信息工程大学学报2023,Vol.24Issue(6):734-740,7.DOI:10.3969/j.issn.1671-0673.2023.06.015
基于P4的转发与加密一体化技术
Integrated Technology of Forwarding and Encryption Based on P4
摘要
Abstract
To address the problem that the current encryption transmission mechanism in the Internet has the characteristics of protocol correlation and cannot meet the needs of secure transmission of multiple private protocols across the Internet at the same time,a Programming Protocol-Independent Packet Processors(P4)-based encryption and forwarding integration technology and system model is proposed.First,based on the programmable data plane,a packet buffering method is designed,which realizes the parsing and header storage of packets of different network protocols.Then,an en-crypted transmission mechanism based on the Chinese secret algorithm is proposed,and the integrat-ed design of encryption and forwarding is realized in the data plane.Finally,the system model is im-plemented on a programmable switching device,and the encryption and decryption operations are of-floaded to a dedicated encryption card,which further makes up for the performance defect of the softswitch.Experiments show that the system achieves multi-protocol encryption and forwarding,and the system performance is significantly optimized through hardware acceleration.关键词
P4/可编程数据平面/加密传输/协议无关Key words
P4/programmable data plane/encrypted transmission/protocol-independent分类
信息技术与安全科学引用本文复制引用
刘泽英,胡宇翔,崔鹏帅,董永吉,王钰..基于P4的转发与加密一体化技术[J].信息工程大学学报,2023,24(6):734-740,7.基金项目
国家重点研发计划资助项目(2019YFB1802501) (2019YFB1802501)
