Research On The Application Of CA Authentication Based On National Cryptographic Algorithm

With the continuous development of enterprise informatization and digital construction,the issue of internal information network security is becoming increasingly prominent,and strengthening the ability to protect internal information network security is becoming increasingly important.CA authentication technology can achieve the identification of user identities in the internal network of enterprises,and is an important technical method for internal network security protection.Traditional CA authentication technology uses a single digital identifier to achieve user or terminal identity authentication,which cannot solve the problem of malicious tampering with terminal hardware,software,and user information.In addition,traditional CA authentication technology uses international standard encryption and decryption algorithms,which do not meet national information security protection requirements.Based on the requirements of enterprise internal information network security protection,this paper designs and implements CA authentication system based on national cryptographic algorithms,improves the functions of traditional CA system,improves the terminal authentication ability,and combines the requirements of enterprise Intranet security access control and software resource management and control for functional verification.The research content and main achievements of this paper are divided into three aspects:(1)Researched the encryption and decryption principles of international universal encryption and decryption algorithms,standard national cryptographic algorithms,and the architecture and related technical standards of public key infrastructure,as well as the advantages of using standard national encryption algorithms in CA authentication systems the advantages of using standard national cryptographic algorithm in CA authentication systems;(2)According to the security requirements of the enterprise’s internal information network,the principle and architecture of CA authentication are studied,and the standard national cryptographic algorithms SM2 and SM3 are integrated with the CA authentication system.A CA authentication center based on the national secret algorithm is designed and developed.(3)Analyzing the current situation of terminal security in the internal information network of a scientific research unit affiliated to the State Grid Corporation of China,and aiming at the problems existing in terminal security access authentication and software resource management,combined with the current network architecture and working methods,a network security access control scheme and software resource management scheme combined with the state secret CA authentication system were designed to achieve user authentication,terminal hardware authentication,and software authentication in the enterprise intranet,and improved the security defense capability of the internal information network.After testing and practical application verification,the system can effectively improve the level of trusted identity authentication and trusted access authentication of terminals and software legitimacy authentication,and can meet the requirements of internal information network security protection.