| Virtual Private Network (VPN) is a product from the development of Internet technology and the need of increasing business, which establishes a virtual private safe network on unsafe public network. Virtual Private Network, based on the Secure Socket Layer (SSL), is a new type of advanced technology. The growing diversity of network applications and the growing importance of network security have increased the security demand of remote access, which is beyond the traditional IPSec VPN. All these advantages, such as irrelevance with the platform and convenience in the configuration have made SSL VPN the best choice in remote secure access.This thesis defines the SSL VPN at the beginning, discusses its architecture and its working principle, and researches deeply about the key technologies of SSL VPN system. Based on the detailed analysis of the performance of SSL VPN, the client balanced SSL handshake protocol is proposed, which makes use of the client's idle time that clients wait for the server decrypting with the RSA private key, in order to balance the computing volume of the server and client. The server makes security by verifying the data sent from the client. Meanwhile, in order to improve the computation speed of the server, the Chinese Remainder Theorem (CRT) is used in RSA decryption algorithm. Considering the security of the system and authenticity of users, this thesis also analyzes the choice of parameters. The client balanced SSL handshake protocol, which is based on the Chinese Remainder Theorem, has effectively improved the performance of the server of the SSL VPN , the SSL VPN system.In fact, the confidentiality of information is not the same, and a small portion of the information needs high-strength security. Different levels of security can be used to protect different resources. Therefore, different levels of encryption methods can be used for different users or different confidentiality requirements in order to optimize the performance of the server. |
PDF Full Text Request