| In pace with the computer skillfulness' s evolvement,the network skill is used more and more widely,and the data security problem in network communication has also become the focus of attention among modern people.In order to meet this security requirement,the SSL(Secure Socket Layer)protocol has become the most widely using and secure communication method for the secure transmission of information.However,in the face of various emerging Internet technologies,the challenges faced in network security have become increasingly severe.The traditional SSL protocol has been difficult to deal with various network attacks.How to improve the SSL protocol,and the ability to resist attacks and ensure the secure transmission of network information data has become an imminent problem.This article has optimized and improved in authentication and session key transmission two aspects in SSL protocol.In the authentication phase,the platform identity certificate of the trusted computing cryptography module TCM was introduced to perform system-based identity authentication for the client and the server.On the basis of this,a dual-signature mechanism was introduced,for SSL certificates and platform identity certificates in correspondence authentication.This prevents various identity forgery attacks.In the session key transmission phase,the idea of key transmission of the trusted computing cryptographic module TCM was introduced to ensure the secure transfer of the key between the client and the server;the encryption algorithm of TCM internal security higher encryption algorithm SM2 was introduced in the session phase.The above optimizations are well-tolerated against attacks on cryptographic algorithms,man-in-the-middle attacks and other kinds of attacks.Finally,this paper optimizes the key management in the SSL protocol and adds the key management idea of the trusted computing module TCM to make the key management more secure and reasonable. |
PDF Full Text Request