Research And Implementation On Self-trustworthy And Lightweight Network Transport Mechanism

With the rise and development of e-government and e-commerce, we come into the Internet age. The data transmitted in the network are not only simple text, but also more related to information about payment, account, etc. Hence, the data become especially important. But traditional secure network transport protocols have the disadvantages of key distribution overhead, connection setup latency, complicated session states, complex protocol definition and so on. The secure transport protocol based on self-validating mark is proposed recently. But the protocol is hard to deploy. Because the protocol is not compatible to the existing TCP/IP architecture. According to these problems, we do a deep research on secure network transport protocol and key agreement algorithm. In practical terms, this paper has following contributions:(1) A design of an efficient and extensible identity-based key agreement algorithmAs the precondition and foundation of secure network transport protocols, the key agreement algorithm is very important. According to the technology adopted in this paper,we mainly focus on the related work on identity-based key agreement algorithm. We divide the multiple PKG environment into two types and put forward a key agreement algorithm suitable for both types of environment. In addition, we firstly introduce the concept of public computation into the identity-based key agreement algorithm and greatly reduce the computing load of the terminal device. This technology makes it outperform other algorithms on the same kind. We also demonstrate that our algorithm satisfies all the security properties which a key agreement algorithm should have in theory.(2) A design of a lightweight and self-trustworthy network transport protocol which supports incremental deploymentIn traditional secure network transport protocol, the participant need a certificate to bind its identity and its public key. Therefore, we take the participant's IP address as the public key based on identity-based cryptography. This makes the protocol selftrustworthy for independent of certificates. Getting rid of certificates also reduce the overhead on transmission and calculation. We also consider the specific application scenario and adopt the bilinear math tool to make that the participants even can directly calculate the session key without any interaction. Hence, our protocol is lightweight as IP. Moreover, we still use the traditional IP address to communicate, so our protocol is compatible to TCP/IP architecture. Especially, we introduce the idea of opportunistic encryption into our protocol design to make the protocol have the property of incremental deployment.This property is good for the protocol's popularization and application, and this is not supported on most of other similar protocols.(3) Implementation and tests on self-trustworthy and lightweight network transport protocolWe first describe the two technical routes in implementing the protocol, and analyze the advantages and disadvantages of both two routes. After we choose the route according to the current research stage and the difficulty of development, we further illuminate some key technologies and their concrete implementation during the protocol development. At last, we demonstrate that our implemented protocol reaches design goals through functional and performance tests.