| Summary: | 碩士 === 國防大學管理學院 === 資訊管理學系 === 98 === According to the universality of the Internet, the information exchange is more convenient. Regardless of the enterprise, government, academic organizations, and the educational units, there are more and more digital data exchange through the internet. But in the transmission process, the viruses, crackers, eavesdropping, replay attacks etc. are the growing threats to the information security. Therefore, to prevent the various kinds of malicious attacks in the internet, such as using eavesdropping and detection technique to get, eavesdrop and modify the data. So information security is one of the most important issues of nowadays and "Cryptography" always has new theories and applications. The most famous key exchange protocol is Diffie-Hellman key exchange protocol. Its security is based on discrete logarithm. Because it can’t authenticate the participants, it cannot prevent the man-in-the-middle attack.
This study attempts to work without PKI to exchange session key. It uses one time equation, pseudo random number generator and hash function etc. and executes in different steps and exchanges some necessary relevant parameters to strengthen the security of session key exchange. It also performs some authentication of participants in the process to prevent the man-in-the-middle attack and ensure the security of session key exchange.
|
|---|
