基于IPSec安全协议的传输模式下ESP协议的模块设计
2023-04-19 17:51:25
论文总字数:24013字
摘 要
IPSec(Internet Protocol Security的缩写)互联网安全协定,是透过对IP协议(互联网协议)的分组进行加密和认证来保护IP协议的部分相互关联的协议的集合。IPsec由两大部分组成:建立安全分组流的密钥交换协议;保护分组流的协议。前者为互联网密钥交换(IKE)协议。后者包括加密分组流的封装安全载荷协议(ESP协议)或认证头协议(AH协议)协议,用于保证数据的机密性、来源可靠性(认证)、无连接的完整性并提供抗重播服务。IP协议分为传输模式和隧道模式。ESP(Encapsulating Security Payload)即封装安全载荷,为IP数据包提供完整性的检查、认证与加密,因此能被视作是“超级 AH”, 它为IP提供了加密性并防止它被非法篡改。本课题是基于IPSec安全协议的传输模式下ESP模块设计,主要任务是将所本科阶段所学习的电路基础、集成电路设计、EDA技术和集成电路CAD的基础知识运用到实际的工程设计软件操作之中,利用Modelism软件和ISE软件编写出SA_Receiver、Send和Encapsulation模块的代码并完成仿真波形,得到输出结果,检验是否上符合IPSec数据包的格式,得知操作的正确性。
关键词:IPSec;传输模式;封装;ESP模块
Module Design for Transmission Mode of ESP Protocol Based on the IPSec Security Protecol
Abstract
IPSec (Internet Protocol Security) Internet Security agreement is through the group of IP (Internet Protocol) encryption and authentication to protect the IP Protocol are interrelated in the part of the collection. IP is an open standard frame structure that composed of two parts: establishing security key exchange protocol packet flow. Protection protocol packet stream. The former for the Internet key exchange (IKE) protocol. The latter include encapsulation security encryption packet flow load protocol (ESP protocol) or authentication header (AH) protocol, is used to ensure data confidentiality, source reliability (certification), connectionless integrity against the replay and provide services. It through the end-to-end security to provide proactive protection from the attack of private network and the Internet. IP is divided into transmission mode and tunnel mode. ESP (Encapsulating Security Payload) is encapsulated Security load, for the integrity of the IP packets to provide inspection, authentication and encryption, thus can be seen as "super AH", it provides the IP encryption and prevent it from being tampered with illegally. This topic is based on IPSec security protocols transmission mode of the ESP module design, the main task is to the undergraduate learning by circuit basis, integrated circuit design, EDA technology and integrated circuit CAD knowledge the basis of to the actual engineering design software operation, use of foreign software write relevant code and complete the simulation waveform, in practice to complete the combination of theory and practice.
Keyword:IPSec;transmission mode;Encapsulating;ESP
目录
摘要 I
Abstract II
目录 III
第一章 绪论 1
1.1 IPSec协议介绍 1
1.2 IPSec发展的当前情况 2
第二章 IPSec的传输模式与ESP协议模块的原理 4
2.1 ESP协议 4
2.2 传输模式 4
2.3 各模块的数据格式 4
2.3.1 整体模块图 4
2.3.2 SA模块 5
2.3.3 发送给加密模块的数据格式 6
2.3.4 Send模块 6
第三章 各模块的设计与仿真 8
3.1 设计工具 8
3.1.1 Modelsim软件 8
3.1.2 ISE软件 8
3.1.3 Verilog语言 8
3.2 封装模块 9
3.2.1 SA_Receiver模块 9
3.2.2 Send模块 11
3.2.3 Encapsulation模块 12
3.3 解封装模块 14
3.4 封装安全载荷简介 14
3.5 输入数据的处理 15
3.6 仿真结果 17
第四章 基于ESP协议模块的版图设计 19
4.1 DC (Design Compiler) 综合 19
4.2 Astro布局布线 20
4.3 本章小结 22
第五章 总结与展望 23
5.1 经验与不足 23
5.2 前景展望 23
谢 辞 24
参考文献 25
第一章 绪论
1.1 IPSec协议介绍
剩余内容已隐藏,请支付后下载全文,论文总字数:24013字