Unlock instant, AI-driven research and patent intelligence for your innovation.

Establishing method for SSL connection and communication method and device based on SSL connection

An establishment method and client-side technology, applied in the field of communication security, can solve the problems that data communication is vulnerable to man-in-the-middle attacks, and the security of client-server communication data is reduced, so as to avoid man-in-the-middle attacks and ensure security.

Active Publication Date: 2014-08-13
SHENZHEN UNIV
View PDF3 Cites 6 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] The purpose of the embodiments of the present invention is to provide a method for establishing an SSL connection and a communication method and device based on an SSL connection, aiming to solve the problem that the data communication between the client and the server in the existing SSL protocol is easily attacked by a man-in-the-middle The problem of reduced security of communication data between client and server

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Establishing method for SSL connection and communication method and device based on SSL connection
  • Establishing method for SSL connection and communication method and device based on SSL connection
  • Establishing method for SSL connection and communication method and device based on SSL connection

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0045] figure 1 The implementation flow of the method for establishing an SSL connection provided by Embodiment 1 of the present invention is shown, and the details are as follows:

[0046] In step S101, the client sends a request message for establishing an SSL connection to the server, and the request message includes the generated first random number.

[0047] In the embodiment of the present invention, the client may be a browser, or other dedicated clients that can be connected to the Web service. When the client connects to the server, it sends a request message to the server to establish an SSL connection. The request message includes the version number of the SSL protocol that the client can support the highest, the session ID, the list of cipher suites supported by the client, the list of compression algorithms and It is used as a parameter such as a random number for generating a key, and the random number is recorded as the first random number here.

[0048] In st...

Embodiment 2

[0072] figure 2The structure of the establishment device 2 of the SSL connection provided by the second embodiment of the present invention is shown. For the convenience of description, only the parts related to the embodiment of the present invention are shown, wherein the establishment device 2 of the SSL connection includes the following units:

[0073] A request message sending unit 2101, configured for the client to send a request message for establishing an SSL connection to the server, where the request message includes the generated first random number;

[0074] A response message returning unit 2201, configured for the server to return a response message of the request message to the client, where the response message includes the server certificate and the generated second random number;

[0075] The first processing unit 2102 is configured for the client to authenticate the server certificate through a public key infrastructure, and after successful authentication,...

Embodiment 3

[0089] image 3 It shows the implementation flow of the communication method based on implementing an established SSL connection provided by Embodiment 3 of the present invention, and is described in detail as follows:

[0090] In step S301, the client uses the first session master key to encrypt the client data segment to be transmitted to obtain a third ciphertext, and calculates the MAC value of the third ciphertext, which is recorded as the seventh MAC value.

[0091] In step S302, the client sends the seventh MAC value to the server.

[0092] In this embodiment of the present invention, the client data segment to be transmitted may be request information or data to be sent by the client. After the SSL connection is established through the method in Embodiment 1 of the present invention, communication between the client and the server starts. First, use the first session master key generated by the client to encrypt the client data segment to be transmitted to obtain the...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention is applied to the field of communication safety and provides an establishing method for SSL connection and a communication method and device based on SSL connection. An interlocking mechanism is introduced in the process of establishing SSL connection between a client side and a server. First, the client side and the server respectively receive MAC values corresponding to ciphertext data, and after the ciphertext data are received, the MAC values of the encrypted message ciphertext data are respectively calculated. It is judged whether man-in-the-middle attack exists through comparison, so that safety of a subsequently generated master session key is ensured, and man-in-the-middle attack is effectively avoided.

Description

technical field [0001] The invention belongs to the field of communication security, and in particular relates to a method for establishing an SSL connection and a communication method and device based on the SSL connection. Background technique [0002] The Secure Sockets Layer (SSL) protocol is mainly used in the data encryption of web page (Web) services to ensure the data security of Web communications between users and servers. The SSL protocol can be divided into two layers: SSL Record Protocol (SSL Record Protocol): based on a reliable transmission protocol (such as TCP), it provides support for basic functions such as data encapsulation, compression, and encryption for high-level protocols. SSL Handshake Protocol (SSL Handshake Protocol): Built on the SSL record protocol, it is used for identity authentication, negotiation of encryption algorithms, and exchange of encryption keys before the actual data transmission begins. [0003] The existing SSL handshake protoco...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L29/06H04L9/32
Inventor 段孝茹陈剑勇林秋镇喻建平
Owner SHENZHEN UNIV
Features
  • R&D
  • Intellectual Property
  • Life Sciences
  • Materials
  • Tech Scout
Why Patsnap Eureka
  • Unparalleled Data Quality
  • Higher Quality Content
  • 60% Fewer Hallucinations
Social media
Patsnap Eureka Blog
Learn More

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2025 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com