Handshake processing method, client and server

Abstract

The embodiment of the invention provides a handshake processing method, a client side and a server. The method can comprise the steps that digital signature information of a secret key used for performing PSK handshake is transmitted to the server, and summary information which is transmitted by the server and included in the digital signature information is received, wherein the summary information is obtained by decrypting the digital signature information through the server; the preset handshake indication information and the summary information are processed based on the preset summary algorithm so as to obtain the processing result, wherein the handshake indication information is used for indicating a PSK handshake with the server; and when the processing result is identical with thehandshake indication information transmitted by the server, a PSK handshake request is transmitted to the server according to the secret key so as to perform PSK handshake processing with the server,wherein the handshake indication information is obtained by processing the handshake indication information and the summary information based on the summary algorithm by the server and transmitted. The handshake processing security and reliability can be enhanced by the handshake processing method, the client side and the server.

Description

technical field [0001] The present invention relates to the field of communication technologies, and in particular, to a handshake processing method, a client and a server. Background technique [0002] Transport Layer Security (TLS) is used to provide confidentiality and data integrity between clients and servers. At present, the draft of TLS 1.3 (version 1.3 of TLS) is being developed. The draft of TLS 1.3 designs a type of connection establishment method based on pre-shared key (PSK). The connection establishment method based on PSK can establish an efficient connection. . In the PSK-based connection establishment method, the key negotiated between the client and the server needs to be stored in the client. If the key stored by the client is leaked, the established connection will be eavesdropped or attacked by a man-in-the-middle. If the client permanently stores the key (for example, the client stores the key in a disk), due to the complex environment of the client, t...

AI Technical Summary

Problems solved by technology

If the client stores the key permanently (for example, the client stores the key in a disk), due to the complex environment of the client, the permanently stored key is easily leaked and the security is low

If the client caches the key (for example, the client stores the key in memory), when the client fails and a large number of processes related to the connection exit, the key is lost and the connection will be disconnected, which is less reliable. Low

Traditional PSK-based connection establishment methods cannot take into account security and reliability at the same time

Images