Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Method for establishing channel in TLS1_3 protocol based on national cryptographic algorithm

A national secret algorithm and technology for establishing a channel, which is applied in the field of establishing a channel in the TLS1_3 protocol based on the national secret algorithm, can solve the problems of different key lengths, different iterative structures, and inability to apply the national secret algorithm, so as to increase security, The effect of avoiding packet content theft and improving security and performance

Active Publication Date: 2020-04-10
CHINA FINANCIAL CERTIFICATION AUTHORITY
View PDF5 Cites 7 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] However, since the above national secret algorithm is different from the existing algorithm used in the TLS1_3 protocol, such as the key length is different, and the iteration structure is different, the national secret algorithm cannot be applied to the TLS1_3 protocol according to the existing method

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method for establishing channel in TLS1_3 protocol based on national cryptographic algorithm
  • Method for establishing channel in TLS1_3 protocol based on national cryptographic algorithm
  • Method for establishing channel in TLS1_3 protocol based on national cryptographic algorithm

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0028] The present invention will be described in detail below in conjunction with the accompanying drawings and embodiments.

[0029] figure 1 It shows a sequence diagram of the message interaction process between the client and the server in the embodiment. In the figure, "+" indicates the extended message of the previous message (the bold indicates that this embodiment adds the original extension according to the extension rules); "*" indicates the optional extension (the bold and underlined indicates that this embodiment The newly added extension in ); "{}" indicates that these packets are protected using a key derived from [sender]_handshake_traffic_secret; "[]" indicates that these packets are protected using a key derived from traffic_secret_N.

[0030] The key parameters used in the secure channel are generated by the TLS1_3 handshake protocol. The TLS1_3 handshake protocol is used when the client 1 (Client) and the server 2 (Server) communicate for the first time. T...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a method for establishing a channel in a TLS1_3 protocol based on a national cryptographic algorithm. The method comprises a key exchange stage, a server parameter stage and anidentity authentication stage. In the key exchange phase, an SM2 key exchange algorithm is introduced to negotiate a shared key, and compared with international algorithms such as ECDH and ECDSA, a safer mechanism is adopted; in the identity authentication stage, compared with an RSA algorithm, the SM2 algorithm has the advantages that the encryption strength is similar to the safety performanceof a 3072-bit RSA algorithm when the key length of the SM2 algorithm is 256 bits, two message words are used in each round of a compression function of the SM3 algorithm, and the SM3 algorithm has higher word completeness than an existing SHA256 algorithm. In a symmetric encryption algorithm, an SM4 algorithm is introduced, a 32-round nonlinear iterative structure is adopted, the number of roundsof calculation is far larger than that of an AES algorithm, and safety is higher. According to the method, by improving the encryption algorithm serving as a data transmission safety core, secret keyleakage in the transmission process is avoided, and the safety of establishing a TLS1_3 channel is improved to a great extent.

Description

technical field [0001] The invention relates to the technical field of network security, in particular to a method for establishing a channel in the TLS1_3 protocol based on a national secret algorithm. Background technique [0002] Transport Layer Security (TLS) is a widely used security protocol on the Internet, used to provide confidentiality and data integrity between two communication applications, and is the standard for transport layer security. In the course of many years of application, attacks against the protocol continue to appear. Therefore, improving protocol security is of great significance to the popularization and development of the protocol, and the encryption algorithm is the core of data transmission security. [0003] In the existing technology, a variety of different encryption algorithms have emerged based on different encryption and decryption ideas. Each set of encryption algorithms has its own unique processing methods, and they are often incompat...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L9/06H04L9/30H04L9/32H04L29/06
CPCH04L9/0618H04L9/0643H04L9/0631H04L9/302H04L9/3249H04L9/3239H04L63/166
Inventor 林峰杨晓宇颜海龙任新海
Owner CHINA FINANCIAL CERTIFICATION AUTHORITY
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com