| 一种CA密钥的多级安全保护方案 |
| |
| 引用本文: | 尹华.一种CA密钥的多级安全保护方案[J].计算机工程与应用,2011,47(18):109-111. |
| |
| 作者姓名: | 尹华 |
| |
| 作者单位: | 赣南师范学院 数学与计算机科学学院,江西 赣州 341000 |
| |
| 摘 要: | 针对CA密钥的高安全性需求,提出一种多级的保护机制。使用RSA算法产生密钥,采用(t,n)秘密共享将其分发到t个签字服务器,用异构平台存储密钥份额,并使用主动式秘密技术周期性更新密钥份额,对密钥份额进行恢复和有效性验证。设计了分阶段签字方案,多级安全保护机制有效地增强了CA密钥的安全性。通过Java和Open SSL对方案进行了实现。
|
| 关 键 词: | 安全性 密钥保护 密钥份额 |
| 修稿时间: | |
Multi-level security scheme of CA private key protection |
| |
| YIN Hua.Multi-level security scheme of CA private key protection[J].Computer Engineering and Applications,2011,47(18):109-111. |
| |
| Authors: | YIN Hua |
| |
| Affiliation: | College of Mathematics and Computer Science,Gannan Normal University,Ganzhou,Jiangxi 341000,China |
| |
| Abstract: | A multi-level protection mechanisms of CA(Certificate Authority) private key is proposed for its high-security needs.The key is generated using the RSA algorithm,then the CA private key is distributed to signature servers with (t,n) secret sharing,and the private key sharing is periodically updated using the proactive secret scheme.The recovery and verification of the key are also carried,and a phased-based RSA signature mechanism is used.Multi-level security protection mechanism is used to enhance the security of the CA key.At last,Java and Open SSL are adopted to realize it. |
| |
| Keywords: | security private key protection private sharing |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
| 点击此处可从《计算机工程与应用》浏览原始摘要信息 |
|
点击此处可从《计算机工程与应用》下载全文 |
