Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Method and device for decryption with website certificate private key of target website

A technology for target websites and network equipment, applied in the direction of public key of secure communication, user identity/authority verification, digital transmission system, etc., can solve the problem of obtaining and cracking certificate private key, etc., to improve security and ensure security , the effect of ensuring safety

Inactive Publication Date: 2018-03-16
BAIDU ONLINE NETWORK TECH (BEIJIBG) CO LTD
View PDF4 Cites 6 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Such a mechanism has the following problems: 1) First, during the calculation process, the private key of the certificate exists in plain text in the memory, which may be obtained by an attacker through a tool that reads the memory; 2) Second, it is stored persistently on the web server Although the private key of the certificate is encrypted, the software containing its decryption key or decryption method is often stored persistently on the same server
If the attacker obtains the certificate private key file and these software, it is also possible to crack the certificate private key to obtain plaintext

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and device for decryption with website certificate private key of target website
  • Method and device for decryption with website certificate private key of target website

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0033] The present invention will be described in further detail below in conjunction with the accompanying drawings.

[0034] figure 1 It shows a CA certificate network device 1, a decryption network device 2, and a CA distribution management network device 3 for decrypting using a website certificate private key of a target website according to one aspect of the present invention, wherein the CA certificate network device 1 includes a A device for encrypting the website certificate private key based on the public key generated by the hardware RSA decryption card to obtain the encrypted website certificate private key (hereinafter referred to as "encryption device 11") and for encrypting the encrypted website certificate The website certificate private key is offline stored to the device of the CA distribution management network device (hereinafter referred to as "storage device 12"), and the decryption network device 2 is used to send the encrypted website certificate to the...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention aims at providing a method and a device for decryption with a website certificate private key of a target website. Concretely, a decryption network device sends a query request about anencrypted website certificate private key to a corresponding CA distribution management network device, receives the encrypted website certificate private key sent by the CA distribution management network device in response to the query request, performs decryption processing for the encrypted website certificate private key based on a private key generated by a corresponding hardware RSA decryption card so as to obtain a plaintext of the website certificate private key. Compared with the prior art, the method and the device provided by the invention realize the following beneficial effects:during a distribution process of the website certificate private key, the website certificate private key is encrypted, and asymmetric encryption is used, thus, safety of an encrypted secret key is guarantee further; and neither the hardware RSA decryption card nor the decryption network device where the hardware RSA decryption card is located stores the plaintext or a ciphertext of the website certificate private key permanently, so that the risk of being stolen of the website certificate private key is reduced further.

Description

technical field [0001] The invention relates to the technical field of the Internet, in particular to a technique for decrypting using a website certificate private key of a target website. Background technique [0002] HTTPS (Hyper Text Transfer Protocol, Hyper Text Transfer Protocol over Secure SocketLayer), is a security-oriented HTTP channel for secure HTTP data transmission. It has been widely used in security-sensitive communications on the World Wide Web, such as transaction payments, etc. . In the implementation of https, the security of the private key of the website certificate is a very important issue. If the private key of the website certificate is leaked, the attacker can pretend to be a legitimate website, or decrypt the encrypted traffic based on eavesdropping, which poses a serious threat to user privacy, password and asset security. [0003] Since the private key of the website certificate is used in the calculation of the https handshake phase, the priv...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L9/30H04L9/32
CPCH04L9/302H04L9/3268H04L63/0442H04L63/0823
Inventor 韦韬欧阳剑章淼
Owner BAIDU ONLINE NETWORK TECH (BEIJIBG) CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com