• 中国计算机学会会刊
  • 中国科技核心期刊
  • 中文核心期刊

J4 ›› 2006, Vol. 28 ›› Issue (11): 15-17.

• 论文 • 上一篇    下一篇

对SSL握手协议密钥交换方式的改进与应用

欧阳星明 舒之兵   

  • 出版日期:2006-11-01 发布日期:2010-05-20

  • Online:2006-11-01 Published:2010-05-20

摘要:

本文分析了SSL协议的握手协议中密钥交换方式及匿名交换的不安全性,提出了用认证协议Kerberos来进行认证的设计思想。对于SSLVPN系统存在的安全风险,提出用Kerbero  s认证方法对SSI。VPN设计方案进行改进,从而有效地提高了SSLVPN系统的安全性。

关键词: SSL协议 SSL VPN Kerberos认证协议

Abstract:

This paper analyzes the key exchange method and the insecurity of anonymous commutation in the handshake agreement of the SSL agreement, puts forward    the design ideas of using the attestation agreement of Kerberos to carry on attestation. In the end, for the risks in the system of SSL VPN, we use the  Kerberos attestation method to improve the project of SSL VPN, thus effectively improve the safety of the SSL VPN system.

Key words: SSL protocol, SSL VPN, Kerberos attestation agreement