作者:
Luo QingLin YapingHunan Univ
Coll Comp & Commun Changsha 410082 Hunan Peoples R China Hunan Univ
Coll Software Changsha 410082 Hunan Peoples R China
ssl/tls servers are often overloaded with many simultaneous requests or Denial of Service (DoS) attack which will result in degradation of performance. So ssl/tls servers have to utilize significantly more hardware in...
详细信息
ISBN:
(纸本)9780769536880
ssl/tls servers are often overloaded with many simultaneous requests or Denial of Service (DoS) attack which will result in degradation of performance. So ssl/tls servers have to utilize significantly more hardware in order to provide a reasonable response time to their customers. Instead of developing the hardware, it is always possible to look for faster algorithms in order to speed up decryption stages for improve ssl/tls performance. In the paper, we investigate the performance and security of three algorithms in ssl/tls handshake protocol. The solutions improve the performance without decrease security of the system or requiring expensive hardware. We provide detailed analyses of the three techniques and compare disadvantages of the three techniques. In particular, although increase some bandwidth and memory overhead to client, Client-aided RSA provide the best performance among the algorithms in ssl/tls handshake protocol by transfer some cryptographic computation to client.
Aiming at the current lack of certification capability in domestic industrial control systems, an industrial control system authentication scheme based on identity cryptography algorithm is proposed. When authenticati...
详细信息
ISBN:
(纸本)9789881563903
Aiming at the current lack of certification capability in domestic industrial control systems, an industrial control system authentication scheme based on identity cryptography algorithm is proposed. When authenticating between control system devices, the scheme integrates the identity-based digital signature algorithm into the ssl/tls handshake protocol to complete identity authentication between the engineering station and the trusted PLC. At the same time, when the connection is established for the first time between devices, the connection authentication is selected by the challenge/response based method. The authentication technology based on the identity cryptographic algorithm no longer requires the existence of a public key certificate. This eliminates the need to revoke, store, and issue certificates, simplifies the certification process and reduces the amount of computation required by the authentication process. At the same time, the improved handshakeprotocol is universal in industrial control systems. The authentication technology based on the identity and password algorithm no longer requires the existence of a public key certificate, eliminating the need for certificate revocation, storage, and issuance, simplifying authentication steps, and reducing system maintenance. Finally, by establishing a test environment, the improved handshakeprotocol is implemented, and the feasibility of the authentication scheme is verified and analyzed.
Aiming at the current lack of certification capability in domestic industrial control systems, an industrial control system authentication scheme based on identity cryptography algorithm is proposed. When authenticati...
详细信息
Aiming at the current lack of certification capability in domestic industrial control systems, an industrial control system authentication scheme based on identity cryptography algorithm is proposed. When authenticating between control system devices, the scheme integrates the identity-based digital signature algorithm into the ssl/tls handshake protocol to complete identity authentication between the engineering station and the trusted PLC. At the same time, when the connection is established for the first time between devices, the connection authentication is selected by the challenge/response based method. The authentication technology based on the identity cryptographic algorithm no longer requires the existence of a public key certificate. This eliminates the need to revoke, store, and issue certificates, simplifies the certification process and reduces the amount of computation required by the authentication process. At the same time, the improved handshakeprotocol is universal in industrial control systems. The authentication technology based on the identity and password algorithm no longer requires the existence of a public key certificate, eliminating the need for certificate revocation, storage, and issuance, simplifying authentication steps, and reducing system maintenance. Finally, by establishing a test environment, the improved handshakeprotocol is implemented, and the feasibility of the authentication scheme is verified and analyzed.
暂无评论