| RAS provides us a kind of expediency model to access network, it is a basic method for remote users to access internet and intranet, also. In remote access system, the user identification and network security management become more difficult and complicate, because of its highly distributed and entire free features. With the development of E-business and E-office , the importance of transmitted information is rising day after day, the security gap and application risk in RAS need to be solved urgently. According to the security problem, this paper makes an overall study on the user authentication security of RAS, based on the kerberos protocol, using the design technology of the .PKJ-based encryption protocol and the theory of Elliptic Curve Cryptography. The main contents are as follows: (1) Kerberos protocol is reviewed. The project scheme, the user authentication process and the distribution method of secret key of Kerberos are analyzed in detail, and several security problems which need to be solved are greatly discussed. (2) The technology of design encryption-based authentication protocol is studied . A new protocol of remote user authentication is designed, which named Kerberos ECC, based on PKI cryptosystem , adopting Kerberos authentication protocol. (3) The theory of Elliptic Curve Cryptography(ECC) is studied. The algorithm to construct an assigned prime order elliptic curve is designed, and the method of encryption an disencryption is discussed based on ECC. (4) Based on the study of (1), (2)and(3), a new model of remote user authentication system is designed using the protocol of Kerberos ECC. (5) Finally, the dissertation is summarized and concluded with a series of vistas of user~ remote access security in future. |
PDF Full Text Request