网络系统安全中混合加密技术研究
发布时间:2019-05-17 18:20
【摘要】:随着计算机网络使用越来越广,人们更加倾向用网络系统方式来实现各种数据交换。尤其是在网络文件传输范畴中更加频繁出现,阿里巴巴、腾讯等公司的虚拟支付已是为主流支付方式。由此带来的安全问题尤为严重。网络系统攻击手段千变万化,防不胜防。网络系统数据被截断、修改、重新发送的事件经常发生,这严重妨碍了网络系统的推广以及应用。如何在计算机网络中安全的传递数据,认证数据的正确性,确认其完整性以及数据来源无法抵赖性变为近年来各大算法研究机构研究的关注热点。基于上面需求,本文对加密技术来进行了详细的研究以及原理分析,提出用混合加密技术来保证网络系统安全,并用到简单的文件传输系统模型中。本文首先介绍了国内外针对网络系统安全技术的研究现状以及承受着的极大挑战,接着介绍了两种加密知识:对称加密算法--非对称加密算法。通过仔细分析各种密码算法的性能特点后,找出各自的优点和劣势,最后提取各种算法的优点弥补各自不足,组合成新的混合密码技术算法。针对对称密码技术、非对称密码技术以及摘要算法来进行分析筛选,最终在混合加密技术中确定了三种密码算法:DES(数据加密标准)、ECC(椭圆曲线密码算法)以及MD5(消息摘要算法),这样既确保了计算机网络上数据转发传送的正确性以及健壮性,又加大了数据的传递速率。基于以上三种算法结合而成的混合加密技术,本论文最终提出设计了在简单文件传输系统中的使用方案,先介绍设计理念再提出详细运行方案再到针对系统的运维都做了详细描述,并构造了一个网络系统通信模型,用到此系统。本文在最后给出各模块的算法选择和编程流程图并针对各个模块的功能做出具体描述。通常在计算机网络中传输数据是采用对称加密算法,这导致密钥分发以及管理会出现很多漏洞,若用人工分发密钥的话,人力更不上。也会致使网络系统上数据传递的简易迅速以及健壮性没办法两全。DES和ECC两种密码算法是很优秀的密码算法,结合以上几种密码算法而成的混合加密密码算法可以更好的保证计算机网络中上信息传递的健壮性以及传递的效率。在当今文件传输系统中基于混合加密密码算法的应用还未获取很好的推广,因此本文提出这种设想并设计系统方案最后实践于文件传输系统中,到达保证在计算机网络中数据传递的简易迅速、健壮及正确的要求,又能让密钥的分发以及处理变得简单,这个方向的研究是有着较大的前途的。
[Abstract]:With the increasing use of computer networks, people are more inclined to use network systems to achieve a variety of data exchange. Especially in the field of network file transmission, Alibaba, Tencent and other companies have become the mainstream payment method. The resulting security problems are particularly serious. Network system attack means are changeable and insurmountable. The events of truncation, modification and resend of network system data often occur, which seriously hinders the promotion and application of network system. How to transfer data safely in computer network, verify the correctness of data, confirm its integrity and unrepudiation of data sources has become the focus of attention of major algorithm research institutions in recent years. Based on the above requirements, this paper studies the encryption technology in detail and analyzes the principle, and proposes to use the hybrid encryption technology to ensure the security of the network system, and use it in a simple file transfer system model. This paper first introduces the research status and great challenges of network system security technology at home and abroad, and then introduces two kinds of encryption knowledge: symmetric encryption algorithm-asymmetric encryption algorithm. After carefully analyzing the performance characteristics of various cryptography algorithms, we find out their own advantages and disadvantages, and finally extract the advantages of each algorithm to make up for their shortcomings and combine them into a new hybrid cryptography algorithm. Aiming at symmetric cryptography, asymmetric cryptography and abstract algorithm, three kinds of cryptography: DES (data encryption standards are determined in the hybrid encryption technology. ECC (Elliptic Curve Cryptography) and MD5 (message Summary algorithm) not only ensure the correctness and robustness of data forwarding and transmission on computer network, but also increase the transmission rate of data. Based on the hybrid encryption technology combined with the above three algorithms, this paper finally proposes a scheme to use in a simple file transfer system. First, the design concept is introduced, then the detailed operation scheme is put forward, and then the operation and maintenance of the system are described in detail, and a network system communication model is constructed, which is used in this system. At the end of this paper, the algorithm selection and programming flow chart of each module are given, and the function of each module is described in detail. Usually, symmetric encryption algorithm is used to transmit data in computer network, which leads to many vulnerabilities in key distribution and management, even less manpower if the key is distributed manually. It will also lead to the simplicity, rapidity and robustness of data transmission on the network system. Des and ECC cryptography algorithms are very good cryptography algorithms. The hybrid encryption cryptography algorithm combined with the above cryptography algorithms can better ensure the robustness and efficiency of information transmission in computer networks. In today's file transmission system, the application based on hybrid encryption cryptography algorithm has not been well popularized, so this paper puts forward this idea and designs the system scheme, and finally practices it in the file transfer system. To ensure the simple, rapid, robust and correct requirements of data transmission in computer networks, and to make the distribution and processing of keys simple, the research in this direction has a great future.
【学位授予单位】:南京邮电大学
【学位级别】:硕士
【学位授予年份】:2017
【分类号】:TP393.08
本文编号:2479308
[Abstract]:With the increasing use of computer networks, people are more inclined to use network systems to achieve a variety of data exchange. Especially in the field of network file transmission, Alibaba, Tencent and other companies have become the mainstream payment method. The resulting security problems are particularly serious. Network system attack means are changeable and insurmountable. The events of truncation, modification and resend of network system data often occur, which seriously hinders the promotion and application of network system. How to transfer data safely in computer network, verify the correctness of data, confirm its integrity and unrepudiation of data sources has become the focus of attention of major algorithm research institutions in recent years. Based on the above requirements, this paper studies the encryption technology in detail and analyzes the principle, and proposes to use the hybrid encryption technology to ensure the security of the network system, and use it in a simple file transfer system model. This paper first introduces the research status and great challenges of network system security technology at home and abroad, and then introduces two kinds of encryption knowledge: symmetric encryption algorithm-asymmetric encryption algorithm. After carefully analyzing the performance characteristics of various cryptography algorithms, we find out their own advantages and disadvantages, and finally extract the advantages of each algorithm to make up for their shortcomings and combine them into a new hybrid cryptography algorithm. Aiming at symmetric cryptography, asymmetric cryptography and abstract algorithm, three kinds of cryptography: DES (data encryption standards are determined in the hybrid encryption technology. ECC (Elliptic Curve Cryptography) and MD5 (message Summary algorithm) not only ensure the correctness and robustness of data forwarding and transmission on computer network, but also increase the transmission rate of data. Based on the hybrid encryption technology combined with the above three algorithms, this paper finally proposes a scheme to use in a simple file transfer system. First, the design concept is introduced, then the detailed operation scheme is put forward, and then the operation and maintenance of the system are described in detail, and a network system communication model is constructed, which is used in this system. At the end of this paper, the algorithm selection and programming flow chart of each module are given, and the function of each module is described in detail. Usually, symmetric encryption algorithm is used to transmit data in computer network, which leads to many vulnerabilities in key distribution and management, even less manpower if the key is distributed manually. It will also lead to the simplicity, rapidity and robustness of data transmission on the network system. Des and ECC cryptography algorithms are very good cryptography algorithms. The hybrid encryption cryptography algorithm combined with the above cryptography algorithms can better ensure the robustness and efficiency of information transmission in computer networks. In today's file transmission system, the application based on hybrid encryption cryptography algorithm has not been well popularized, so this paper puts forward this idea and designs the system scheme, and finally practices it in the file transfer system. To ensure the simple, rapid, robust and correct requirements of data transmission in computer networks, and to make the distribution and processing of keys simple, the research in this direction has a great future.
【学位授予单位】:南京邮电大学
【学位级别】:硕士
【学位授予年份】:2017
【分类号】:TP393.08
【参考文献】
相关期刊论文 前3条
1 肖凌,李之棠;公开密钥基础设施(PKI)结构[J];计算机工程与应用;2002年10期
2 孟桂娥,董玮文,杨宇航;公钥基础设施PKI的设计[J];计算机工程;2001年06期
3 冯登国;PKI技术及其发展现状[J];计算机安全;2001年01期
相关博士学位论文 前1条
1 刘小红;PKI:证书状态信息分发方法研究和系统设计[D];浙江大学;2001年
,本文编号:2479308
本文链接:https://www.wllwen.com/guanlilunwen/ydhl/2479308.html
