| 摘要 |
<p>PROBLEM TO BE SOLVED: To provide: a method for establishing an end-to-end key using extant hop-by-hop security associations; and a method in which a packet-specific encryption key PEK is used to encrypt a packet p.SOLUTION: A signature of the key PEK is independently computed at each of two nodes, using an integrity key shared by the two nodes. The signature is sent from one of the two nodes to the other in association with the packet p. The receiving node uses the signature to verify that the packet p is originated by an entity in possession of the PEK.</p> |
