计算机应用 ›› 2005, Vol. 25 ›› Issue (01): 168-172.DOI: 10.3724/SP.J.1087.2005.0168

• 网络与通信 • 上一篇    下一篇

一种基于IPSec的宽带无线IP网络匿名方案与实现

吴振强1,2,马建峰1   

  1.  1.西安电子科技大学计算机网络与信息安全教育部重点实验室; 2.陕西师范大学计算机科学学院

  • 发布日期:2005-01-01 出版日期:2005-01-01
  • 基金资助:

     国家863计划资助项目(2002AA143021);;国家自然科学基金重大计划资助项目(90204012)

Anonymity scheme and implementation based on IPSec for broadband wireless IP networks

WU Zhen-qiang1,2, MA Jian-feng1   

  • Online:2005-01-01 Published:2005-01-01

摘要:

宽带无线IP(BroadbandWirelessIP,BWIP)是结合无线通信和Internet的新技术,其安全性研究已成为全球关注的焦点,目前提出的许多安全解决方案对用户匿名性考虑较少。文中结合IPSec的ESP和AH协议,利用MobileIP中FA与HA的代理功能,提出一种基于IPSec的BWIP网络匿名方案,该方案可以提供双向、实时的宽带无线Internet匿名通信,可以有效地阻止宽带无线Internet中流量分析攻击。文中先给出匿名方案的实现原理和匿名通道建立协议,然后给出实现本匿名方案的数据封装格式。分析表明,该匿名方案在支持IPSec的IP路由器和IP网关上容易实现,可以作为BWIP网络匿名基础设施。

关键词: 宽带无线IP, IPSec协议, 匿名通信, 洋葱路由技术

Abstract:

Broadband wireless IP(BWIP) is a new technique connecting wireless communications and Internet. Its security researches have become a global problem. Unfortunately, many security schemes do not consider the user’s anonymity. An anonymity scheme based on the IPSec protocol was given, which combined the agent functions of HA and FA in mobile IP and the ESP and AH in IPSec. This scheme provided bi-directional, real-time anonymous broadband wireless Internet communication that resisted traffic analysis for any broadband wireless IP applications. The principle and the created protocol of this scheme were first presented. Then the IP datagram format and the implementation of this scheme were described. This scheme was easily implemented in security gateways or IP router which supported IPSec, and could be implemented as an anonymous infrastructure for BWIP networks.

Key words:  Broadband wireless IP, IP security protocol, anonymous communication, onion routing

中图分类号: