通信学报 ›› 2014, Vol. 35 ›› Issue (Z1): 20-26.doi: 10.3969/j.issn.1000-436x.2014.z1.005

• 网络空间完全 • 上一篇    下一篇

基于IPv6源地址验证的一种可信身份系统

周端奇1,2,3,毕军1,2,3,姚广1,2,3   

  1. 1 清华大学 信息网络科学与网络空间研究院,北京 100084
    2 清华大学 计算机科学与技术系,北京 100084
    3 清华信息技术国家实验室,北京 100084
  • 出版日期:2014-10-25 发布日期:2017-06-19
  • 基金资助:
    国家高技术研究发展计划(“863”计划);国家自然科学基金资助项目;国家科技支撑计划基金资助项目

Trustworthy identity system based on IPv6 source address validation

Duan-qi ZHOU1,2,3,Jun BI1,2,3,Guang YAO1,2,3   

  1. 1 Institute for Network Sciences and Cyberspace,Tsinghua University,Beijing 100084,China
    2 Department of Computer Science,Tsinghua University,Beijing 100084,China
    3 Tsinghua National Laboratory for Information Science and Technology (TNList) ,Beijing 100084,China
  • Online:2014-10-25 Published:2017-06-19
  • Supported by:
    The National High Technology Research and Development Program of China (863 Program);The National Natural Science Foundation of China;National Science & Technology Pillar Program of China

在线阅读

12

PDF下载

171

摘要:

摘 要:当前互联网中,并不对分组发送者的身份进行验证,带来了大量的伪造身份的攻击。为了解决这一安全问题,提出了真实可信身份通信系统。基于源地址验证,通过将用户的身份映射为IPv6地址的后64位,实现了在分组中携带用户身份,从而确保了用户身份的隐私性、可验证性和真实性,并对其安全性能进行了实验。

关键词: IPv6, SAVI, 真实身份, 网络安全

Abstract:

In the Internet,there are no mechanisms to verify the identity of a message sender,resulting in a large number of forged identity attacks,such as phishing websites.By mapping the user identity into the rightmost 64 bit of the IPv6 address,this paper tries to make every message embedded with an identity,which lay a credible foundation for communications on the Internet.We design and realize a true identity communication system based on source address validation improvement,which can protect the privacy of the users,and ensure the verifiability and authenticity of the user identities.

Key words: IPv6, SAVI, network security, true identity

No Suggested Reading articles found!