| With the rapid development and popularization of network technology, network computing model occupies an increasingly important position. The characteristics of this model are:(1) Applications and data run and store on the server side;(2) Client or even only a monitor and input device, do not carry out complex calculations. In many cases, staff travelling or working at home need to access applications and data in the server.This change promotes rapid development of remote desktop software. So, Microsoft developed Remote Desktop Protocol (RDP), and the other companies subsequently developed VNC, Team Viewer, LogMeIn and so on. With the rapid development of remote desktop software, its security becomes a great challenge.This article considers the security of remote desktop software, and proposes a program to improve its security. RDP is designed on the basis of the T120series protocol family expansion. It is convenient to access Windows server applications and data in the enterprise network, using this protocol. In this mode, the applications run on the server, and the client’s keyboard and mouse input is transmitted to the server through the network. On the contrary, server screen information is passed to the client over network. Because the network structure of RDP is clear, it’s easy to learn and research.In this thesis, the idea is as follows:using ECC Elliptic Curve cryptography to improve the security of the RDP protocol. Through feasibility analysis, the RDP protocol comes with secure layer that could encrypt and decrypt the data. If we use the ECC directly to modify the secure layer of RDP protocol, the RDP server-side will be modified. The RDP server is integrated in the Windows operating system. If we directly modify the secure layer of RDP, the workload and cost are enormous. Therefore, on the feasibility, this paper presents the solution as follows.(1) Using ECC to extend SSL handshake protocol. In the case of equal security, the ECC key length is much shorter than the other public-key cryptosystem key lengths.In the previous work, ECC160bit key security and a RSA1024bit key security are equivalent. Compared with RSA, ECC encryption/decryption speed faster.So ECC can improve the performance of the SSL handshake protocol. Under the same performance, increasing the ECC key length can improve security.(2) Using SSL protocol extended by ECC to improve the security of Remote Desktop Protocol. The RDP protocol is an application layer protocol and the SSL protocol is designed between the TCP layer and application layer in the TCP/IP network model.So,using SSL protocol to improve the safety of the RDP protocol does not affect the original structure of the RDP protocol.In SSL extension, we use the ECDH key exchange algorithm, ECDSA signature, AES256algorithm and SHA1cipher suite to Verify the identity information of each other and to encrypt/decrypt the data transmitted.It ensures the secure transmission of data between client and server. |
PDF Full Text Request