A method to prevent the recovery of the secret channel key of the secure socket layer
A secure socket layer and key recovery technology, which is applied in the communication field, can solve the problems of undetected random information reliability of the SSL protocol, no preventive measures for latent channel key recovery, and latent channel key recovery, etc., to achieve Prevent latent channel key recovery, maintain security and credibility, and improve the effect of random security
Active Publication Date: 2018-08-17
西安奥联汇智信息安全技术有限公司
View PDF5 Cites 0 Cited by
- Summary
- Abstract
- Description
- Claims
- Application Information
AI Technical Summary
Problems solved by technology
The disadvantage of this patented technology is that when it is used for SSL protocol communication, the random information field of ClientHello sent by the client to the server is not strictly regulated, and the random information field can be used as a latent channel, and there is a latent channel encryption risk of key recovery
The shortcomings of this patented technology are: the reliability of the random information of the SSL protocol is not detected, and no preventive measures are taken for the recovery of the hidden channel key, which threatens the security of the system
Method used
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View moreImage
Smart Image Click on the blue labels to locate them in the text.
Smart ImageViewing Examples
Examples
Experimental program
Comparison scheme
Effect test
Embodiment Construction
[0027] The present invention will be described in further detail below in conjunction with the accompanying drawings.
[0028] refer to figure 1 , the usage scenario diagram of the present invention includes: a regulatory agency, a client, a server, a client gateway and a server gateway. in:
[0029] The client gateway is the network egress of the client, and the server gateway is the network egress of the server. The client needs to communicate with the server using the secure socket layer SSL communication protocol, and is the initiator of each communication process. At the client gateway or server gateway, the supervisory authority monitors the communication process of the SSL communication protocol between the client and the server, and can terminate the execution of the SSL communication protocol with hidden channel key recovery risks.
[0030] If a specific client needs to prevent the recovery of the secret channel key based on the SSL protocol, then the client can on...
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More PUM
Login to View More Abstract
The invention discloses a method of preventing SSL subliminal channel key recovery, mainly solving the problem of lack of authentication of random information in the prior art. The technical scheme comprises: a supervision mechanism distributing a token to a client, and the client employing the random information generated by the token to fill client greeting information; the supervision mechanism monitoring a communication process to obtain and verify the random information filled by the client so as to verify whether a random information generating mode is safe and whether the random information is tamped in a communication process; and continuously executing protocols passing verification, and establishing safe connection in order to transmit application data, and terminating protocols not passing verification by the supervision mechanism. The method can detect and terminate SSL protocols with subliminal channel key recovery hidden troubles, effectively prevent subliminal channel key recovery based on an SSL communication protocol, and be used for the improvement of the SSL communication protocol.
Description
technical field [0001] The invention relates to the technical field of communication, and further relates to a method for preventing latent channel key recovery, which can be used to improve the secure socket layer SSL communication protocol. Background technique [0002] The Secure Sockets Layer (SSL) protocol is widely used to protect communications between Web servers and browsers, most of which involve online transaction security, and can protect communication security based on the Transmission Control Protocol (TCP). The SSL protocol encrypts the data transmitted by the application program to ensure the confidentiality and integrity of the transmitted data and improve the security of network transmission. [0003] At present, there are some methods to improve the security of the SSL protocol, but these methods do not take corresponding precautions against the key recovery mechanism based on the submerged channel. For example, the method of secondary key negotiation and...
Claims
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More Application Information
Patent Timeline
Login to View More Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06H04L9/32
CPCH04L9/3213H04L63/12H04L63/168
Inventor 苏锐丹刘中山刘会森杨海刘梓良
Owner 西安奥联汇智信息安全技术有限公司