基于OpenSSL的SM2与RSA自动切换算法的设计

doi:10.3778/j.issn.1002-8331.1608-0248

计算机工程与应用 ›› 2018, Vol. 54 ›› Issue (3): 74-81.DOI: 10.3778/j.issn.1002-8331.1608-0248

基于OpenSSL的SM2与RSA自动切换算法的设计

贾冀芳，张立新，廖明耀

北京中电普华信息技术有限公司研发事业部，北京 100192

出版日期:2018-02-01 发布日期:2018-02-07

Design of automatic switching algorithm between SM2 and RSA based on OpenSSL

JIA Jifang, ZHANG Lixin, LIAO Mingyao

State Grid Electric Power Research Institute, Beijing China-Power Information Technology Co., Ltd., Beijing 100192, China

Online:2018-02-01 Published:2018-02-07

摘要/Abstract

摘要： 为了SSL/TLS协议的安全性与性能能同时满足用户的需求，基于国家商用密码算法（国密算法）的安全性强于通用密码算法、性能弱于通用密码算法的现状，在OpenSSL基础上设计一种SM2与RSA自动切换的算法以满足在性能达标的前提下提高系统的安全性。SSL/TLS握手协议在性能满足需求的前提下，优先使用国密SM2算法，当每秒新建连接数达到一定峰值时，SM2的性能满足不了需求，则系统自动切换到RSA算法，满足更高每秒新建连接数的性能需求。该算法在OpenSSL的数据结构和函数上进行扩展，经过测试实现了在每秒新建SSL/TLS连接数达到一定数值时，SM2算法与RSA算法的自动切换。该算法在满足性能需求的前提下能有效提高系统的安全性。

关键词: SSL/TLS协议, SM2算法, RSA算法, 自动切换算法, OpenSSL

Abstract: Based on observation?that security of national commercial cipher algorithms（national cipher algorithms） is stronger than general cipher algorithms, and the performance is weaker than general cipher algorithms, an automatic switching algorithm between SM2 and RSA based on OpenSSL is designed in order to improve system security under the premise of performance standards. SSL/TLS handshake protocol is given the priority to use SM2 algorithm, before new connections per second reaches a certain peak. When the new connection rate of SM2 can not meet the demand, the system automatically switches to the RSA algorithm to reach the higher rate. The algorithm is extended on the data structure and function of OpenSSL. The experimental results show that the SM2 algorithm and RSA algorithm can be switched automatically when the new SSL/TLS connection rate reaches a certain value. The algorithm can effectively improve the system security under the premise of meeting the performance requirements.

Key words: SSL/TLS, SM2 algorithm, RSA algorithm, automatic switching algorithm, OpenSSL

贾冀芳，张立新，廖明耀. 基于OpenSSL的SM2与RSA自动切换算法的设计[J]. 计算机工程与应用, 2018, 54(3): 74-81.

JIA Jifang, ZHANG Lixin, LIAO Mingyao. Design of automatic switching algorithm between SM2 and RSA based on OpenSSL[J]. Computer Engineering and Applications, 2018, 54(3): 74-81.

[1]	毛保磊，慕德俊，胡伟，张慧翔，秦茂源. RSA密码核时间侧信道检测与量化分析[J]. 计算机工程与应用, 2017, 53(10): 8-12.
[2]	强小辉，陈波，陈国凯. OpenSSL HeartBleed漏洞分析及检测技术研究[J]. 计算机工程与应用, 2016, 52(9): 88-95.
[3]	顾鸿儒，孙连坤. 基于层次颜色Petri网的交通紧急调度算法与建模[J]. 计算机工程与应用, 2016, 52(16): 261-270.
[4]	谢天艺1，黄凯1，修思文2，唐从学3，严晓浪1. 素数域椭圆曲线密码加速器的VLSI实现[J]. 计算机工程与应用, 2016, 52(1): 89-94.
[5]	肖振久1，2，胡驰1，陈虹1. 改进的RSA算法在数字签名中的应用[J]. 计算机工程与应用, 2014, 50(17): 106-109.
[6]	王宝文，吴晓亮，李瑞亭，刘伟龙. 一个新的可验证多秘密分享方案[J]. 计算机工程与应用, 2011, 47(4): 90-92.
[7]	孙迎红¹，童元满²，王志英² . RSA算法的CUDA高效实现技术[J]. 计算机工程与应用, 2011, 47(2): 84-87.
[8]	毕越，侯整风. 一个基于向量空间秘密共享的新成员加入协议[J]. 计算机工程与应用, 2011, 47(16): 74-76.
[9]	董付国¹，厉玉蓉^1，2，杜萍¹. 方幂模快速计算的二进制分组查表法[J]. 计算机工程与应用, 2009, 45(22): 71-72.

基于OpenSSL的SM2与RSA自动切换算法的设计

Design of automatic switching algorithm between SM2 and RSA based on OpenSSL

PDF

可视化

摘要/Abstract

引用本文

使用本文

参考文献

相关文章 9

编辑推荐

Metrics