Computer Science

Computer Science ›› 2024, Vol. 51 ›› Issue (6A): 230500209-7.doi: 10.11896/jsjkx.230500209

• Information Security • Previous Articles     Next Articles

Design and Implementation of SNMPv3 Security Mechanism Based on National Security SM3 andSM4 Algorithms

TIAN Hao, WANG Chao   

  1. National Computer System Engineering Research Institute of China,Beijing 102200,China
  • Published:2024-06-06
  • About author:TIAN Hao,born in 1999,postgraduate.His main research interests include network protocol security and information security.
  • Supported by:
    National Key Research and Development Program(2021YFB3101600).

PDF (PC)

323

Abstract: With the rapid development of network technology and the increasing popularity of 5G technology,the number of devices accessing the network is increasing exponentially,the network structure is becoming increasingly complex,and malicious network attacks are frequent.How to securely and efficiently manage the large number of complex network devices is becoming a new challenge for network management.Compared with v1 and v2,SNMP v3 adds a user-based security model that provides security services such as data confidentiality,integrity,and anti-replay.However,SNMPv3 still has problems,such as the default authentication algorithm and encryption algorithm strength,which are not high,and the cryptographic algorithm does not fully support the national standard for commercial confidentiality algorithms.Based on the analysis of the existing security mechanism of SNMPv3 protocol,this paper proposes an optimization scheme for the existing problems of SNMPv3 based on user security model,embedded SM3 and SM4 national security algorithms into SNMPv3 security mechanism,and designs HMAC-SM3-192 authentication protocol and PRIV-CBC-SM4 encryption protocol for SNMP protocol based on SM3 and SM4 national security algorithms.Without significantly increasing the response time,it improves the ability to resist security threats such as forgery,information tampering and information leakage during SNMP message transmission,and achieves the optimization of SNMP protocol in terms of security.

Key words: SNMPv3, User security model, SM3 hash algorithm, SM4 symmetric encryption algorithm

CLC Number: 

  • TP311
[1]YING W F,DUAN X D,SHEN J L.Analysis and com-parison of SNMPv1,SNMPv2 and SNMPv3 security protocols[J].Computer Engineering,2002,28(10):153-156.
[2]CHEN Y,LU Z X,FENG Y L.Analysis and Comparison ofSNMPv1,SNMPv2c and SNMPv3 Protocol Structures[J].Modern Computer,2004(2):59-64.
[3]PENG Z F,LI F,LUO C J.Research on the security scheme of network management system based on SNMP[J].Computer Engineering and Design,2010,31(17):3778-3780.
[4]LUO Y,YAO J L.Research on efficient algorithm of MIB con-struction tree based on SNMP[J].Computer Engineering and Design,2010,31(15):3386-3389.
[5]CHENG C L,ZHANG D Y.An improved SNMPv3 model supporting multicast[J].Computer Science,2012,39(4):89-93.
[6]ZHANG Y,HONG W J.Research on SNMPv3 optimizationbased on user security model[J].Netinfo Security,2012(2):74-77.
[7]GUO X Q,XIE C W.Application of SNMP communication protocol in the database of ship communication network man-agement system[J].Ship Science and Technology,2021,43(24):130-132.
[8]ZHANG L L,ZHANG Y Q.Brute Force Attack on Block Cipher Al-gorithm Based on Distributed Computation[J].ComputerEngineering,2008(13):121-123.
[9]GUO H,DING G L,LIU C J,et al.Realization of DEMA for DES I mple mentation[J].Microelectronics & Compute,2009,26(12):34-37.
[10]WANG X,YU H.How to break MD5 and other hash functions[C]//Proc of the 24th Annual Int Conf on the Theory and Applications of Cryptographic Techniques.2005:19-35.
[11]WANG X Y,YU H B.Survey of Hash Function[J].Journal of Information Security Research,2015,1(1):19-30.
[12]HARRINGTON D,PRESUHN R,WIJNEN B.An architecture for describing simple network management protocol(SNMP) management frameworks[C]//RFC 3411.IETF,2002.
[13]BLUMENTHAL U,WIJNEN B.User-based security model(USM) for version 3 of the simple network management protocol(SNMPv3)[C]//RFC 3414.IETF,2002.
[14]WIJNEN B,PRESUHN R,MCCLOGHRIE K.RFC3415:View-based Access Control Model(VACM) for the Simple Network Management Protocol(SNMP)[C]//RFC 3415.IETF,2002.
[15]HU J X,YANG Y,XIONG L,et al.SM Algorithm Analysis andSoftware Performance Research[J].Netinfo Security,2021,21(10):8-16.
[16]WANG X Y,YU H B.SM3 cryptographic hash algorithm[J].Journal of Information Security Research,2016,2(11):983-994.
[1] . Improved Model of SNMPv3 Supporting Multicast [J]. Computer Science, 2012, 39(4): 89-93.
Viewed
Full text


Abstract

Cited
  Shared   
  Discussed   
No Suggested Reading articles found!
渝ICP备16013121号-4
Add:18# Honghu West Rd., Yubei ,Chongqing,China    Post Code: 401121
Tel: 023-63500828/023-67039612/023-67039623
E-mail: jsjkx12@163.com
Powered by Beijing Magtech Co., Ltd.