【作者】 孙立新；

【导师】 王慕坤；

【作者基本信息】 哈尔滨理工大学 ， 测试计量技术及仪器， 2003， 硕士

【摘要】 网络通信的安全与认证问题现在已经成为限制电子商务进一步发展的亟待解决的问题。安全问题的研究在国内尚处于起步阶段。结合我国电子商务发展与应用的实际情况，本课题设计出一种集信息保密、身份认证与数字签名于一体的，基于软、硬件结合实现的有效的电子商务安全认证解决方案。 传统的方法中数据的加密和信息的认证都是分开实现的。如美国的数据加密标准(DES)只对数据的安全性进行保护，数据签名标准(DSS)只对信息发送与接收进行确认。随着计算机硬件技术的不断发展，计算速度与解密技术的不断提高，现有算法已不能够提供足够的安全性。 本课题对美国国家标准技术研究所(NIST)推出的用于下一世纪数据加密标准的高级数据加密标准(AES)进行了跟踪研究，深入研究了AES的数学原理、加密／解密的算法实现过程，并用C语言完整地实现了AES算法。 在本课题中还对RSA公钥密码体制及数字签名技术进行了深入的研究，对目前网上安全协议中应用较多的Diifie—Heliman密钥交换协议进行了深入研究，并对此协议提出一种基于RSA签名认证的改进方案，此种方法可以有效抵抗中间插入攻击。 最后，基于以上理论研究，提出一种基于灵巧卡实现的、兼数据加密、身份认证与数字签名于一体的二次认证加密系统。此系统充分利用了AES和RSA算法的安全性和TMS320C64X数字信号处理芯片的计算速度快的优点，能够广泛应用于金融、电信、医疗、保险等诸多行业。随着网络发展的不断深入，本系统将有很好的市场前景。更多还原

【Abstract】 Now the problem of security and authentication has become urgent and has to be solved in order to avoid its restriction to the development of e-Business. Today the research on net security is in its initial stage at home. Based on the solution scheme of software as well as hardware, this paper put forward an effective system which integrated information security, identification and digital signature in one smart card.Data encryption and information authentication are separated conventionally, such as the Data Encryption Standard of America which encrypts the data only and the Digital Signature Standard which authenticates the information only. The steady improving of calculating speed and decryption technology makes it not enough to provide security for the existing algorithms with the continuing development of computer hardware.This paper makes a tracing research on the AES which was present by the NIST for the next centenary’s data encryption. Based on the deeply investigation to the mathematical theory and principle and specification of AES, an effective implementation of AES block cipher is completed and the encryption and decryption are also completed by using C language.In this paper, the RSA public-key cryptosystem and digital signature are also discussed deeply. We studied in detail the Diffie-Hellman share secret protocol and present an improved scheme of this protocol which could resist middle -insert-attack effectively.At last, based on the theory discussed above, we present a quadratic authentication ancl encryption system which could complete encryption/decyption, identify authentication and signature functions and integrated these functions in one smart card.This system makes full use of the security of the AES and the RSA algorithms and the fast speed of TMS320C64X DSP chip. It could be widely used in finance, telecommunication, medical and insurance etc. With the development of Internet and e-Business, this card will has a prosperous market in the future.更多还原