摘要
针对移动互联网时代个人用户敏感信息传输的安全需求,开发实现了一种Android系统上的安全套接字协议.相比于传统的SSL/TLS协议,该协议采用安全性强于通用密码算法的国家商用密码算法即国密算法实现.在握手阶段改用SM2算法进行身份认证和密钥协商,使用SM4算法对数据报文进行加密传输,使用SM3算法进行摘要计算.该协议在开源的PoralSSL框架的数据结构和函数接口基础上进行扩展,经过测试验证实现了ECC-SM4-SM3与ECDHE-SM4-SM3两组加密套件,在满足功能需求的前提下有效提高了系统的安全性.
This paper describes the specific design and implementation of an Android SSL Protocol based on the national commercial cipher algorithms,which are designed to meet the security needs of personal sensitive information in the era of mobile internet.It is obvious that the security of national commercial cipher algorithms are stronger than that of general cipher algorithms.Compared with the traditional SSL/TLS protocol,the protocol is implemented by the national commercial cipher algorithm,which enjoys better security than the general cryptographic algorithm,that is,the national security algorithm.The SM4 algorithm is employed to encrypt data packets,and the SM3 algorithm is applied for abstract calculation.The protocol is extended on the data structure and function of PoralSSL framework.The ECC-SM4-SM3 and ECDHE-SM4-SM3 cipher suites implemented are verified by testing,which can effectively improve the security of system under the premise of meeting the functional requirements.
作者
施晓芳
赵少卡
王震懿
SHI Xiaofang;ZHAO Shaoka;WANG Zhenyi(Fuqing Branch of Fujian Normal University,Fuqing,Fujian 350300,China;Newland Payment Technology Company,Fuzhou,Fujian 350015,China)
出处
《福建师大福清分校学报》
2019年第2期45-55,64,共12页
Journal of Fuqing Branch of Fujian Normal University
基金
福建师范大学福清分校科研创新培育项目(KY201702)
福建省中青年教师教育科研项目(JAT160577)
