基于VoIP系统的POS机刷卡业务密钥管理方案设计与实现

发布时间：2018-06-23 17:31

本文选题：因特网协议语音 + 密钥管理　；参考：《电子科技大学》2015年硕士论文

【摘要】：POS机生产厂商比较繁杂,本身安全保障越来越令消费者担忧,将来的某一天,POS机需要能够选择定制VoIP加密方式,以确保用户信息保密性。为此,VoIP通信密钥管理系统方案设计与研究是非常必要的。本文主要研究应用于POS机刷卡通信的VoIP系统密钥管理方案。首先,在课题研究背景下,分析当前VoIP技术和现状,尤其关注VoIP在POS机刷卡通信的应用场景。其次,分析VoIP密钥管理系统方案的需求。研究当前VoIP系统中主要的通信协议,提取VoIP通信系统需求的安全问题和主要的需求。第三,对系统进行总体结构设计。设计总体架构以及安全子模块,并且研究安全技术相关的密钥管理系统方案专业知识。第四,进行VoIP安全通信系统的设计和实现。设计了两种分别基于身份和三叉密钥树的双线性Diffie-Hellman假设的可认证双方密钥协商方案和分布式多方密钥管理方案,并通过分析验证这两种方案的有效性,最后在嵌入密钥管理安全子模块实现时应用到此两种方案实现访问控制和密钥管理。本文实现了VoIP安全通信终端系统,按照密钥实现方式为端到端加密方式进行数据的加解密,使用了完全加密的密钥管理技术,达到VoIP通信安全性和实时性的需求,使得VoIP秘密通信得到了保障。通过实验数据表明,VoIP安全终端进行多组两个终端之间POS机通信反复测试后,通过抓包解析,系统稳定可靠,没有丢包,音频信号以及清晰生动的画面没有明显的失真,POS机密态通信成功;另外数据吞吐量和密钥协商时间消耗都在接受范围内;另外对加解密后的音频语音质量MOS指标进行测试,表明本文的加解密效果较好。
[Abstract]:The manufacturers of POS machines are more and more complicated, and their own safety and security are more and more worrying to consumers. In the future, POS machines need to be able to choose customized VoIP encryption to ensure the confidentiality of user information. Therefore, it is necessary to design and research VoIP key management system. This paper mainly studies the key management scheme of VoIP system which is applied to POS swipe card communication. First of all, under the background of the research, we analyze the current VoIP technology and present situation, especially pay attention to the application of VoIP in POS. Secondly, the demand of VoIP key management system is analyzed. The main communication protocols in VoIP system are studied, and the security problems and main requirements of VoIP communication system are extracted. Third, the overall structure of the system design. Design the overall architecture and security sub-module, and research security technology related key management system solution expertise. Fourth, the design and implementation of VoIP secure communication system. Two authenticated two-party key agreement schemes and distributed multi-party key management schemes based on identity and triple key tree are designed, respectively. The validity of the two schemes is verified by analysis. Finally, the two schemes are applied to implement access control and key management in embedded key management security sub-module. In this paper, the VoIP secure communication terminal system is implemented, which encrypts and decrypts the data for end-to-end encryption according to the key implementation mode, and uses the key management technology of complete encryption to meet the demand of security and real-time of VoIP communication. VoIP secret communication is guaranteed. The experimental data show that the VoIP security terminal has repeatedly tested the POS communication between two groups of terminals, and by grasping packet analysis, the system is stable and reliable, and there is no packet loss. The audio signal and the clear and vivid picture have no obvious distortion and the POS secret state communication is successful; in addition, the data throughput and the consumption of key negotiation time are both within the accepted range; in addition, the MOS index of audio quality after encryption and decryption is tested. The results show that the effect of encryption and decryption is good.
【学位授予单位】：电子科技大学
【学位级别】：硕士
【学位授予年份】：2015
【分类号】：TN918.4

【参考文献】