微信服务号

微信订阅号

2025年4月28日 10:26 星期一
首页 > 过刊浏览>2007年第18卷第6期 >1522-1530
PDF HTML阅读 XML下载 导出引用 引用提醒
基于参数优化批处理的TLS协议
作者:
基金项目:

Supported by the National Natural Science Foundation of China under Grant No.60503007 (国家自然科学基金); the CityU Research Project (APR) 9610027; the National Basic Research Program of China under Grant No.2003CB317003 (国家重点基础研究发展计划(973)); the Program for New Century Excellent Talents in University of the Chinese Ministry of Education under Grant No.NCET-06- 0686 (2006年度教育部"新世纪优秀人才支持计划")

  • 摘要
    • | |
  • 访问统计
    • |
  • 参考文献 [9]
    • |
  • 相似文献
    • |
  • 引证文献
    • | |
  • 文章评论
    摘要:

    TLS(transport layer security)协议的基本设计目标是为两个通信实体之间提供数据的保密性和完整性.由于在传输层安全握手协议中最耗费计算资源的步骤是服务器RSA解密运算,优化的批处理的RSA方法提出可以用于加速TLS会话的初始化.首先指出了以前的批处理方法由于要求多证书实现而实用性不强.然后提出了单一证书策略的方法,从而克服了这一问题.还提出结合用户对于因特网服务质量的要求优化了批处理参数.为了选择优化的批处理的参数,不仅考虑了服务器的性能,而且还考虑了客户可容忍的等待时间.通过分析并在阐述平均排队时间、批处理服务时间和系统稳定性的基础上提出了一种新颖的优化批处理调度算法,已部署在服务器上.最后通过分析和模拟两种方法验证了所提出方案的实用性和有效性.

    Abstract:

    The primary goal of the Transport Layer Security (TLS) protocol is to provide confidentiality and data integrity between two communicating entities. Since the most computationally expensive step in the TLS handshake protocol is the server's RSA decryption, it is introduced that optimal batch RSA can be used to speedup TLS session initialization. This paper first indicates that the previous batch method is impractical since it requires a multiple of certificates, then it proposes the unique certificate scheme to overcome the problem. It is also introduced that the batching parameter is optimized when integrating users' requirements for Internet Quality of Service (QoS). To select the optimal batching parameters, not only the server's performance but also the client's tolerable waiting time is considered. Based on the analysis of the mean queue time, batching service time and the stability of the system, a novel batch optimal scheduling algorithm which is deployed in a batching Web server is proposed. Finally, the proposed algorithm is evaluated to be practical and efficient through both analysis and simulation studies.

    参考文献
    [1]Sun LH,Ye DF,L?SW,Feng DG.Security analysis and improvement of TLS.Journal of Software,2003,14(3):518-523 (in Chinese with English abstract).http://www.jos.org.cn/1000-9825/14/518.htm
    [2]Fiat A.Batch RSA.Journal of Cryptology,1997,10(2):75-88.
    [3]Shacham H,Boneh D.Improving SSL handshake performance via batching.In:Proc.of the RSA 2001.LNCS 2020,San Francisco:Spring-Verlag,2001.28-43.
    [4]Lin C.Performance Evaluation of Computer Network and Computer System.Beijing:Tsinghua University Press,2001.26-65 (in Chinese).
    [5]Cheng WC,Chou CF,Golubchik L.Performance of batch-based digital signatures.In:Proc.of the 10th IEEE Int'l Symp.on Modeling,Analysis,and Simulation of Computer and Telecommunication Systems.Fort Worth:IEEE Computer Society,2002.291-299.
    [6]Vuillaume C.Side channel attacks on elliptic curve cryptosystems[MS Thesis].Berlin:Technological University of Berlin,2004.
    [7]Shan ZG,Lin C,Xiao RY,Yang Y.Web quality of service:Survey.Chinese Journal of Computers,2004,27(2):145-156 (in Chinese with English abstract). [1]孙林红,叶顶锋,吕述望,冯登国.传输层安全协议的安全性分析及改进.软件学报,2003,14(3):518-523.http://www.jos.org.cn/1000-9825/14/518.htm
    [4]林闯.计算机网络和计算机系统的性能评价.北京:清华大学出版社,2001.26-65.
    [7]单志光,林闯,肖人毅,杨扬.Web QoS控制研究综述.计算机学报,2004,27(2):145-156.
    相似文献
    网友评论
    网友评论
    分享到微博
    发 布
引用本文

齐芳,贾维嘉,鲍丰,吴永东,王国军.基于参数优化批处理的TLS协议.软件学报,2007,18(6):1522-1530

复制
分享
文章指标
  • 点击次数:4772
  • 下载次数: 5054
  • HTML阅读次数: 0
  • 引用次数: 0
历史
  • 收稿日期:2005-11-01
  • 最后修改日期:2007-01-26
文章二维码
友情链接:中国科学院软件研究所中国计算机学会中国科学院国家自然科学基金委员会CCF数字图书馆Int'l J of Softw Info计算机系统应用
您是第19882832位访问者
版权所有:中国科学院软件研究所 京ICP备05046678号-3
地址:北京市海淀区中关村南四街4号,邮政编码:100190
电话:010-62562563 传真:010-62562533 Email:jos@iscas.ac.cn
技术支持:北京勤云科技发展有限公司

京公网安备 11040202500063号