| 摘要 |
<P>PROBLEM TO BE SOLVED: To provide methods for securely transmitting a packet between endpoints of a network. <P>SOLUTION: An end-to-end key is established using extant hop-by-hop security associations. In addition, a packet-specific encryption key PEK is used to encrypt a packet p. A signature of the key PEK is independently computed at each of two nodes, using an integrity key shared by the two nodes. The signature is sent from one of the two nodes to the other in association with the packet p. The receiving node uses the signature to verify that the packet p has been originated by an entity having possession of the PEK. <P>COPYRIGHT: (C)2012,JPO&INPIT |
