Computer Science

Computer Science ›› 2021, Vol. 48 ›› Issue (11A): 678-681.doi: 10.11896/jsjkx.210100030

• Interdiscipline & Application • Previous Articles     Next Articles

Application of Chinese Cryptographic Algorithm in RPKI

LENG Feng1,2,3, ZHANG Ming-kai2, YAN Zhi-wei2, ZHANG Cui-ling2, ZENG Yu1,2   

  1. 1 Computer Network Information Center,Chinese Academy of Sciences,Beijing 100190,China
    2 China Internet Network Information Center,Beijing 100190,China
    3 University of Chinese Academy of Science,Beijing 100049,China
  • Online:2021-11-10 Published:2021-11-12
  • About author:LENG Feng,born in 1982,Ph.D,is a member of China Computer Federation.His main research interests include internet infrastructure resources and network security.
    ZENG Yu,born in 1973,Ph.D,resear-cher,Ph.D supervisor,is a member of China Computer Federation.His main research interests include computer architecture,network security and digital economy.
  • Supported by:
    Beijing Nova Program of Science and Technology(Z191100001119113).

PDF (PC)

708

Abstract: The security of routing systems attracts extensive attention worldwide with increasing inter-domain routing hijacking incidents in recent years.As a routing security verification system,the RPKI system can greatly reduce the risk of routing hijacking by working with existing routing broadcast strategies.The signature algorithm is limited to the RSA asymmetric encryption algorithm,and the hash algorithm is limited to the SHA-256 algorithm.With the upgrading of cryptographic algorithms,it is reasonable to expected that the RPKI system will gradually accept more algorithms to meet security and performance requirements.This article introduces the SM2 and SM3 algorithms,also known as Chinese commercial cryptographic algorithms,into RPKI system,and establishes a complete set of cryptographic algorithm testing environment from multi-dimensional aspect to compare Chinese commercial cryptographic performance with standard RFC defined algorithms.After performance evaluation and comparison,we discuss the algorithm feasibility,optimization and improvement methods in large-scale deployment environments,and the prospect of the future development of the existing crypto system in RPKI system.

Key words: Asymmetric encryption, Hash algorithm, Performance test, Routing security, RPKI

CLC Number: 

  • TP393
[1]Towards uncovering BGP Hijacking attacks [EB/OL].https://pastel.archives-ouvertes.fr/tel-01412800/-document.2016.
[2]RIPE NCC YouTube Hijacking:A RIPE NCC RIS case study[EB/OL].https://www.ripe.net/publication-s/news/industry-developments/youtube-hijacking-a-ripe-ncc-ris-case-study[2008].
[3]ThousandEyes,Anatomy of a BGP Hijack on Amazon's Route 53 DNS Service [EB/OL].https:/-/medium.com/thusandeyes/anatomy-of-a-bgp-hijack-on-amazons-route-53-dns-servicea5eebb3e9375.2018.
[4]APNIC RFC7935[EB/OL].https://tools.ietf.org/ht-ml/rfc79-35.2016.
[5]BBN TechnologiesRFC3779[EB/OL].https://tool-s.ietf.org/html/rfc3779.2004.
[6]QIN X W.Head First RPKI[M].Publishing house of electronics industry,2018.
[7]RSA Laboratories[EB/OL].https://tools.ietf.org/-html/rfc4055.2005.
[8]Public Key cryptographic algorithm SM2 based on elliptic curves Part 2:Digital signature algorithm[S].Beijing:Chinese Standard Publishing House,2012.
[9]Information security techniques—SM3 cryptographic hash algorithm[S].Beijing:Chinese Standard Publishing house,2012.
[10]MA D.RPKI Overview[J].Telecommunications Network Technology,2012.
[11]GENG X J,MA D,MAO W,et al.RPKI Cache Update Mechanism Based on HTTPS[J].Computer Systems and Applications,2019,28(9):72-80.
[12]Cloudflare RIPE79 Cloudflare and RPKI at scale [EB/OL].https://ripe79.ripe.net/presentations /40-RIPE79-Cloudflares-RPKI-validator.pdf.
[1] DENG Liang, XU Geng-lin, LI Meng-jie, CHEN Zhang-jin. Fast Face Recognition Based on Deep Learning and Multiple Hash Similarity Weighting [J]. Computer Science, 2020, 47(9): 163-168.
[2] CHEN Li-feng, ZHU Lu-ping. Encrypted Dynamic Configuration Method of FPGA Based on Cloud [J]. Computer Science, 2020, 47(7): 278-281.
[3] HE Xia, TANG Yi-ping, WANG Li-ran, CHEN Peng, YUAN Gong-ping. Multitask Hierarchical Image Retrieval Technology Based on Faster RCNNH [J]. Computer Science, 2019, 46(3): 303-313.
[4] CHEN Tie-nan,TANG Zhen,WANG Xiao-ran,REN Kai and ZHI Meng-xuan. Large Scale Performance Test Service Platform Based on Cloud [J]. Computer Science, 2014, 41(9): 63-66.
[5] LIANG Li-tu and LU Lu. Modified Hierarchy Clustering Algorithm for User-session-based Performance Testing [J]. Computer Science, 2014, 41(11): 46-49.
[6] GUO Shu-xia,DONG Zhong-yao,ZHANG Ning and LIU Meng-jiang. Anti-jamming Performance Test System Building Method of Beidou Satellite Navigation Receiver [J]. Computer Science, 2013, 40(7): 28-31.
[7] . Application of Autonomous Component Architecture in Storage Business Simulation Test [J]. Computer Science, 2012, 39(8): 164-168.
[8] LI Lei, HAN Wen-hao. Implementation of Pipeline Structure on FPGA for SHA-1 [J]. Computer Science, 2011, 38(7): 58-60.
[9] RAO Li,ZHANG Yun-quan,LI Yu-cheng. Performance Test and Analysis of Alltoall Collective Communication on Domestic [J]. Computer Science, 2010, 37(8): 186-188.
[10] JIN Yu-chang,QIN Qi-wen,AN Jun-xiu. Psychological Analysis of Trends Intelligent Network Model [J]. Computer Science, 2010, 37(6): 273-277.
[11] WU Jun-Feng, DAI Gui-Lan ,BAI Xiao-Ying, YIN Ren-Kun (Department of Computer Science and Technology, Tsinghua University, Beijing100084). [J]. Computer Science, 2006, 33(9): 257-261.
[12] . [J]. Computer Science, 2006, 33(8): 278-280.
[13] . [J]. Computer Science, 2006, 33(8): 134-137.
[14] ZHAO Chong-Chong , BAI Xiao-Ying , WANG Zhao (Department of Computer Science and Technology, Tsinghua University,Beijing 100084). [J]. Computer Science, 2006, 33(3): 244-248.
[15] LIU Hang ,DAI Guan-Zhong, LI Hui-Hui,CHEN Zan-Feng (Cyberspace Security Center, Northwestern Polytechnical University, Xi'an 710072). [J]. Computer Science, 2006, 33(2): 97-99.
Viewed
Full text


Abstract

Cited
  Shared   
  Discussed   
No Suggested Reading articles found!
渝ICP备16013121号-4
Add:18# Honghu West Rd., Yubei ,Chongqing,China    Post Code: 401121
Tel: 023-63500828/023-67039612/023-67039623
E-mail: jsjkx12@163.com
Powered by Beijing Magtech Co., Ltd.