资源描述:
《Design of an enhancement for SSL-TLS protocols》由会员上传分享,免费在线阅读,更多相关内容在学术论文-天天文库。
1、computers&security25(2006)297–306availableatwww.sciencedirect.comjournalhomepage:www.elsevier.com/locate/coseDesignofanenhancementforSSL/TLSprotocolsaab,AshrafElgohary,TarekS.Sobh,M.Zaki*aInformationSystemDepartment,EgyptianArmedForces,Cairo,EgyptbComputerandSystemEngineeringDepartment,FacultyofEn
2、gineering,Al-AzharUniversity,NasrCity,Cairo,EgyptarticleinfoabstractArticlehistory:WhenstudyingtheTransportLayerSecurity(TLS)Protocol,itisnoticedthatthemosttime-Received26September2004consumingphaseisthehandshakingprocessbetweentheclientandtheserver,sinceRevised28December2005manymessagesshouldbese
3、ntuntilsuccessfulnegotiationisdoneandasecuresessionAccepted15February2006iscreated.Thegoalofthisworkistodesignasecuritymanagementsystem(SMS)toimprovethehandshakingprocessbymakinguseofTLSclient-sidesessioncaching,andKeywords:allowingtrusteduserstosharesessionswithothers,aswellasgivingtheclientanopt
4、ionSecurityprotocolstocreatehisownprivatesessionwiththeserverevenwhenthereisnotrusteddigitalcer-SSL/TLStificatefromacertificateauthority(CA)tolinkthem.Accordingtoourexperimentalsetup,Sessionmanagementtheuseoftheproposeddesignhasimprovedtheperformanceby3.5timesrelativetotheSessionsharinghandshakingof
5、traditionalTLS.Client-sidecachingª2006ElsevierLtd.Allrightsreserved.1.Introductionauthenticityshouldberealizedtoprotectinformationtransferacrossnetworklinks.SecurityofdataintransitovertheInternethasbecomeincreas-Thereareanumberofsecurityprotocolsavailableforse-inglyimportantbecauseofthesteadilygro
6、wingdatavolume.curingcommunicationsontheInternetandthemostrelevantNowadays,everyuserofapublicnetworksendsvarioustypessecurityprotocolstothisworkare:ofdatathatrangefrome-mailtocreditcarddetailsdailyandhewouldlikesuchdatatobeprotectedwhenbeingintransitIPSec(IPSecurityProtocol)canauthenticatehostson
7、eitheroverapublicnetwork.Tothisend,apracticalSSLprotocolhassideofthecommunication.IPSecensuresthatthelow-levelbeenadoptedfortheprotectionofdataintransitthatencom-IPpacketsthatarecontinuouslytransferredbetweencom-