发布时间 : 星期三 文章PKI在第三代移动通信系统中的应用研究论文更新完毕开始阅读81ed498acc22bcd126ff0c09
洛阳理工学院毕业设计(论文)
摘 要
PKI(Public Key Infrastructure 的缩写)即\公开密钥体系\,是一种遵循既定标准的密钥管理平台,它能够为所有网络应用提供加密和数字签名等密码服务及所必需的密钥和证书管理体系,简单来说,PKI就是利用公钥理论和技术建立的提供安全服务的基础设施。PKI技术是信息安全技术的核心,也是电子商务的关键和基础技术。原有的单密钥加密技术采用特定加密密钥加密数据,而解密时用于解密的密钥与加密密钥相同,这称之为对称型加密算法。采用此加密技术的理论基础的加密方法如果用于网络传输数据加密,则不可避免地出现安全漏洞。因为在发送加密数据的同时,也需要将密钥通过网络传输通知接收者,第三方在截获加密数据的同时,只需再截取相应密钥即可将数据解密使用或进行非法篡改。区别于原有的单密钥加密技术,PKI采用非对称的加密算法,即由原文加密成密文的密钥不同于由密文解密为原文的密钥,以避免第三方获取密钥后将密文解密。PKI的基础技术包括加密、数字签名、数据完整性机制、数字信封、双重数字签名等。构建密码服务系统的核心内容是如何实现密钥管理。公钥体制涉及到一对密钥(即私钥和公钥),私钥只由用户独立掌握,无须在网上传输,而公钥则是公开的,需要在网上传送,故公钥体制的密钥管理主要是针对公钥的管理问题,目前较好的解决方案是数字证书机制。
公钥基础设施(PKI)是信息安全基础设施的一个重要组成部分,是一种普遍适用的网络安全基础设施。PKI是20世纪80年代由美国学者提出来了的概念,实际上,授权管理基础设施、可信时间戳服务系统、安全保密管理系统、统一的安全电子政务平台等的构筑都离不开它的支持。数字证书认证中心CA、审核注册中心RA(Registration Authority)、密钥管理中心KM(Key Manager)都是组成PKI的关键组件。作为提供信息安全服务的公共基础设施,PKI是目前公认的保障网络社会安全的最佳体系。在我国,PKI建设在几年前就已开始启动,截至目前,金融、政府、电信等部门已经建立了30多家CA认证中心。如何推广PKI应用,加强系统之间、部门之间、国家之间PKI体系的互通互联,
洛阳理工学院毕业设计(论文)
已经成为目前PKI建设亟待解决的重要问题。
第三代移动通信系统(简称3G)是在第二代移动通信系统(简称2G) 基础上发展起来的,除了传统的话音业务外,它还将提供电子商务、互联网信息服务、多媒体信息业务等多种数据业务。但是随之而来的安全问题必须得到足够的重视,电波在开放环境下传送,便于截获、侦听、干扰,3G 网络中开展的大多数数据业务也都有很高的安全性要求,这使如何在3G 中保证网络资源使用的安全性和用户信息的安全性已成为重要而迫切的问题。单纯采用对称密钥算法来实现3G 的安全,不仅算法众多、实现复杂,而且无法实现真正意义上的端到端安全,这将极大地限制3G 网络中各种业务应用的开展。相反,只有在3G 中应用PKI(公开密钥基础设施)技术,才能实现数字签名并提供不可否认服务,这对电子商务的实现至关重要,也只有应用PKI 技术,才能在应用域实现真正意义上的端安全,这对电子商务的实现同样重要。因此PKI 技术在3G 中的应用将大大地提高3G 网络的安全性能,使3G网络的安全管理与实现更加方便,从而促进3G 各种数据业务的顺利开展。
本文主要对PKI 在3G 安全体系结构中的网络接入域和应用域安全中的应用进行了研究。
关键词:公钥基础设施,第三代移动通信,无线安全,证书
洛阳理工学院毕业设计(论文)
ABSTRACT
PKI (Public Key Infrastructure acronym) that \lic-key system\is a kind of follow the established standards of key management platform, it can provide for all network applications, such as encryption and digital signature cryptographic service and the necessary keys and certificates management system, put it simply, PKI is the use of public key technology theory and the provision of security services infrastructure. PKI technology is the core of information security technology, but also the key to e-commerce technology and infrastructure. The original single-key encryption technology uses a specific encryption key encrypted data, but when the decryption key for decryption with the same encryption key, which called symmetric encryption algorithm. Using this encryption technology, the theoretical basis of the encryption method, if data encryption for network transmission, it is inevitable that a security vulnerability. Because encrypted data is sent at the same time, it needs to be transmitted over the network to inform the key receiver, third-party interception of encrypted data at the same time, simply re-interception of the corresponding decryption key data can be illegal to use or tampering. From the original single-key encryption technology, PKI use of non-symmetric encryption algorithm, that is, from the original encryption key into a ciphertext is different from the ciphertext by the decryption key for the original, In order to avoid third-party access to decryption keys will ciphertext. The basis of PKI technology, including encryption, digital signature, data integrity mechanism, digital envelopes, digital signatures, such as a double. Cryptographic service to build the core of the system is how to achieve key management. Public key system involves a pair of keys (ie, private key and public key), the private key only by the user independent master, there is no need for transmission line, while the public key is open, the need for transmission line, so secret the public key system Key Management is mainly
洛阳理工学院毕业设计(论文)
directed against the management of public key, the current solution is a better mechanism for digital certificates。
Public key infrastructure (PKI) is the information security infrastructure of an important component of general application is a network security infrastructure. PKI is a 20th century American scholar from the 80's brought up the concept, in fact, authorized the management of infrastructure, the credibility of the system time-stamp services, security management system, a unified security platform for e-government building, etc. can not be separated from its Support. Certificate Authority CA, review registry RA (Registration Authority), the key management center KM (Key Manager) is a critical component of the composition of PKI. For the provision of information security services, public infrastructure, PKI is recognized as the protection of the network society the best security system. In China, PKI building started several years ago, as of now, financial, government, telecommunications and other departments have been established more than 30 CA Certification Center. The promotion of PKI applications, strengthening systems, departments, national PKI system interoperability between the Internet has become the construction of the current PKI important issue to be settled urgently.
Third Generation Mobile Communication Systems (3G) in the second-generation mobile communication system (referred to as 2G) developed on the basis, in addition to the traditional voice business, it will also provide e-commerce, Internet information services, multimedia messaging and other business kinds of data services. However, the ensuing security issues must be given adequate attention, radio transmission in an open environment to facilitate interception, interception, interference, 3G network to carry out the majority of data services also have high security requirements, which makes 3G how to use network resources to ensure the safety and security of user information has become an important and pressing issue. Simple symmetric key algorithm used to achieve the security of 3G is not only the numerous algorithms, implementation complexity, and can not be real