计算机工程与应用 ›› 2008, Vol. 44 ›› Issue (35): 28-29.DOI: 10.3778/j.issn.1002-8331.2008.35.008

• 博士论坛 • 上一篇    下一篇

改进的密码生成地址方法

闫 巧1,2   

  1. 1.深圳大学 信息工程学院,广东 深圳 518060
    2.清华大学 深圳研究生院,广东 深圳 518055
  • 收稿日期:2008-07-23 修回日期:2008-09-08 出版日期:2008-12-11 发布日期:2008-12-11
  • 通讯作者: 闫 巧

Advanced Cryptographically Generated Addresses(ACGA) method

YAN Qiao1,2   

  1. 1.School of Information Engineering,Shenzhen University,Shenzhen,Guangdong 518060,China
    2.Graduate School at Shenzhen,Tsinghua University,Shenzhen,Guangdong 518055,China
  • Received:2008-07-23 Revised:2008-09-08 Online:2008-12-11 Published:2008-12-11
  • Contact: YAN Qiao

摘要: 提出一种改进的密码生成地址方法,ACGA涉及到两组公钥和私钥对,一组是ISP的公钥和私钥对,其中私钥在分配ACGA地址中使用,公钥在验证该地址是否存在或是否来自声称的ISP中使用。另一组是ACGA地址主人的公钥和私钥,公钥用来生成OCGA地址,而私钥用来对该地址发送的消息进行数字签名。ACGA能够克服原始密码生成地址算法即CGA算法的不足,抑制各种情况下的IPv6源地址假冒攻击。

关键词: 密码生成算法, IPv6安全, IP源地址假冒攻击

Abstract: An Advanced Cryptographically Generated Addresses(ACGA) method is proposed.It uses two sets of cryptographically keys to produce IPv6 address.One set cryptographically key is public key and private key of ISP.And the private key is used in assigning ACGA address,the public key is used in validating whether the address come from the ISP that it claimed.Another set cryptographically key is public key and private key of address owner.And the public key is used in generating OCGA address.And the private key is used in generating digital signs.ACGA method can overcome the shortcomings of CGA(Cryptographically Generated Addresses) and suppress all kinds of IPv6 source address spoofing attacks.

Key words: Cryptographically Generated Addresses(CGA), IPv6 security, IP source address spoofing attack