiaotong University

Address before: 610031 Chengdu City, Sichuan Province, No. two North Ring Road, Southwest Jiao Tong University,

Applicant before: Southwest Jiaotong University

TA01 Transfer of patent application right
GR01 Patent grant
GR01 Patent grant
TR01 Transfer of patent right

Effective date of registration: 20180807

Address after: 611730 Chengdu 1, unit 5, Hongqi Road, 146 north section of Hongqi Road, PI Du District, Chengdu.

Co-patentee after: Southwest Jiaotong University

Patentee after: Ansett optical technology Chengdu Co. Ltd.

Address before: 610031 science and technology office, Southwest Jiao Tong University, 111 north section, two ring road, Chengdu, Sichuan

Co-patentee before: Southwest Jiaotong University

Patentee before: Yan Lianshan

TR01 Transfer of patent right