TLS protocol session key restoration method based on random number implicit negotiation

A session key and random number technology, which is applied to the public key and key distribution of secure communication, can solve the problems that cannot meet the usage scenarios of TLS middleware

Active Publication Date: 2019-04-09
NAT UNIV OF DEFENSE TECH
View PDF3 Cites 17 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0014] In view of the fact that the existing TLS middleware security protection methods cannot meet the current and future TLS middleware use scenarios, the present invention provides

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • TLS protocol session key restoration method based on random number implicit negotiation
  • TLS protocol session key restoration method based on random number implicit negotiation
  • TLS protocol session key restoration method based on random number implicit negotiation

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0065] The present invention will be further described below in conjunction with the accompanying drawings and specific preferred embodiments, and the steps include:

[0066] In the first step, the middleware randomly generates a public-private key pair (sk m , pk m ), Where g is the generator of the elliptic curve x25519. The middleware sends the private key sk m Keep it secret, put the public key pk m sent to the client.

[0067] In the second step, the client receives the public key pk m After that, save it locally and use it to generate a handshake temporary private key when establishing a TLS connection later. The client and the server perform a handshake. When constructing the handshake message, the client selects a random number r, and sets g r Fill in the random number field of the handshake message. For the elliptic curve chosen by the client for ECDHE key exchange, the client computes the handshake ephemeral key client will esk c The corresponding public ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a TLS protocol session key restoration method based on random number implicit negotiation, and aims at solving the problem that the existing TLS middleware security protection method cannot meet the current and future TLS middleware use scenarios. The method comprises the following steps that 1, middleware generates a public and private key pair, and sends a public key to aclient; 2, a client stores the public key, shakes hands with a server, constructs a shaking message and sends the shaking message to the server; 3, the middleware stores the handshake message and forwards the handshake message to the server; 4, the server sends a message to the client; 5, the middleware calculates a handshake message encryption key; 6, the middleware decrypts the message, restoresthe session key through calculation, and forwards the received message at the same time; 7, the client sends a message to the middleware after receiving the server message; 8, the middleware forwardsthe message to the server, and generates a session multiplexing main password; 9, the middleware decrypts the TLS traffic and executes a middleware function. The method can be used for the TLS middleware technology, provides network-based security attributes, and greatly reduces the calculation cost of the middleware.

Description

technical field [0001] The invention belongs to the technical field of computer network security, and relates to a method for restoring a session key of a secure transport protocol, in particular to a method for restoring a session key of a Transport Layer Security (TLS) protocol based on random number implicit negotiation. Background technique [0002] In the computer age, the biggest security threat faced by terminals is various computer viruses, and antivirus cards and antivirus software can provide effective security protection. In the Internet age, the security threats faced by terminals have increased dramatically: including Trojan horses, spyware, hijacking attacks, phishing emails, phishing networks, and so on. At this time, in addition to installing security software on the terminal, more network-based security defense methods such as firewall, intrusion detection system IDS / IPS, content review, and data audit need to be set up at the network boundary. Different fr...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L9/30H04L9/08H04L29/06
CPCH04L9/0869H04L9/3066H04L63/0435H04L63/06H04L63/166
Inventor 陈荣茂李杰苏金树陈曙晖王小峰张博锋孙一品王飞刘宇靖
Owner NAT UNIV OF DEFENSE TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap