Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Establishment method, device and system for connection of secure sockets layers

A technology of secure socket layer and establishment method, applied in the direction of transmission system, electrical components, etc., can solve the problems of reducing the security of communication data between the client and the server, and data communication being vulnerable to man-in-the-middle attacks.

Inactive Publication Date: 2014-04-30
SHENZHEN UNIV
View PDF4 Cites 44 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] The purpose of the embodiments of the present invention is to provide a method, device and system for establishing a secure socket layer connection, aiming to solve the problem that the data communication between the client and the server in the existing SSL protocol is easily attacked by a man-in-the-middle The problem of reduced security of communication data between servers

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Establishment method, device and system for connection of secure sockets layers
  • Establishment method, device and system for connection of secure sockets layers

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0049] figure 1 The implementation flow of the method for establishing a secure socket layer connection provided by Embodiment 1 of the present invention is shown, and the details are as follows:

[0050] In step S101, the client sends a request message for establishing an SSL connection to the server, and the request message includes the generated first random number.

[0051] In the embodiment of the present invention, the client may be a browser, or other dedicated clients that can be connected to the Web service. When the client connects to the server, it sends a request message to the server to establish an SSL connection. The request message includes the version number of the SSL protocol that the client can support the highest, the session ID, the list of cipher suites supported by the client, the list of compression algorithms and It is used as a parameter such as a random number for generating a key, and the random number is recorded as the first random number here. ...

Embodiment 2

[0073] figure 2 The structure of the device for establishing the secure socket layer connection provided by the second embodiment of the present invention is shown. For the convenience of description, only the parts related to the embodiment of the present invention are shown, wherein the device 2 for establishing the secure socket layer connection includes the following unit:

[0074] The first client message sending unit 2101 is configured for the client to send a request message for establishing an SSL connection to the server, where the request message includes the generated first random number;

[0075] The client ciphertext obtaining unit 2102 is used for the client to obtain the CA of the server certificate from the received server certificate, obtain the public key of the CA certificate, and use the public key to encrypt the server certificate verification request message to be sent to obtain Corresponding verification request message ciphertext, the server certifica...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention is applicable to the field of communication security and provides an establishment method, device and system for connection of secure sockets layers. The method includes the steps that a client side sends a request message to establish SSL connection; a server returns a response message to the client side; the client side encrypts and verifies a request message ciphertext and sends the request message ciphertext to an CA, the CA decrypts the request message ciphertext to obtain a second ciphertext and sends the second ciphertext to the client side; the client side receives a first ciphertext and sends the first ciphertext to the server; the server decrypts the first ciphertext to generate a first secret key of the SSL connection, uses the first secret key to encrypt a generated first MAC and sends the first MAC to the client side; the client side generates a second secret key of the SSL connection, decrypts the received ciphertext, sets the second secret key as a master key for subsequent communication after succeeding in verifying the first MAC, and generates a second MAC; the server uses the first secret key to decrypt a received fourth ciphertext and sets the first secret key as a master key for subsequent communication after succeeding in verifying the second MAC, so that the SSL connection is established.

Description

technical field [0001] The invention belongs to the field of communication security, in particular to a method, device and system for establishing a secure socket layer connection. Background technique [0002] The Secure Sockets Layer (Secure Sockets Layer, SSL) protocol is mainly used in the data encryption of web page (Web) services to ensure the data security of Web communications between users and servers. The SSL protocol can be divided into two layers: SSL Record Protocol (SSL Record Protocol): based on a reliable transmission protocol (such as TCP), it provides support for basic functions such as data encapsulation, compression, and encryption for high-level protocols. SSL Handshake Protocol (SSL Handshake Protocol): Built on the SSL record protocol, it is used for identity authentication, negotiation of encryption algorithms, and exchange of encryption keys before the actual data transmission begins. [0003] The existing SSL handshake protocol requires the support...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L29/08H04L29/06
Inventor 段孝茹陈剑勇明仲陈沛
Owner SHENZHEN UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com