基于CPK的TLS握手协议的设计与研究

TLS协议作为当今应用最广泛的传输层安全协议，受到了人们的极大关注，但是其自身存在证书管理复杂、握手交互过多和安全缺陷等诸多问题。对TLS握手协议分析和研究，并结合基于身份的组合公钥密码体制(CPK)的特点，提出了基于CPK的握手协议方案。通过对其安全性分析和基于串空间模型理论的形式化证明，证明了该方案的安全可靠性高。在相同安全条件下进行仿真，实验结果显示与原方案对比该方案具有握手交互次数少、鉴别简捷、建立可信连接过程简单、高效等明显优点。

Design and Research of CPK-Based TLS Handshake Protocol

As one of the most widely applied transport layer security protocols, the transport layer security (TLS) protocol has caused widespread attention, but it still has a lot of problems, such as complex certificate management, too much times of interactive shake hands, safety defects, and so on. Through the analysis and research on the shake hands protocol of the TLS, and combining the features of the identity-based combined public key (CPK) cryptosystems, a new CPK-based handshake protocol is proposed. The new scheme is much better in security and reliability proved by the security analysis and the formal analysis based on the strand space theory. The simulation experiment and comparison with original protocol with equivalent security show that the CPK-based handshake protocol has some obvious advantages, such as more less number of shake hands interaction, more simple identification, and the higher security and reliability.