Supercharge Your Innovation With Domain-Expert AI Agents!

A kind of traffic fast forwarding method and system based on ssl/tls protocol

A fast, high-flow technology, applied in transmission systems, digital transmission systems, and key distribution, can solve problems such as increased transmission delay, powerlessness, and reduced TLS throughput rate, achieving the effect of reducing transmission delay and improving performance

Active Publication Date: 2021-07-30
INST OF ACOUSTICS CHINESE ACAD OF SCI +1
View PDF3 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

This scheme is easy to implement, but there are also problems: after the data collector obtains the data, it needs to decrypt the data into plaintext, and then encrypt it into ciphertext and send it to the peer end, which will obviously increase the transmission delay and reduce the TLS throughput rate
This scheme does not need to decrypt and then encrypt the ciphertext data. Therefore, it has obvious advantages over the middleman agent scheme in terms of corresponding time and throughput. However, this scheme also has problems: when the data in the ciphertext needs to be modified During auditing, for example, when operations such as protocol analysis or modification of plaintext data are required, this solution is helpless

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A kind of traffic fast forwarding method and system based on ssl/tls protocol
  • A kind of traffic fast forwarding method and system based on ssl/tls protocol
  • A kind of traffic fast forwarding method and system based on ssl/tls protocol

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0045] like figure 1 As shown in the figure, the present invention proposes a method for fast forwarding of traffic based on the SSL / TLS protocol. Server hello messages, client key exchange messages, etc. are collectively referred to as handshake messages), based on the judgment criteria of supporting fast forwarding of SSL / TLS traffic, the establishment of the SSL / TLS connection is completed, and when the data collector needs to forward the ciphertext data, the According to the judgment criterion that supports fast forwarding of SSL / TLS traffic, for the current connection that supports fast forwarding, the data collector directly forwards the ciphertext data to the client or server through the fast forwarding channel; for the connection that does not support fast forwarding, the data collection The controller forwards the encrypted data to the client or server through the conventional forwarding channel, thereby greatly improving the throughput performance of the acquisition ...

Embodiment 2

[0064] Embodiment 2 of the present invention also provides a traffic fast forwarding system based on the SSL / TLS protocol, and the system includes:

[0065] The receiving module is used to receive the client greeting message sent by the client, modify it, and record the random number of the client;

[0066] The forwarding module is used to forward the modified client greeting message to the server;

[0067] The obtaining module is used to obtain the server greeting message according to the modified client greeting message;

[0068] The data acquisition module is used to send the server hello message to the data collector, and record the protocol version information and encryption suite information in the server hello message, as well as the server random number;

[0069] The judgment module is used to judge whether the current connection supports fast forwarding according to the judgment criteria for supporting fast forwarding of SSL / TLS traffic; if the current connection sup...

Embodiment 3

[0088] Embodiment 3 of the present invention also provides a computer device, including a memory, a processor, and a computer program stored on the memory and executable on the processor, and the processor implements the computer program when the processor executes the computer program. The method of Example 1 above.

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention belongs to the technical field of network information security, and in particular relates to a fast traffic forwarding method based on the SSL / TLS protocol. The method includes: receiving the client greeting message sent by the client, modifying it, and recording the number; forward the modified client hello message to the server; obtain the server hello message according to the modified client hello message; send the server hello message to the data collector, and record the protocol version information and Encryption suite information, and random numbers on the server side; the client, data collector, and server are mutually authenticated, and the three establish SSL / TLS protocol connections with each other; judge the current connection based on the judgment criteria that support SSL / TLS traffic fast forwarding Whether to support fast forwarding; this method greatly improves the performance of the collection system and reduces the transmission delay of the collection system.

Description

technical field [0001] The invention belongs to the technical field of network information security, in particular to a method for fast forwarding of traffic based on the SSL / TLS protocol. Background technique [0002] SSL / TLS protocol, namely Secure Socket Layer / Transport Layer Security (Secure Socket Layer / TransportLayer Security, SSL / TLS protocol), is currently the most widely used secure communication protocol, running on a reliable transport layer protocol, various Under the application layer protocol, by establishing a secure connection between the client and the server, the messages of both parties are prevented from being eavesdropped, tampered with and forged, thereby providing confidentiality, integrity, privacy and authentication for data communication on the Internet and other security services. SSL / TLS is a layered protocol, which includes: a record layer protocol at the bottom layer, a change encryption specification protocol at the upper layer, an alarm proto...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06H04L12/727H04L12/729H04L9/08H04L45/121H04L45/125
CPCH04L63/166H04L63/168H04L45/121H04L45/125H04L9/08H04L9/0869H04L9/0891
Inventor 宋磊李传宏闫露郭志川韩陆超刘磊
Owner INST OF ACOUSTICS CHINESE ACAD OF SCI
Features
  • R&D
  • Intellectual Property
  • Life Sciences
  • Materials
  • Tech Scout
Why Patsnap Eureka
  • Unparalleled Data Quality
  • Higher Quality Content
  • 60% Fewer Hallucinations
Social media
Patsnap Eureka Blog
Learn More

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2025 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com