即时消息通信系统的安全机制研究与实现

发布时间：2018-04-11 02:21

本文选题：即时消息通信系统 + 认证密钥交换协议　；参考：《上海交通大学》2014年硕士论文

【摘要】：本课题主要针对如何在即时消息通信系统中进行安全通信的问题进行了研究和探讨。本文在分析即时消息通信系统安全模型的基础上指出,当前即时消息通信系统面临着多种的安全威胁。为了解决即时消息通信系统安全通信的问题,完成即时消息的安全、可靠传递,本文研究并实现了一种运行于应用层、能够提供端到端安全性的消息加密协议。该协议工作于TCP/IP协议的应用层,能够为即时通信用户提供身份认证、消息加密等安全服务。身份认证与密钥交换是所有安全协议的基础。在使用一般的认证密钥交换协议过程中,要么会给即时消息通信用户增加不必要的使用困难,要么容易受到安全攻击。为了平衡以上两个问题,本文在百万富翁算法的基础上,提出了一种基于共享信息的口令认证密钥交换协议。该协议能够有效抵御常见的中间人攻击和离线字典攻击,同时在使用上不会给用户带来额外的负担。在消息传输的安全性方面,本文又设计并提出了一种消息加密协议。该协议通过对明文消息的重新封装和编码,能够为及时消息通信系统提供加密、签名等安全服务。本文对该协议的消息格式、编码规则以及安全算法进行了详细的阐述,并在此基础上,对协议进行了软件实现。最后,本文对已经应用了该安全协议的一个企业及时消息通信系统进行了介绍。并基于该系统,对本文提出的安全机制进行了测试和验证,证明该安全机制具有一定的可行性和可用性。
[Abstract]:This paper mainly discusses how to secure communication in instant message communication system.Based on the analysis of the security model of the instant messaging system, this paper points out that the instant messaging system is facing a variety of security threats.In order to solve the problem of secure communication in instant messaging system and complete the secure and reliable delivery of instant message, this paper studies and implements a message encryption protocol which runs in the application layer and can provide end-to-end security.The protocol works in the application layer of TCP/IP protocol and can provide security services such as authentication and message encryption for instant messaging users.Authentication and key exchange are the basis of all security protocols.In the process of using general authentication key exchange protocol, the users of instant messaging are either unnecessarily difficult to use or vulnerable to security attacks.In order to balance the above two problems, this paper proposes a password authentication key exchange protocol based on shared information based on the millionaire algorithm.The protocol can effectively resist common man-in-the-middle attacks and offline dictionary attacks, and does not impose additional burden on users.In the aspect of message transmission security, this paper designs and proposes a message encryption protocol.This protocol can provide encryption, signature and other security services for timely message communication system by re-encapsulating and encoding clear text messages.In this paper, the message format, encoding rules and security algorithm of the protocol are described in detail, and on the basis of this, the protocol is implemented by software.Finally, this paper introduces an enterprise timely message communication system which has applied the security protocol.Based on the system, the security mechanism proposed in this paper is tested and verified, and it is proved that the security mechanism is feasible and available.
【学位授予单位】：上海交通大学
【学位级别】：硕士
【学位授予年份】：2014
【分类号】：TN918

【参考文献】