| dbo:abstract |
Anti-replay is a sub-protocol of IPsec that is part of Internet Engineering Task Force (IETF). The main goal of anti-replay is to avoid hackers injecting or making changes in packets that travel from a source to a destination. Anti-replay protocol uses a unidirectional security association in order to establish a secure connection between two nodes in the network. Once a secure connection is established, the anti-replay protocol uses packet sequence numbers to defeat replay attacks as follows: When the source sends a message, it adds a sequence number to its packet; the sequence number starts at 0 and is incremented by 1 for each subsequent packet. The destination maintains a 'sliding window' record of the sequence numbers of validated received packets; it rejects all packets which have a sequence number which is lower than the lowest in the sliding window (i.e. too old) or already appears in the sliding window (i.e. duplicates/replays). Accepted packets, once validated, update the sliding window (displacing the lowest sequence number out of the window if it was already full). (en) 防重放(Anti-replay)亦称反重放、抗重放,是互联网工程任务组(IETF)之IPsec的一个子协议。它的主要目的是避免黑客注入或篡改从源到目的地的網路封包。防重放协议使用为网络中的两个节点之间建立安全连接。在安全连接建立后,防重放协议使用封包序列号抗衡重放攻击,具体如下:在源发送消息时,它向其封包添加一个序列号;序列号从0开始,后续每个封包递增1。目的地则以“滑动窗口”维护有效接收分组的序列号记录,它将拒绝所有所含序列号低于滑动窗口中最小值(即太旧)或者序列号已于滑动窗口中出现(即重复/重放)的封包。通过验证的已接收封包将使滑动窗口更新,如果滑动窗口已满则将最小的序列号移出窗口。 (zh) |
| dbo:wikiPageID |
1973337 (xsd:integer) |
| dbo:wikiPageLength |
1987 (xsd:nonNegativeInteger) |
| dbo:wikiPageRevisionID |
1122156876 (xsd:integer) |
| dbo:wikiPageWikiLink |
dbc:Internet_layer_protocols dbc:Network_layer_protocols dbr:Unidirectional_network dbr:Communications_protocol dbr:Cryptanalysis dbr:Security_association dbr:Network_packet dbr:Transport_Layer_Security dbr:Hacker dbc:Cryptographic_protocols dbc:Tunneling_protocols dbr:Replay_attack dbr:Internet_Engineering_Task_Force dbr:Sliding_window_protocol dbr:IPsec dbr:Session_ID dbr:Man_in_the_middle_attack dbr:Secure_connection |
| dbp:wikiPageUsesTemplate |
dbt:Internet-stub dbt:Reflist |
| dct:subject |
dbc:Internet_layer_protocols dbc:Network_layer_protocols dbc:Cryptographic_protocols dbc:Tunneling_protocols |
| gold:hypernym |
dbr:Part |
| rdf:type |
yago:WikicatCryptographicProtocols yago:WikicatNetworkLayerProtocols yago:WikicatTunnelingProtocols yago:Abstraction100002137 yago:Communication100033020 yago:Direction106786629 yago:Message106598915 yago:Protocol106665108 yago:WikicatInternetLayerProtocols yago:WikicatInternetProtocols yago:Rule106652242 |
| rdfs:comment |
防重放(Anti-replay)亦称反重放、抗重放,是互联网工程任务组(IETF)之IPsec的一个子协议。它的主要目的是避免黑客注入或篡改从源到目的地的網路封包。防重放协议使用为网络中的两个节点之间建立安全连接。在安全连接建立后,防重放协议使用封包序列号抗衡重放攻击,具体如下:在源发送消息时,它向其封包添加一个序列号;序列号从0开始,后续每个封包递增1。目的地则以“滑动窗口”维护有效接收分组的序列号记录,它将拒绝所有所含序列号低于滑动窗口中最小值(即太旧)或者序列号已于滑动窗口中出现(即重复/重放)的封包。通过验证的已接收封包将使滑动窗口更新,如果滑动窗口已满则将最小的序列号移出窗口。 (zh) Anti-replay is a sub-protocol of IPsec that is part of Internet Engineering Task Force (IETF). The main goal of anti-replay is to avoid hackers injecting or making changes in packets that travel from a source to a destination. Anti-replay protocol uses a unidirectional security association in order to establish a secure connection between two nodes in the network. Once a secure connection is established, the anti-replay protocol uses packet sequence numbers to defeat replay attacks as follows: When the source sends a message, it adds a sequence number to its packet; the sequence number starts at 0 and is incremented by 1 for each subsequent packet. The destination maintains a 'sliding window' record of the sequence numbers of validated received packets; it rejects all packets which have a (en) |
| rdfs:label |
Anti-replay (en) 防重放 (zh) |
| owl:sameAs |
freebase:Anti-replay yago-res:Anti-replay wikidata:Anti-replay dbpedia-tr:Anti-replay dbpedia-zh:Anti-replay https://global.dbpedia.org/id/4RWMD |
| prov:wasDerivedFrom |
wikipedia-en:Anti-replay?oldid=1122156876&ns=0 |
| foaf:isPrimaryTopicOf |
wikipedia-en:Anti-replay |
| is dbo:wikiPageWikiLink of |
dbr:Internet_security dbr:Network_packet |
| is foaf:primaryTopic of |
wikipedia-en:Anti-replay |