Research And Implement Of Secure Communication System Based On HMAC

Along with the rapid development of communication and Internet, the network information security has become the important question being paid much attention to currently. It is cried for in the current information age to research the network information security.A secure communication system has been designed and implemented in this paper and this system not only ensured the communication security but also ensured the high communication speed and efficiency, so it achieved the balance of safe, speed and efficiency.This paper started with the basic attacks of network information security including initiative attack and passive attack and analyzed the actuality of the encryption technology and the message authentication technology as well as other correlative technologies and pointed out the problems and its development direction. Then a secure communication system based on HMAC was designed and implemented by researching relative technologies.The system design contains five parts: identity authentication, key exchange, message authentication, encryption and communication. The paper made schemes and analyzed the security for every part of the system. In identity authentication, one-time-password was used, which can run with high speed and resist all kinds of password attacks to resolve the insecurity of password authentication. And a cryptographically pseudo-random generator was designed to generate a session key of 256 bits for every session of server and client. In message authentication, the improved HMAC was used. which embedded SHA-256. In order to prevent difference attack the output of the MAC was truncated and hided some hash result information to attackers. And a unique and incremental message number was imported to prevent resending attack. The AES under CTR was applied in the system. The encryption key flow was precomputed to reduce the transporting delay. In addition, this paper provided the system structure and implement solution on the basis of designing every part of the security communication system. The system has run successfully on the lab LAN and the run result as well as the test data has been presented in the paper.