摘要
首先介绍了RSA算法和ECC算法(Elliptic Curve Cryptography)在国内外的应用情况,接着介绍了RSA算法在传输层安全协议中的应用情况,并以身份认证系统为例,原有身份认证系统采用TLS(Transport Layer Security)协议,通过对协议的修改,完成协议对椭圆曲线的支持,提出了改进的支持ECC算法的传输层安全协议,协议内容参照传输层安全协议(RFC4346TLS1.1),结合实际应用需求,在TLS1.1的握手协议中增加了ECC的认证模式和密钥交换模式,取消了DH密钥协商方式,修改了密码套件的定义。
This paper first describes the application situation of RSA algorithm and ECC(Elliptic Curve Cryptography) algorithm, including the application situation of RSA algorithm at transport layer protocol, then with authentication system as sample, the security protocol is modified, thus realizing the support of ECC algorithm. Finally, it proposes a security protocol at transport layer in support of ECC algorithm. According to the security protocol (RFC4346 TLS1.1) and its application demand, the authentication mode and key exchange mode of ECC, are added to TIS1.1 protocol, while the DH key negotiation is cancelled, and the definition of key suite modified.
出处
《信息安全与通信保密》
2010年第11期45-47,共3页
Information Security and Communications Privacy
基金
科技部支撑计划资助项目(编号:2008BAH22B02
2009BAH47B03
2008BAH24B04-02)
上海科委资助项目(编号:06HX11803
08dz1500600)
