The Cryptographically Generated Address (CGA) is a kind of special IPv6 address, in which the interface identifier is generated according to a public key in combination and auxiliary information by using a unidirectional encryption hash algorithm. In the use of the CGA, a receiver needs to recompute a hash value, and compares the hash value with interface identifier in an address of a sender to verify a binding relation between the public key of the sender and the address of the sender. Protection to a network message may be achieved by attaching the public key and the auxiliary information to the message, and then signing the message by using a corresponding private key. The CGA solution solves an authentication problem of the address within the IP layer, and does not need other authoritative certificate systems or other secure architectures; therefore, the CGA solution is a simple and effective security solution.
As the CGA binds the public key/private key of an address owner, the address owner may sign a message sent by the address owner by using the private key of this public/private key system, so as to achieve a purposes of authenticating the source of the message and protecting the integrity of the message. A receiver, i.e. a verifier, must verify the CGA and the signature; if any one of the verifications of the CGA and the signature is not matched, the verification process fails and the corresponding address and message are not reliable.
The existing CGA protocol is specified that only a Ron-Shamir-Adleman (RSA) public key, which is a public key system invented by Ron-Shamir-Adleman, and may be used for signing in the network communication to achieve a purpose of authentication, is supported due to incomplete consideration when the CGA is designed as well as a purpose of implementing the protocol simply and feasible. Since the requirement of the network communication security on key strength has been enhanced, the length of the RSA key increasingly becomes a shackle of use of the CGA. At present, the commonly used 1024 bits RSA key has 128 bytes, and the industry-accepted 1024 bits RSA key is regarded to be insecure in 2010; therefore, the key with more bits becomes a mandatory requirement. However, overlong keys bring burdens to computing, storing, and communicating. Especially for a large number of mobile and portable terminal equipment and sensors, as the limitations of computing capability and storage capability, the key is required to be as short as possible with the same security strength.
In a conventional technology that the CGA binds a number of public keys, the public keys, which may include other public key other than the RSA, are bound when the CGA address is generated. However, when the technology is implemented, the original deployment of CGA addresses and the public key must be updated to generate and deploy new CGA address and related public key. The solution is not advisable under a condition that a user does not want to change the original deployment of IP address and the public key.