Design And Realization Of Specific Requirement-Oriented Security Protocol In Data Link Layer

Nowadays people's lives are greatly changed by the widely used Internet. However, the network is open without borders and freedom and has other characteristics, so it has exposed a number of security problems. Among them, network wiretapping is a kind of typical network security threats which can capture users' account numbers, passwords and so on, and it causes high-level security risk. Therefore, it attracts people's attention. In order to effectively prevent the occurrence of wiretapping to protect the security of data transmission in some key apartments such as bank and stock institutions, this paper designs and realizes a specific requirement-oriented security protocol in data link layer. Test results show that it is a safe and effective method.In this paper, we carry out research in the following aspects.1. We analyze the implementation principles and harm of network wiretapping, and portray methods adopted by researchers around the world to prevent this harmful technology action.2. We do research for theory of the security protocol in data link layer. Based on the Ethernet architecture, we analyze the Ethernet frame formation and sub-layer with its function of 1000M Ethernet. Besides, we describe the sending clock composition and receiving clock recovery technique, AES algorithm and encryption/decryption process.3. With the physical layer chip and transmission medium of traditional Ethernet as well as the reconfigurable FPGA, we propose to design and realize the specific requirement-oriented security protocol in data link layer. Then we analyze and demonstrate the clock technique, preamble technique and encryption technique from the two aspects of feasibility and security.4. This paper establishes an engineer scheme of Ethernet data link protocol design. We design and realize the prototype system of PCI network card and switcher of the specific requirement-oriented security protocol in data link layer.5. We propose to take several encryption engines to accelerate AES, deduce the reverse process of decryption key, and complete the optimal AES encryption and decryption module design and parallel realization.6. We build experiment environment to test connectivity and transfer rate of prototype system of PCI network card on condition that varying clock rate and preamble, as well as correctness of AES encryption/decryption module. Finally we validate the function and performance of the specific requirement-oriented security protocol in data link layer.