检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
机构地区:[1]复旦大学软件学院,上海201203 [2]上海财经大学信息管理与工程学院,上海200433
出 处:《计算机应用与软件》2017年第11期264-269,329,共7页Computer Applications and Software
基 金:国家自然科学基金项目(61472084);上海市科委项目(16DZ1100200)
摘 要:SSL/TLS(Secure Sockets Layer/Transport Layer Security)协议旨在为网络通信提供安全的信道,为通信双方提供认证、机密性和完整性。由于协议的复杂及其设计和实现上的漏洞导致许多安全隐患,新版本TLS1.3的制定引起信息安全学术界和产业界广泛的关注。概述TLS1.3的协议结构。在此基础上,对TLS1.3几个革新性的改变:密钥编排表、PSK和0-RTT进行了系统性地分析与梳理。对近10年协议受到的攻击按照协议的层次分类进行概述,提炼出每种攻击的原理以及TLS1.3针对这些攻击作出的应对措施。对TLS协议的未来发展作出预测并提出建议。Secure Sockets Layer/Transport Layer Security (SSL/TLS) is intended to provide a secure channel for network communications, providing authentication, confidentiality and integrity. Due to the complexity and loopholes in the design and implementation of protocol leading to many security risks, the development of the new version of TLS1.3 caused widespread concern in the information security academia and industry. We outlined the protocol structure of TLS1.3. On this basis, several innovative changes of TLS1.3 were systematically analysed and combed, such as key schedule, PSK and 0-RTT. We reviewed the attacks received by the protocols for the last 10 years, and extracted the principle of each attack and TLS1. 3 response to these attacks. And we made some predictions about the future development of TLS and make some recommendations.
关 键 词:TLS1. 3 SSL/TLS 攻击 0-RTT PSK 密钥生成表
分 类 号:TP3[自动化与计算机技术—计算机科学与技术]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:216.73.216.200
