网络与信息安全学报2017,Vol.3Issue(12):8-16,9.DOI:10.11959/j.issn.2096-109x.2017.00224
增强TLS 1.3中Early data安全性的协议
Protocol to enhance the security of Early data in TLS 1.3
摘要
Abstract
The new 0-RTT Internet key exchange was drawn on the TLS 1.3 session resumption phase, the rFSOPKE protocol was constructed, and the Early data encryption and transmission process were improved. The rFSOPKE protocol can protect the forward security of Early data and protect it from replay attacks during the validity period of the Ticket. Compared with the previous Early data transmission process, rFSOPKE greatly enhanced the security of Early data. Due to the increase in the calculation and transmission overhead of this protocol when sending Early data, the efficiency of the protocol is reduced. However, rFSOPKE can embed the appropriate algorithm according to the different application environment, so more efficient algorithms should be chosen to improve the protocol implementation speed.关键词
0-RTT/Early data/前向安全/重放攻击/rFSOPKEKey words
0-RTT/Early data/forward security/replay attack/rFSOPKE分类
信息技术与安全科学引用本文复制引用
张兴隆,程庆丰,马建峰..增强TLS 1.3中Early data安全性的协议[J].网络与信息安全学报,2017,3(12):8-16,9.基金项目
国家高技术研究发展计划("863"计划)基金资助项目(No.2015AA016007) ("863"计划)
密码科学技术国家重点实验室开放课题基金资助项目(No.MMKFKT201514) (No.MMKFKT201514)
The National High Technology Research and Development Program (863 Program)(No.2015AA016007), The National Key Laboratory Foundation of Cryptography (No.MMKFKT201514) (863 Program)
