Design And Implementation Of Key Exchange In Network Encryption Link Machine

With the development of the times,the construction of information society has become increasingly perfect every day,tens of thousands of electronic information is transmitted in a variety of channels,and the transmission of these information applications are becoming increasingly widespread,such as search engine,mobile payment,e-commerce,Internet finance,Internet banking,multimedia network information transmission,social networking and so on.They are closely related to our life.There are important to our country.For example,big strategic security,equipment confidentiality,etc.This information is very important to the country or individual.And now the danger of information disclosure has been revealed,for instance,the embassy system was attacked and college students SMS fraud.The events of information disclosure have an negative impact on our society and country.Therefore,the study of confidential communication should be taken seriously and become an effective way to prevent information disclosure.In this paper,we mainly design a cryptographic process using key exchange to realize the encryption of networked link machines.The key exchange mode adopts elliptic curve cryptosystem(ECC).The core of this method is based on the difficulty of elliptic curve to solve discrete logarithms.The security of ECC is mainly achieved by use the security of elliptic curves to construct discrete logarithm problems.This method I used have the consideration of practicability.That is,in the premise of same key's length,the elliptic curve cryptosystem security is much greater than other systems(RSA public key encryption,DH key exchange mechanism,etc.).ECC system 160 to 256 bits are equivalent to the RSA method of 1024 ~ 3072 bit security level.The hardware part of this design is based on the STM32 control module and DM9000 type chip.The external communication interface adopts RJ-45 network interface.The software part is mainly UIP-UDP network communication,networkpacket forwarding part and data encryption and decryption program.We use the AES packet encryption algorithm for the part of encryption and decryption.Using the elliptic curve cryptography system generates AES key and ensure the security of the key exchange and identity authentication.The design achieves the exchange of key in a safe and reliable way through many computers that they are connect to internet.