Research Of Shared Key Generation And Exchange Technology Based On Common Information

With the continuous development of network applications,the number and destructive power of network security attacks are constantly increasing.Encryption technology has played an important role in network security protection due to its effective protection of the confidentiality and integrity of network data.Because symmetric encryption algorithms can cost low system overhead and encrypt large amount of data,they are widely used in data transmission protection processes.In order to ensure the security of the keys,the DH(Diffie-Hellman)key exchange protocol is widely used in the generation and exchange process of symmetric keys.However,so far,the DH key exchange protocol can be attacked by the man-in-the-middle attacks.This thesis studies the man-in-the-middle attack problem of the DH key exchange protocol,and proposes a symmetric key generation and exchange technology based on common information to improve the security of the key generation and exchange process.At the same time,this thesis further designs a common information node selection mechanism based on genetic algorithm to achieve efficient construction and maintenance of the common information node system in the network.The specific research contents are as follows:(1)This thesis proposes a symmetric key generation and exchange technology based on common information,aiming to solve the problem of man-in-the-middle attacks in the DH key negotiation process.The technology uses an effective message matching and common information generation algorithm,combined with a consistency verification mechanism,to enable both users to locally generate consistent common information matrix.Based on this common information matrix,both users can use the large prime number generation algorithm to generate the large prime numbers required for DH key negotiation,thus achieving secure and efficient DH symmetric key negotiation without the need for third-party intervention and low information exchange.The simulation experiment shows that this technology has theoretically provable security and does not significantly increase storage and computational overhead compared to traditional key negotiation schemes.(2)Furthermore,this thesis designs a common information node selection mechanism based on genetic algorithm to achieve efficient construction and maintenance of the common information node system in the network.Considering the significant differences in communication frequency,computing capacity,and storage capacity among different nodes in the network,it is unnecessary and would bring significant overhead to generate a key based on common information between any two nodes.Firstly,this mechanism analyzes the storage and computation overhead of generating a key based on the common information compared to based on the traditional DH key exchange protocol.Based on the cracking time of the key,it analyzes the security enhancement rate of generating a key based on the common information compared to based on the traditional DH key exchange protocol.Under the constraints of node communication frequency,computing capacity,and storage capacity,an optimization model is established to maximize the system security enhancement rate and minimize the system overhead increase rate,and the selection strategy of common information nodes is solved through genetic algorithm.The simulation experiment shows that under different simulation parameter settings,this mechanism has higher optimal solution values and system security enhancement rates compared to traditional DH key exchange protocol.