CN106790200A - The chip association processing method of CAPWAP control channel DTLS encryption and decryption - Google Patents
The chip association processing method of CAPWAP control channel DTLS encryption and decryption Download PDFInfo
- Publication number
- CN106790200A CN106790200A CN201611270117.7A CN201611270117A CN106790200A CN 106790200 A CN106790200 A CN 106790200A CN 201611270117 A CN201611270117 A CN 201611270117A CN 106790200 A CN106790200 A CN 106790200A
- Authority
- CN
- China
- Prior art keywords
- message
- chip
- capwap
- encryption
- decryption
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L45/00—Routing or path finding of packets in data switching networks
- H04L45/74—Address processing for routing
- H04L45/745—Address table lookup; Address filtering
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/04—Protocols specially adapted for terminals or networks with limited capabilities; specially adapted for terminal portability
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/0618—Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation
- H04L9/0631—Substitution permutation network [SPN], i.e. cipher composed of a number of stages or rounds each involving linear and nonlinear transformations, e.g. AES algorithms
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
A kind of chip present invention is disclosed CAPWAP control channel DTLS encryption and decryption assists processing method, wherein, decrypting process mainly looks into the CAPWAP tables of configuration in chip, Key ID and the isEncryptedPkt fields of the decryption in entry, message is decrypted, the message after decryption finally is sent into CPU is further processed.Ciphering process mainly indexes the Nexthop tables of configuration in chip, the isCapwapControl field status and encryption in entry with Key ID DTLS encryptions are carried out to message, and message after encryption be looped back in chip carry out normal message forward process.Chip is moved in the encryption and decryption operation that cpu resource will be most taken in the software processing scheme of CAPWAP control channel message of the invention carries out association's treatment, greatly reduces the pressure of CPU, improves network performance.
Description
Technical field
The present invention relates to a kind of DTLS encryption and decryption technology of CAPWAP control channel, more particularly, to a kind of CAPWAP controls
The chip association processing method of the DTLS encryption and decryption of passage.
Background technology
AC (Access Controller, wireless controller) equipment and AP (Access Point, WAP) equipment
Between will (Controlling and Provisioning of Wireless Access Point, wirelessly connect using CAPWAP
Access point is controlled and supply) tunnel, CAPWAP tunnel is the communication control processor between AC equipment and AP equipment, defines AC equipment
How to be communicated with AP equipment rooms, to realize that the intercommunity between AC equipment and AP equipment provides a general encapsulation and transmission
Mechanism.Wireless data frame, as former state or is sent to AC and sets in being enclosed CAPWAP tunnel after the conversion of 802.11 to 802.3 forms
It is standby.
To ensure the security of CAPWAP tunnel, it is possible to use DTLS (Datagram Transport Layer
Security, data transfer layer safety) protocol protection CAPWAP tunnel.DTLS agreements are that the encryption that CAPWAP tunnel is used is assisted
View, the DTLS Protocol Refs TLS of TCP (Transmission Control Protocol, transmission control protocol)
(Transport Layer Security, Transport Layer Security) agreement, by adding DTLS control fields in CAPWAP message,
To be encrypted control to CAPWAP message.
The existing general DTLS encryption and decryption that CAPWAP control channel is carried out by using software approach (such as CPU).Such as Fig. 1 institutes
Show, plus CAPWAP encapsulate after the completion of, software can call openssl (Open Secure Sockets Layer, it is open
Secure socket layer protocol) carry out DTLS encryptions.This process needs the data copy in Buffer (buffering area) out, to complete soft
Part is encrypted, and writes back to Buffer.This process can largely take cpu resource, under high-bandwidth scenarios, the forwarding of channel message
With encryption and decryption limited performance in cpu performance.
In consideration of it, we are in the Chinese patent application of Application No. 201511019516.1, it is proposed that a kind of CAPWAP
The chip implementing method of DTLS message encryption and decryption, the encapsulation for realizing CAPWAP DTLS messages using exchange router chip is conciliate
Encapsulation, but the program only realizes the chip-scale encryption and decryption of CAPWAP data channel, does not support CAPWAP control channel report
The chip-scale encryption and decryption of text.
The content of the invention
A kind of defect it is an object of the invention to overcome prior art, there is provided the DTLS encryption and decryption of CAPWAP control channel
Chip association processing method, the encryption and decryption of cpu resource will be most taken in the software processing scheme of CAPWAP control channel message
Chip is moved in operation carries out association's treatment.
To achieve the above object, the present invention proposes following technical scheme:A kind of DTLS encryption and decryption of CAPWAP control channel
Chip association processing method, including:
Message decryption processes in chip:After chip receives the message of DTLS encryptions, the CAPWAP of configuration in chip is looked into
Table obtain decryption Key ID and for judge whether be encryption data bag isEncryptedPkt fields, if described
IsEncryptedPkt field status check errorless, then according to the corresponding key found by the Key ID of the decryption to report
Text is decrypted and obtains plaintext CAPWAP message, and the CAPWAP message is looped back in chip again continues to look into CAPWAP
Table, is finally sent to CPU;
Message encryption processing procedure in chip:After chip receives the message from CPU, according to the Nexthop carried in bus
ID goes to index the Nexthop tables of configuration in chip, finds a corresponding Nexthop entry, and chip checks the Nexthop
In entry for judge whether be CAPWAP control channel message isCapwapControl field status, if inspection is errorless,
Then according to by the encryption in the Nexthop entries with Key ID search the key that obtains DTLS encryptions carried out to message, and will
Being looped back in chip containing IP message after encryption, is normally carried out message forward process.
Preferably, the decryption processes of the message are specifically included:After chip receives the message of DTLS encryptions, first parse
Whether message is the message that need to locally decrypt, if so, then search the CAPWAP tables obtain decryption Key ID and
IsEncryptedPkt fields, if the isEncryptedPkt field status check errorless, look into close again by the Key ID
Key table obtains the Key of decryption, then message is decrypted using DTLS decipherment algorithms obtains plaintext CAPWAP message, and by institute
CAPWAP message is stated to be looped back in chip again, analytic message whether be plaintext CAPWAP message, if so, then continuing to search for institute
State CAPWAP tables and obtain corresponding entry, check isEncryptedPkt fields in the entry, if inspection does not pass through, chip
Plaintext CAPWAP message is directly sent to CPU.
Preferably, searching the inquiry field used by CAPWAP tables is:The purpose IP address of message add source IP address to add
L4Type add for judge whether be CAPWAP control channel message isCapwapControl fields.
Preferably, when the configuration isEncryptedPkt field status are 1, the packet of encryption is judged as YES, that is, is examined
Look into errorless.
Preferably, in message encryption processing procedure, for the CAPWAP control channel message to be sent, CPU completes bright
After literary CAPWAP addition, and socket layer is given by the encryption information, the encryption information eventually passes through ASIC_
Header gives chip and is further encrypted.
Preferably, after chip receives the message from CPU, the ASIC_Header is peeled off and resolved to described by chip
Bus information.
Preferably, in message encryption processing procedure, after the chip receives the message from CPU, carried according in bus
The Nexthop ID go index chip in configuration Nexthop tables.
Preferably, when the configuration isCapwapControl field status are 1, it is judged as YES logical from Capwap controls
The message in road, that is, check errorless.
Preferably, in chip in the encryption process of CAPWAP message, if chip checks the isCapwapControl
Field status are 1, then message is inserted into one DTLS and cut down two layers of head, then carry out DTLS to message according to the key
Encryption, and by encryption after be looped back in chip containing IP message, after chip is received containing IP message, be normally carried out routing table and look into
Forwarding behavior and outlet are found, message forward process is carried out.
Compared with prior art, the present invention will most take CPU moneys in the software processing scheme of CAPWAP control channel message
Chip is moved in the encryption and decryption operation in source carries out association's treatment, greatly reduces the pressure of CPU, improves network performance.
Brief description of the drawings
Fig. 1 is the principle schematic of the existing DTLS encryption and decryption that CAPWAP control channel is carried out by using software approach;
Fig. 2 is the principle schematic of the DTLS decryption that the present invention carries out CAPWAP control channel;
Fig. 3, Fig. 4 are the principle schematics of the DTLS encryptions that the present invention carries out CAPWAP control channel.
Specific embodiment
Below in conjunction with accompanying drawing of the invention, the technical scheme to the embodiment of the present invention carries out clear, complete description.
The present invention proposes a kind of chip association processing method of the DTLS encryption and decryption of CAPWAP control channel, mainly will
The DTLS encryption and decryption operation that cpu resource is most taken in the software processing scheme of CAPWAP control channel message is moved chip and is carried out
Association is processed, and greatly reduces the pressure of CPU, improves network performance.
Wherein, chip includes processing engine (IPE), storage forwarding module (BSR), outgoing direction treatment engine into direction
(EPE), WLAN processes engine (WLAN Engine).The present invention is configured with CAPWAP tables in the IPE directions of chip, and it is used
IPDA (purpose IP address)+IPSA (source IP address) is searched, and the Key ID and judgement that decryption is configured with the entry are
No is the isEncryptedPkt fields of encryption data bag.In the present embodiment, it is necessary to which it is 1 to configure isEncryptedPkt states,
As the criterion whether encrypted state matches, compare encrypted state that current data packet parses and
Whether isEncryptedPkt states match, and matching does not then judge that current data packet is the encryption data bag in control passage, not
With then judge current data packet be in control passage by decryption association treatment after clear data message.
In addition, be also configured with Nexthop entries in chip, wherein the ID comprising encryption Key and judge whether be
The isCapwapControl fields of capwap control passage data.In the present embodiment, same configuration isCapwapControl shapes
State be 1 when, be designated the data of Capwap control passages, otherwise illustrate be not.
With reference to shown in Fig. 2~Fig. 4, a kind of chip association of the DTLS encryption and decryption of disclosed CAPWAP control channel
Processing method, including:Message DTLS decryption processes and message encryption processing procedure.
As shown in Fig. 2 first specifically introducing message DTLS decryption processes below:
Step 1, after 1. the IPE of chip receives the message of DTLS encryptions from inbound port, whether parsing is local to need decryption
CAPWAP DTLS messages, if so, then search chip in configuration the CAPWAP tables, obtain the Key ID of message decryption
With isEncryptedPkt fields, if isEncryptedPkt field status are 1, and current data packet resolves to DTLS encryption reports
Text (i.e. the field status check errorless), and without other operations, then message is directly entered in BSR, the Key ID of decryption then with
Transmitted to BSR, EPE and WLAN Engine successively with bus (BUS).
Searching the inquiry field used by CAPWAP tables is:The purpose IP address (IPDA) of message+source IP address (IPSA)+
L4Type (CAPWAP)+isCapwapControl, wherein, L4Type=CAPWAP, isCapwapControl field are used to sentence
Whether disconnected message comes from Capwap control passages, L4Type and isCapwapControl fields are by the parsing module in chip
Parsing is obtained.L4Type is four layers of characteristic information, according to CAPWAP agreements, as UDP PORT=5246 or 5247, it is believed that be
Layer characteristic value of CAPWAP message, i.e., four is CAPWAP, that is, L4Type=CAPWAP.
Step 2, it is the decryption channel A of WLAN engines that BSR directly specifies message outlet, i.e. message is directly sent to WLAN and draws
Hold up the outlet of decryption channel A.
It should be noted that when message needs decryption, EPE is not edited then to message, is directly sent to WLAN and drawn
Hold up the outlet of decryption channel A.
1. step 3, the message that WLAN engine decryption channels A enters, tables look-up by Key ID and obtains the Key of decryption, according to
The Key is decrypted algorithm to message, is that 2. CAPWAP message is sent to IPE again by the plaintext after decryption.
Can be realized using existing DTLS decipherment algorithms used herein of decipherment algorithm, be not just described further here.
Step 4, after 2. IPE is received again by CAPWAP message, it is plaintext message that the parsing module in chip is checked, then after
Continuous to search CAPWAP tables, after finding entry, due to being plaintext message, isEncryptedPkt status checkouts are mismatched, then core
2. plaintext CAPWAP message is directly sent to CPU by piece logic, and subsequent treatment is carried out to message by CPU.
With reference to shown in Fig. 3 and Fig. 4, message encryption processing procedure is specifically introduced again below, it is necessary to illustrate, for
The CAPWAP control channel message to be sent, CPU is only only completed the addition of plaintext CAPWAP, and will encrypt related information
(such as Nexthop ID) gives socket (socket layer), and the related information of these encryptions eventually passes through chip information head (ASIC_
Header bag forwarding chip) is given.Specifically included for message encryption processing procedure in chip:
Step 1 ', 1. chip receives the message from CPU in BSR, and message ASIC_Header 1. can be shelled by chip automatically
Fall and resolve to bus (bus) information, and be sent in EPE by BSR.
Step 2 ', EPE according in bus information carry Nexthop ID go index chip in configuration described in
Nexthop tables, obtain a corresponding entry, comprising an ID and isCapwapControl field of encryption Key in entry,
Because isCapwapControl field configurations are 1, chip thinks that the message for receiving comes from CAPWAP control channel.
Step 3 ', chip checks isCapwapControl fields for that after 1, message can be inserted into a DTLS head, and cut
Fall two layers of head, 2. message is then sent to WLAN engine encrypted tunnel C, the Key of encryption brings WLAN engines with BUS.
Step 4 ', after WLAN engines receive the message from its encrypted tunnel C, the information in BUS is checked, if desired add
It is close, then according to be transmitted through in BUS come encryption with Key carried out in the way of DTLS agreements specifys AES calculating ciphertext, carry out DTLS
Encryption, after being encrypted containing the message of IP 3., then by encryption after 3. give IPE treatment again containing the message of IP.Its
In, the Key for using searches key list and obtains by the encryption Key ID on bus.
Step 5 ', IPE receive encryption after containing the message of IP 3. after, be normally carried out routing table lookup and obtain forwarding behavior
ID and outlet, message is sent to BSR, message is given EPE by BSR, and EPE tables look-up by the ID of forwarding behavior and forwarded accordingly
4. behavior, by forwarding behavior editor's message, obtain the message after route editor, and the message finally routeing after editor is 4. from lookup
The outlet (such as Ethernet interface) for going out is forwarded.
Technology contents of the invention and technical characteristic have revealed that as above, but those of ordinary skill in the art still may base
Make a variety of replacements and modification without departing substantially from spirit of the present invention in teachings of the present invention and announcement, therefore, the scope of the present invention
Should be not limited to the content disclosed in embodiment, and should include various without departing substantially from replacement of the invention and modification, and be this patent Shen
Please claim covered.
Claims (9)
1. a kind of chip of CAPWAP control channel DTLS encryption and decryption assists processing method, it is characterised in that methods described includes:
Message decryption processes in chip:After chip receives the message of DTLS encryptions, the CAPWAP tables for looking into configuration in chip are obtained
To decryption Key ID and for judge whether be encryption data bag isEncryptedPkt fields, if described
IsEncryptedPkt field status check errorless, then according to the corresponding key found by the Key ID of the decryption to report
Text is decrypted and obtains plaintext CAPWAP message, and the CAPWAP message is looped back in chip again continues to look into CAPWAP
Table, is finally sent to CPU;
Message encryption processing procedure in chip:After chip receives the message from CPU, according to the Nexthop ID carried in bus
Go to index the Nexthop tables configured in chip, find a corresponding Nexthop entry, chip checks the Nexthop bars
In mesh for judge whether be CAPWAP control channel message isCapwapControl field status, if inspection is errorless,
According to by the encryption in the Nexthop entries with Key ID search the key that obtains and carry out DTLS encryptions to message, and will plus
Being looped back in chip containing IP message after close, is normally carried out message forward process.
2. the chip of CAPWAP control channel DTLS encryption and decryption according to claim 1 assists processing method, it is characterised in that
The decryption processes of the message are specifically included:After chip receives the message of DTLS encryptions, whether first analytic message is local
The message that need to be decrypted, if so, Key ID and the isEncryptedPkt fields that the CAPWAP tables obtain decryption are then searched, if
The isEncryptedPkt field status check errorless, then look into the Key that key list obtains decryption again by the Key ID, then
Message is decrypted using DTLS decipherment algorithms obtains plaintext CAPWAP message, and the CAPWAP message is looped back to again
In chip, analytic message whether be plaintext CAPWAP message, if so, then continuing to search for the CAPWAP tables obtains corresponding bar
Mesh, checks isEncryptedPkt fields in the entry, if inspection does not pass through, chip directly send plaintext CAPWAP message
Toward CPU.
3. chip implementing method according to claim 1, it is characterised in that search the inquiry field used by CAPWAP tables
For:The purpose IP address of message add source IP address plus L4Type add for judging whether it is CAPWAP control channel message
IsCapwapControl fields.
4. chip implementing method according to claim 1, it is characterised in that the configuration isEncryptedPkt fields shape
When state is 1, the packet of encryption is judged as YES, that is, checks errorless.
5. chip implementing method according to claim 1, it is characterised in that in message encryption processing procedure, for
The CAPWAP control channel message to be sent, after CPU completes the addition of plaintext CAPWAP, and gives set by the encryption information
Layer is connect, the encryption information is eventually given chip and is further encrypted by ASIC_Header.
6. chip implementing method according to claim 5, it is characterised in that described after chip receives the message from CPU
ASIC_Header is peeled off by chip and is resolved to the bus information.
7. chip implementing method according to claim 1, it is characterised in that in message encryption processing procedure, the core
After piece receives the message from CPU, remove to index the Nexthop configured in chip according to the Nexthop ID carried in bus
Table.
8. chip implementing method according to claim 1, it is characterised in that the configuration isCapwapControl fields
When state is 1, the message from Capwap control passages is judged as YES, that is, checks errorless.
9. chip implementing method according to claim 1, it is characterised in that the encryption of CAPWAP message in chip
Cheng Zhong, if chip checks that the isCapwapControl field status are 1, inserts message one DTLS and cuts down two
Layer head, then carries out DTLS encryptions to message according to the key, and by encryption after be looped back in chip containing IP message, core
After piece is received containing IP message, it is normally carried out routing table lookup and obtains forwarding behavior and outlet, carries out message forward process.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201611270117.7A CN106790200B (en) | 2016-12-30 | 2016-12-30 | Chip co-processing method for DTLS encryption and decryption of CAPWAP control channel |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201611270117.7A CN106790200B (en) | 2016-12-30 | 2016-12-30 | Chip co-processing method for DTLS encryption and decryption of CAPWAP control channel |
Publications (2)
Publication Number | Publication Date |
---|---|
CN106790200A true CN106790200A (en) | 2017-05-31 |
CN106790200B CN106790200B (en) | 2020-04-14 |
Family
ID=58951785
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201611270117.7A Active CN106790200B (en) | 2016-12-30 | 2016-12-30 | Chip co-processing method for DTLS encryption and decryption of CAPWAP control channel |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN106790200B (en) |
Cited By (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108616355A (en) * | 2018-05-03 | 2018-10-02 | 盛科网络(苏州)有限公司 | Software handshake negotiates the CAPWAP tunnel DTLS encipher-decipher methods of hardware enciphering and deciphering |
CN110535748A (en) * | 2019-09-09 | 2019-12-03 | 北京科东电力控制***有限责任公司 | A kind of vpn tunneling model-based optimization method and system |
CN111092829A (en) * | 2019-12-09 | 2020-05-01 | 昆高新芯微电子(江苏)有限公司 | Multi-core switching chip based on switching architecture and data transmission method thereof |
CN111885062A (en) * | 2020-07-23 | 2020-11-03 | 湖南中车时代通信信号有限公司 | RS485 bus-based communication system and method with authentication encryption function |
CN112332982A (en) * | 2020-11-25 | 2021-02-05 | 盛科网络(苏州)有限公司 | Macsec decryption method and device |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20080072047A1 (en) * | 2006-09-20 | 2008-03-20 | Futurewei Technologies, Inc. | Method and system for capwap intra-domain authentication using 802.11r |
CN102811451A (en) * | 2012-07-23 | 2012-12-05 | 福建星网锐捷网络有限公司 | Method and device for controlling connection of control and provisioning of wireless access points (Capwap) tunnel |
CN103312449A (en) * | 2012-03-16 | 2013-09-18 | 鼎桥通信技术有限公司 | Downlink data packet transmission method under AP (Access Point) networking scene and RNC (Radio Network Controller) |
CN105611529A (en) * | 2015-12-31 | 2016-05-25 | 盛科网络(苏州)有限公司 | Chip implementation method for encrypting and decrypting CAPWAP DTLS message |
CN105635145A (en) * | 2015-12-31 | 2016-06-01 | 盛科网络(苏州)有限公司 | Chip-level safety protection method of CAPWAP DTLS tunnel |
-
2016
- 2016-12-30 CN CN201611270117.7A patent/CN106790200B/en active Active
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20080072047A1 (en) * | 2006-09-20 | 2008-03-20 | Futurewei Technologies, Inc. | Method and system for capwap intra-domain authentication using 802.11r |
CN103312449A (en) * | 2012-03-16 | 2013-09-18 | 鼎桥通信技术有限公司 | Downlink data packet transmission method under AP (Access Point) networking scene and RNC (Radio Network Controller) |
CN102811451A (en) * | 2012-07-23 | 2012-12-05 | 福建星网锐捷网络有限公司 | Method and device for controlling connection of control and provisioning of wireless access points (Capwap) tunnel |
CN105611529A (en) * | 2015-12-31 | 2016-05-25 | 盛科网络(苏州)有限公司 | Chip implementation method for encrypting and decrypting CAPWAP DTLS message |
CN105635145A (en) * | 2015-12-31 | 2016-06-01 | 盛科网络(苏州)有限公司 | Chip-level safety protection method of CAPWAP DTLS tunnel |
Cited By (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108616355A (en) * | 2018-05-03 | 2018-10-02 | 盛科网络(苏州)有限公司 | Software handshake negotiates the CAPWAP tunnel DTLS encipher-decipher methods of hardware enciphering and deciphering |
CN110535748A (en) * | 2019-09-09 | 2019-12-03 | 北京科东电力控制***有限责任公司 | A kind of vpn tunneling model-based optimization method and system |
CN110535748B (en) * | 2019-09-09 | 2021-03-26 | 北京科东电力控制***有限责任公司 | VPN tunnel mode optimization method and system |
CN111092829A (en) * | 2019-12-09 | 2020-05-01 | 昆高新芯微电子(江苏)有限公司 | Multi-core switching chip based on switching architecture and data transmission method thereof |
CN111885062A (en) * | 2020-07-23 | 2020-11-03 | 湖南中车时代通信信号有限公司 | RS485 bus-based communication system and method with authentication encryption function |
CN111885062B (en) * | 2020-07-23 | 2022-06-24 | 湖南中车时代通信信号有限公司 | RS485 bus-based communication system and method with authentication encryption function |
CN112332982A (en) * | 2020-11-25 | 2021-02-05 | 盛科网络(苏州)有限公司 | Macsec decryption method and device |
CN112332982B (en) * | 2020-11-25 | 2022-08-26 | 苏州盛科通信股份有限公司 | Macsec decryption method and device |
Also Published As
Publication number | Publication date |
---|---|
CN106790200B (en) | 2020-04-14 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN106790200A (en) | The chip association processing method of CAPWAP control channel DTLS encryption and decryption | |
JP5785346B1 (en) | Switching facility and data processing method supporting link layer security transmission | |
CN105611529B (en) | The chip implementing method of CAPWAP DTLS message encryption and decryption | |
US9215221B2 (en) | Method for implementing local routing of traffic, base station and system | |
CN111010274B (en) | Safe and low-overhead SRv6 implementation method | |
CN105610790B (en) | The user face data processing method that ipsec encryption card is cooperateed with CPU | |
CN106301765B (en) | Encryption and decryption chip and method for realizing encryption and decryption | |
US20200076773A1 (en) | Configurable service packet engine exploiting frames properties | |
CN108377495A (en) | A kind of data transmission method, relevant device and system | |
US9872175B2 (en) | Packet processing method, apparatus, and system | |
CN106657121B (en) | The method and exchange chip of mirror image 802.1AE plaintext and ciphertext | |
US20220150059A1 (en) | Forwarding device, key management server device, communication system, forwarding method, and computer program product | |
WO2023124880A1 (en) | Packet processing method and device based on macsec network | |
JP4344750B2 (en) | Method and apparatus for in-line encryption and decryption of radio station | |
WO2013179551A1 (en) | Transmission apparatus, reception apparatus, communication system, transmission method, and reception method | |
US9071582B2 (en) | Communication apparatus, reception control method, and transmission control method | |
US20160192187A1 (en) | Frame Transfer Method, Related Apparatus, and Communications System | |
CN110691074B (en) | IPv6 data encryption method and IPv6 data decryption method | |
WO2011079717A1 (en) | Message transmitting method, equipment and system | |
CN110636078A (en) | Method and device for realizing Cloudsec | |
CN112600802B (en) | SRv6 encrypted message and SRv6 message encryption and decryption methods and devices | |
CN106685786B (en) | The chip implementing method of multistage ACL in a kind of wlan system | |
CN109428868B (en) | Method, encryption device, encryption equipment and storage medium for encrypting OSPFv3 | |
WO2022117108A1 (en) | Hard pipeline-based encryption and decryption method and apparatus | |
WO2021208644A1 (en) | Inter-node privacy communication method and network node |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant | ||
CP03 | Change of name, title or address |
Address after: 215101 unit 13 / 16, 4th floor, building B, No. 5, Xinghan street, Suzhou Industrial Park, Jiangsu Province Patentee after: Suzhou Shengke Communication Co.,Ltd. Address before: 215021 unit 13 / 16, floor 4, building B, No. 5, Xinghan street, industrial park, Suzhou, Jiangsu Province Patentee before: CENTEC NETWORKS (SU ZHOU) Co.,Ltd. |
|
CP03 | Change of name, title or address |