| 一种支持ECC算法的传输层安全协议 |
| |
| 引用本文: | 谭武征,杨茂江,叶寒. 一种支持ECC算法的传输层安全协议[J]. 信息安全与通信保密, 2010, 0(11): 45-47 |
| |
| 作者姓名: | 谭武征 杨茂江 叶寒 |
| |
| 作者单位: | 上海格尔软件股份有限公司,上海,200042 |
| |
| 基金项目: | 科技部支撑计划资助项目,上海科委资助项目 |
| |
| 摘 要: | 首先介绍了RSA算法和ECC算法(Elliptic Curve Cryptography)在国内外的应用情况,接着介绍了RSA算法在传输层安全协议中的应用情况,并以身份认证系统为例,原有身份认证系统采用TLS(Transport Layer Security)协议,通过对协议的修改,完成协议对椭圆曲线的支持,提出了改进的支持ECC算法的传输层安全协议,协议内容参照传输层安全协议(RFC4346TLS1.1),结合实际应用需求,在TLS1.1的握手协议中增加了ECC的认证模式和密钥交换模式,取消了DH密钥协商方式,修改了密码套件的定义。
|
| 关 键 词: | TLS1.1协议 椭圆曲线算法 密钥交换 密钥协商 |
A Security Protocol at Transport Layer for Support of ECC Algorithm |
| |
| TAN Wu-zheng,YANG Mao-jiang,YE Han. A Security Protocol at Transport Layer for Support of ECC Algorithm[J]. China Information Security, 2010, 0(11): 45-47 |
| |
| Authors: | TAN Wu-zheng YANG Mao-jiang YE Han |
| |
| Affiliation: | (Shanghai Koal Software Co., Ltd., Shanghai 200042, China) |
| |
| Abstract: | This paper first describes the application situation of RSA algorithm and ECC(Elliptic Curve Cryptography) algorithm, including the application situation of RSA algorithm at transport layer protocol, then with authentication system as sample, the security protocol is modified, thus realizing the support of ECC algorithm. Finally, it proposes a security protocol at transport layer in support of ECC algorithm. According to the security protocol (RFC4346 TLS1.1) and its application demand, the authentication mode and key exchange mode of ECC, are added to TIS1.1 protocol, while the DH key negotiation is cancelled, and the definition of key suite modified. |
| |
| Keywords: | TLS1.1 elliptic curve cryptography key exchange key nogotiation |
| 本文献已被 维普 万方数据 等数据库收录! |
|
