军用仿真网络数据保密传输技术研究
|
摘要
随着网络的发展,安全性变得越来越重要。本文以这种需求为背景,对军用仿真网络数据保密传输技术进行了研究。主要研究了数据加密技术和密钥管理技术两个主要的方面。
数据加密是保证通信安全的最基本和最常用的技术,本文广泛研究了以DES、IDEA、AES为代表的各种对称加密算法和以Diffie-Hellman、RSA、ECC为代表的各种公开密钥加密算法。并以实际应用为背景,分析了每种算法的优劣和应用前景,以及我们应该优先采用的算法等。
模幂计算技术是很多公钥密码算法的基础技术,是保证这些公钥算法可应用于实际中的关键一环。文本研究了各种模幂计算技术,分析了各种算法的适用环境,之后根据工程应用的实际情况,我们对蒙哥马利算法提出了一点改进,有效提高了算法的运行效率并降低了工程实现的复杂性。同时,我们提出了改进的素数产生方案,使素数产生的速度有了很大提高。
密钥管理是数据保密传输过程中不可缺少的重要一环。本文研究了Kerberos等密钥管理技术,分析了其工作原理等。在此基础上,我们进行了军用仿真网络密钥管理技术的研究。我们提出了一种新的军用仿真网络端到端密钥管理技术。该技术以HMAC协议和Diffie-Hellman算法为核心,在保证网络内部数据传输安全性的的同时,可有效减少PKI密钥管理方式所需要的开销。我们提出了一种新的军用仿真网络组播密钥管理技术,与GDH等技术相比,在保证安全性的前提下,新的组密钥管理技术的开销明显减小。
在文章的最后,我们给出了仿真安全平台软件系统的设计实现。以上述研究的技术为基础,描述了软件系统的总体设计以及部分模块的具体实现。
With the developing of network, safety is becoming more and more important. Considering this need, we decide to do the research on military based secure data transferring technologies. We focus on encryption technology and key-management technology.
Encryption is the basic and widely used technology to protect communication. In this paper, we study on all kinds of key-based algorithms, include both symmetric and public-key algorithms, such as DES, IDEA, AES, Diffie-Hellman, RSA and ECC. We point out the strengths and weaknesses of each algorithm, and the algorithms we should adopt.
Public-key cryptographic systems often involve raising elements of some group to large powers. An important question is how fast this exponentiation can be done, which often determines whether a given system is practical. In this paper we survey the known methods for fast exponentiation, examining their relative strengths and weaknesses, and then choose the methods that best fit our condition. Based on our experiences, we put forward some improvements on Montgomery algorithm, which effectively improve the speed. In addition, we present our improved prime test method, which also obviously improve the speed of prime-generation.
Key-management technology is indispensably in secure data transferring. We study on Kerberos technology and so on. We describe the basic issues of them, and discuss the development of them. Then we put forward a new method of end to end key-management. The new method is based on HMAC protocol and Diffie-Hellman algorithm. It can effectual insure the safety of data tranfsering in a local network. At the same time, it can much reduce the cost that PKI bring. We also put forward a new method of group-key-management, which obviously reduce the cost of GDH.
At the end, we describe the design and implementation of the software of safe-emulation-platform. We present the top design and some implementation of its modules.
数据加密是保证通信安全的最基本和最常用的技术,本文广泛研究了以DES、IDEA、AES为代表的各种对称加密算法和以Diffie-Hellman、RSA、ECC为代表的各种公开密钥加密算法。并以实际应用为背景,分析了每种算法的优劣和应用前景,以及我们应该优先采用的算法等。
模幂计算技术是很多公钥密码算法的基础技术,是保证这些公钥算法可应用于实际中的关键一环。文本研究了各种模幂计算技术,分析了各种算法的适用环境,之后根据工程应用的实际情况,我们对蒙哥马利算法提出了一点改进,有效提高了算法的运行效率并降低了工程实现的复杂性。同时,我们提出了改进的素数产生方案,使素数产生的速度有了很大提高。
密钥管理是数据保密传输过程中不可缺少的重要一环。本文研究了Kerberos等密钥管理技术,分析了其工作原理等。在此基础上,我们进行了军用仿真网络密钥管理技术的研究。我们提出了一种新的军用仿真网络端到端密钥管理技术。该技术以HMAC协议和Diffie-Hellman算法为核心,在保证网络内部数据传输安全性的的同时,可有效减少PKI密钥管理方式所需要的开销。我们提出了一种新的军用仿真网络组播密钥管理技术,与GDH等技术相比,在保证安全性的前提下,新的组密钥管理技术的开销明显减小。
在文章的最后,我们给出了仿真安全平台软件系统的设计实现。以上述研究的技术为基础,描述了软件系统的总体设计以及部分模块的具体实现。
With the developing of network, safety is becoming more and more important. Considering this need, we decide to do the research on military based secure data transferring technologies. We focus on encryption technology and key-management technology.
Encryption is the basic and widely used technology to protect communication. In this paper, we study on all kinds of key-based algorithms, include both symmetric and public-key algorithms, such as DES, IDEA, AES, Diffie-Hellman, RSA and ECC. We point out the strengths and weaknesses of each algorithm, and the algorithms we should adopt.
Public-key cryptographic systems often involve raising elements of some group to large powers. An important question is how fast this exponentiation can be done, which often determines whether a given system is practical. In this paper we survey the known methods for fast exponentiation, examining their relative strengths and weaknesses, and then choose the methods that best fit our condition. Based on our experiences, we put forward some improvements on Montgomery algorithm, which effectively improve the speed. In addition, we present our improved prime test method, which also obviously improve the speed of prime-generation.
Key-management technology is indispensably in secure data transferring. We study on Kerberos technology and so on. We describe the basic issues of them, and discuss the development of them. Then we put forward a new method of end to end key-management. The new method is based on HMAC protocol and Diffie-Hellman algorithm. It can effectual insure the safety of data tranfsering in a local network. At the same time, it can much reduce the cost that PKI bring. We also put forward a new method of group-key-management, which obviously reduce the cost of GDH.
At the end, we describe the design and implementation of the software of safe-emulation-platform. We present the top design and some implementation of its modules.
引文
[1]中国互联网络信息中心.第十六次中国互联网络发展状况统计报告.2005.7.http://www.cnnic,net.cn/uploadfiles/pdf/2005/7/20/210342.pdf
[2]Bruce Schneier Applied Cryptography,Second Edition:Protocols,Algorthms,and Source Code in C(cloth)John Wiley & Sons,Inc.01/01/1996
[3]胡道元,闵京华.网络安全.清华大学出版社.01/01/2004
[4]National Bureau of Standards,NBS FIPS PUB 46,"Data Encryption standard," National Bureau of Standards,U.S.Departmentof Commerce,Jan 1977.
[5]National Bureau of Standards,NBS FIPS PUB 46-1,"Data Encryption Standard," U.S.Department of Commerce,Jan 1988.
[6]National Bureau of Standards,NBS FIPS PUB 74,"Guidelines for Implementing and Using the NBS Data Encryption Standard," U.S.Department of Commerce,Apr 1981.
[7]National Bureau of Standards,NBS FIPS PUB 81,"DES Modes of Operation,"U.S.Department of Commerce,Dec 1980.
[8]National Bureau of Standards,NBS FIPS PUB 112,"Password Usage," U.S.Department of Commerce,May 1985.
[9]National Bureau of Standards,NBS FIPS PUB 113,"Computer Data Authentication," U.S.Department of Commerce,May 1985.
[10]冯秀涛,张焕国,覃中平,刘玉珍.DES类密码S盒的演化设计策略.第八届中国密码学会议论文集,无锡.2004,50-57.
[11]X.Lai,On the Design and Security of Block Ciphers,ETH Series in Information Processing,v.1,Konstanz:Hartung-Gorre Verlag,1992.
[12]X.Lai and J.Massey,"A Proposal for a New Block Encryption Standard,"Advances in Cryptology—EUROCRYPT '90 Proceedings,Springer-Verlag,1991,pp.389-404.
[13]X.Lai,Detailed Description and a Software Implementation of the IPES Cipher,unpublished manuscript,8 Nov 1991.
[14]X.Lai,J.Massey,and S.Murphy,"Markov Ciphers and Differential Cryptanalysis," Advances in Cryptology—UROCRYPT'91 Proceedings,Springer-Verlag,1991,pp.17-38.
[15]IEEE 802 Committee of the IEEE Computer Society.802.11i Draft[S].
[16]Stefan Lucks,Attacking Seven Rounds of Rijndael under 192-bit and 256-bit Keys.http://csrc.nist.gov/encryption/aes/round2/conf3.Third AES Candidate Conference,AES3,New York,2000
[17]J.Daemen,,V.Rijmen:AES Proposal:Rijndael(2nd version),AES submission.http://www.esat.kuleuven.ac.be/~rijnmen/rijndael/.Jun 1998
[18]Makoto Sgita,Kazukuni Kobara,Kazuhiro Uehara,Shuji Kubata,Hideki Imai,Relationships mong Differential,Truncated Differential,Impossible Differential Cryptanalysis against Word-Oriented Block Ciphers like Rijndael,E2:NTT Wireless Systems Innovation Laboratory,Network Innovation Laboratories.http://nist.gov/encryption/ 2000 AES Candidate Conference
[19]Henri Gilbert and Marine MiMer,A collision attacks on 7 rounds of Rijndael.http://now.cs.berkeley.edu/~daw/papers/ March 1999
[20]Phillip Rogaway.Proposal to NIST for a Block-cipher Mode of Operation which Simultaneously Provides Privacy and authenticity[DB/OL],2001-04.http://www.cs.ucdavis.edu/~rogaway/ocb/ocb.pdf
[21]Daemen J,Knudsen L R,Rijmen V.The Block Cipher Square.In:Biham E,eds.Fast Software Encryption '97,LNCS 1267[C],Springer-Verlag,1997:68-87.
[22]Ferguson N,Kelsey J,Schneier B,et al.Improved Cryptanalysis of Rijndael.In:Schneier B,eds.Fast Software Encryption 2000,LNCS 1978[C],Springer-Verlag,2001:213-231.
[23]W.Diffie and M.E.Hellman,"New Directions in Cryptography," IEEE Transactions on Information Theory,v.IT-22,n.6,Nov 1976,pp.644-654.
[24]J.A.Gordon,"Strong Primes are Easy to Find,"Advances in Cryptology:Proceedings of EUROCRYPT 84,Springer-Verlag,1985,pp.216-223.
[25]S.M.Bellovin and M.Merritt,"Encrypted Key Exchange:Password-Based Protocols Secure Against Dictionary Attacks," Proceedings of the 1992 IEEE Computer Society Conference on Research in Security and Privacy,1992,pp.72-84.
[26]张龙军,陈克非.无线局域网密钥安全管理方案研究.第八届中国密码学会议论文集,无锡.2004,432-437.
[27]R.L.Rivest,A.Shamir,and L.M.Adleman,"A Method for Obtaining Digital Signatures and Public-Key Cryptosystems," Communications of the ACM,v.21,n.2,Feb 1978,pp.120-126.
[28]R.L.Rivest,A.Shamir,and L.M.Adleman,"On Digital Signatures and Public Key Cryptosystems," MIT Laboratory for Computer Science,Technical Report,MIT/LCS/TR-212,Jan 1979.
[29]M.Gardner,"A New Kind of Cipher That Would Take Millions of Years to Break" Scientific American,v.237,n.8,Aug 1977,pp.120-124.
[30]N.Koblitz,"Elliptic Curve Cryptosystems,"Mathematics of Computation,v.48,n.177,1987,pp.203-209.
[31]V.S.Miller,"Use of Elliptic Curves in Cryptography," Advances in Cryptology—CRYPTO '85 Proceedings,Springer-Verlag,1986,pp.417-426.
[32]FIPS 186-2.Digital Signature Standard(DSS).Federal Information Processing Standards Publication 186-2,National Institute of Standards and Technology,2000.
[33]李学俊,胡磊.一种适合椭圆曲线密码的快速标量乘法对算法.第八届中国密码学会议论文集,无锡.2004,93-99.
[34]王鲲鹏,李宝.构造有限域上具有给定阶点的椭圆曲线.第八届中国密码学会议论文集,无锡.2004,138-140.
[35]吴树华,祝跃飞.F_2~m上椭圆曲线协处理器的FPGA有效实现.第八届中国密码学 会议论文集,无锡.2004,445-453. [36] Y. Yacobi, Exponentiating Faster With Addition Chains, Advances in Cryptology - Proceedings of Eurocrypt'90 (I.B. Damgard ed.), LNCS, vol 473, pages 222-229.
[37] P. L. Montgomery, Modular multiplication without trial division, Math. Comp. 44, 1985, page 519-512
[38] E. F. Brickell, D. M. Gordon , K. S. McCurley, and D.B. Wilson. Fast exponentiation with precomputation. In Advances in Cryptology -Proceedings of Eurocrypto' 92, volume 658, pages. 200-207. Springer-Verlag, 1992.
[39] Cgae Hoon Lim and Pil Joong Lee. More flexible exponentiation with precomputation. In Advances in Cryptology - Proceedings of Crypto'94, volume 839, 1994 . pages. 95-107.
[40] W.C.Yang, P.Y.Hsieh, and C.S.Laih, Efficient Squaring of Large Integers, The Institute of Electronics Information and Communication Engineers (IEICE) Transactions on Fundamentals, vol. E87-A, no.5, May 2004. (EI, SCI)
[41] M. Joye, and S. M. Yen, Optimal left-to-right binary signed-digit recoding, IEEE Transactions on Computers, (7):740-748, 2000
[42] Manindra Agarwal, Nitin Saxena, Neeraj Kayal, PRIMES is in P, IIT Kanpur, Preprint of August 8,2002, http://www. cse. iitk. ac. in/news/primality. html.
[43] G. L. Miller, "Riemann's Hypothesis and Tests for Primality," Journal of Computer Systems Science, v. 13, n. 3, Dec 1976, pp. 300-317.
[44] M.O. Rabin, "Probabilistic Algorithm for Testing Primality," Journal of Number Theory, v. 12, n. 1, Feb 1980, pp. 128- 138.
[45] National Institute of Standards and Technology, NIST FIPS PUB XX, "Digital Signature Standard," U.S. Department of Commerce, DRAFT, 19 Aug 1991.
[46] National Institute of Standards and Technology, NIST FIPS PUB 186, "Digital Signature Standard," U.S. Department of Commerce, May 1994.
[47] S. Goldwasser and J. Kilian, Almost all primes can be quickly certified, in Proc. Annual ACM Symposium on the Theory of Computing, 1986, page. 316-329,
[48] I. B. Damgard and P. Landrock, "Improved Bounds for the Rabin Primality Test", Cryptography and Coding III, M. J. Ganley, ed. Oxford: Clarendon Press, 1993, pp. 117-128
[49] I.B.Damgard , P. Landrock and, C.Pomerance, "Average Case Error Estimates for the Strong Probable Prime Test", Mathematics of Computation, v.61, n.203, Jul 1993, pp. 177-194
[50] A. K. Lenstra and H. W. Lenstra, Jr. eds. Lecture Notes in Mathematics 1554: The Development of the Number Field Sieve, Springer-Verlag, 1993
[51] A. Selby and C.Mitchell, Algorithms for software implementations of RSA, IEEE Proceedings, 136(3), Pt. E, 1989, page 166-170
[52]S.P.Miller,B.C.Neuman,J.I.Schiller,and J.H.Saltzer,"Section E.2.1:Kerberos Authentication and Authorization System," MIT Project Athena,Dec 1987.
[53]R.M.Needham and M.D.Schroeder,"Using Encryption for Authentication in Large Networks of Computers," Communications of the ACM,v.21,n.12,Dec 1978,pp.993-999.
[54]B.C.Neuman and T.Ts'o,"Kerberos:An Authentication Service for Computer Networks," IEEE Communications Magazine,v.32,n.9,Sep 1994,pp.33-38.
[55]J.G.Steiner,B.C.Neuman,and J.I.Schiller,"Kerberos:An Authentication Service for Open Network Systems," USENIX Conference Proceedings,Feb 1988,pp.191-202.
[56]Shamir A.Identity-Based Cryptosystems and Signature Schemes.Proceedings of Crypto 1984.Berlin:Springer-Verlag,1984.47-53.
[57]CCITT,Recommendation X.509,"The Directory—Authentication Framework," Consultation Committee,International Telephone and Telegraph,International Telecommunications Union,Geneva,1989.
[58]C.I'Anson and C.Mitchell,"Security Defects in CCITT Recommendation X.509—the Directory Authentication Framework," Computer Communications Review,v.20,n.2,Apr 1990,pp.30-34.
[59]C.J.Mitchell,M.Walker,and D.Rush,"CCITT/ISO Standards for Secure Message Handling," IEEE Journal on Selected Areas in Communications,v.7,n.4,May 1989,pp.517-524.
[60]CCITT,Recommendation X.509,"The Directory-Authentication Framework," Consultation Committee,International Telephone and Telegraph,International Telecommunications Union,Geneva,1989
[61]李荣森,秦杰,窦文华.RSA系列算法在工程中的应用研究.计算机科学.2006
[2]Bruce Schneier Applied Cryptography,Second Edition:Protocols,Algorthms,and Source Code in C(cloth)John Wiley & Sons,Inc.01/01/1996
[3]胡道元,闵京华.网络安全.清华大学出版社.01/01/2004
[4]National Bureau of Standards,NBS FIPS PUB 46,"Data Encryption standard," National Bureau of Standards,U.S.Departmentof Commerce,Jan 1977.
[5]National Bureau of Standards,NBS FIPS PUB 46-1,"Data Encryption Standard," U.S.Department of Commerce,Jan 1988.
[6]National Bureau of Standards,NBS FIPS PUB 74,"Guidelines for Implementing and Using the NBS Data Encryption Standard," U.S.Department of Commerce,Apr 1981.
[7]National Bureau of Standards,NBS FIPS PUB 81,"DES Modes of Operation,"U.S.Department of Commerce,Dec 1980.
[8]National Bureau of Standards,NBS FIPS PUB 112,"Password Usage," U.S.Department of Commerce,May 1985.
[9]National Bureau of Standards,NBS FIPS PUB 113,"Computer Data Authentication," U.S.Department of Commerce,May 1985.
[10]冯秀涛,张焕国,覃中平,刘玉珍.DES类密码S盒的演化设计策略.第八届中国密码学会议论文集,无锡.2004,50-57.
[11]X.Lai,On the Design and Security of Block Ciphers,ETH Series in Information Processing,v.1,Konstanz:Hartung-Gorre Verlag,1992.
[12]X.Lai and J.Massey,"A Proposal for a New Block Encryption Standard,"Advances in Cryptology—EUROCRYPT '90 Proceedings,Springer-Verlag,1991,pp.389-404.
[13]X.Lai,Detailed Description and a Software Implementation of the IPES Cipher,unpublished manuscript,8 Nov 1991.
[14]X.Lai,J.Massey,and S.Murphy,"Markov Ciphers and Differential Cryptanalysis," Advances in Cryptology—UROCRYPT'91 Proceedings,Springer-Verlag,1991,pp.17-38.
[15]IEEE 802 Committee of the IEEE Computer Society.802.11i Draft[S].
[16]Stefan Lucks,Attacking Seven Rounds of Rijndael under 192-bit and 256-bit Keys.http://csrc.nist.gov/encryption/aes/round2/conf3.Third AES Candidate Conference,AES3,New York,2000
[17]J.Daemen,,V.Rijmen:AES Proposal:Rijndael(2nd version),AES submission.http://www.esat.kuleuven.ac.be/~rijnmen/rijndael/.Jun 1998
[18]Makoto Sgita,Kazukuni Kobara,Kazuhiro Uehara,Shuji Kubata,Hideki Imai,Relationships mong Differential,Truncated Differential,Impossible Differential Cryptanalysis against Word-Oriented Block Ciphers like Rijndael,E2:NTT Wireless Systems Innovation Laboratory,Network Innovation Laboratories.http://nist.gov/encryption/ 2000 AES Candidate Conference
[19]Henri Gilbert and Marine MiMer,A collision attacks on 7 rounds of Rijndael.http://now.cs.berkeley.edu/~daw/papers/ March 1999
[20]Phillip Rogaway.Proposal to NIST for a Block-cipher Mode of Operation which Simultaneously Provides Privacy and authenticity[DB/OL],2001-04.http://www.cs.ucdavis.edu/~rogaway/ocb/ocb.pdf
[21]Daemen J,Knudsen L R,Rijmen V.The Block Cipher Square.In:Biham E,eds.Fast Software Encryption '97,LNCS 1267[C],Springer-Verlag,1997:68-87.
[22]Ferguson N,Kelsey J,Schneier B,et al.Improved Cryptanalysis of Rijndael.In:Schneier B,eds.Fast Software Encryption 2000,LNCS 1978[C],Springer-Verlag,2001:213-231.
[23]W.Diffie and M.E.Hellman,"New Directions in Cryptography," IEEE Transactions on Information Theory,v.IT-22,n.6,Nov 1976,pp.644-654.
[24]J.A.Gordon,"Strong Primes are Easy to Find,"Advances in Cryptology:Proceedings of EUROCRYPT 84,Springer-Verlag,1985,pp.216-223.
[25]S.M.Bellovin and M.Merritt,"Encrypted Key Exchange:Password-Based Protocols Secure Against Dictionary Attacks," Proceedings of the 1992 IEEE Computer Society Conference on Research in Security and Privacy,1992,pp.72-84.
[26]张龙军,陈克非.无线局域网密钥安全管理方案研究.第八届中国密码学会议论文集,无锡.2004,432-437.
[27]R.L.Rivest,A.Shamir,and L.M.Adleman,"A Method for Obtaining Digital Signatures and Public-Key Cryptosystems," Communications of the ACM,v.21,n.2,Feb 1978,pp.120-126.
[28]R.L.Rivest,A.Shamir,and L.M.Adleman,"On Digital Signatures and Public Key Cryptosystems," MIT Laboratory for Computer Science,Technical Report,MIT/LCS/TR-212,Jan 1979.
[29]M.Gardner,"A New Kind of Cipher That Would Take Millions of Years to Break" Scientific American,v.237,n.8,Aug 1977,pp.120-124.
[30]N.Koblitz,"Elliptic Curve Cryptosystems,"Mathematics of Computation,v.48,n.177,1987,pp.203-209.
[31]V.S.Miller,"Use of Elliptic Curves in Cryptography," Advances in Cryptology—CRYPTO '85 Proceedings,Springer-Verlag,1986,pp.417-426.
[32]FIPS 186-2.Digital Signature Standard(DSS).Federal Information Processing Standards Publication 186-2,National Institute of Standards and Technology,2000.
[33]李学俊,胡磊.一种适合椭圆曲线密码的快速标量乘法对算法.第八届中国密码学会议论文集,无锡.2004,93-99.
[34]王鲲鹏,李宝.构造有限域上具有给定阶点的椭圆曲线.第八届中国密码学会议论文集,无锡.2004,138-140.
[35]吴树华,祝跃飞.F_2~m上椭圆曲线协处理器的FPGA有效实现.第八届中国密码学 会议论文集,无锡.2004,445-453. [36] Y. Yacobi, Exponentiating Faster With Addition Chains, Advances in Cryptology - Proceedings of Eurocrypt'90 (I.B. Damgard ed.), LNCS, vol 473, pages 222-229.
[37] P. L. Montgomery, Modular multiplication without trial division, Math. Comp. 44, 1985, page 519-512
[38] E. F. Brickell, D. M. Gordon , K. S. McCurley, and D.B. Wilson. Fast exponentiation with precomputation. In Advances in Cryptology -Proceedings of Eurocrypto' 92, volume 658, pages. 200-207. Springer-Verlag, 1992.
[39] Cgae Hoon Lim and Pil Joong Lee. More flexible exponentiation with precomputation. In Advances in Cryptology - Proceedings of Crypto'94, volume 839, 1994 . pages. 95-107.
[40] W.C.Yang, P.Y.Hsieh, and C.S.Laih, Efficient Squaring of Large Integers, The Institute of Electronics Information and Communication Engineers (IEICE) Transactions on Fundamentals, vol. E87-A, no.5, May 2004. (EI, SCI)
[41] M. Joye, and S. M. Yen, Optimal left-to-right binary signed-digit recoding, IEEE Transactions on Computers, (7):740-748, 2000
[42] Manindra Agarwal, Nitin Saxena, Neeraj Kayal, PRIMES is in P, IIT Kanpur, Preprint of August 8,2002, http://www. cse. iitk. ac. in/news/primality. html.
[43] G. L. Miller, "Riemann's Hypothesis and Tests for Primality," Journal of Computer Systems Science, v. 13, n. 3, Dec 1976, pp. 300-317.
[44] M.O. Rabin, "Probabilistic Algorithm for Testing Primality," Journal of Number Theory, v. 12, n. 1, Feb 1980, pp. 128- 138.
[45] National Institute of Standards and Technology, NIST FIPS PUB XX, "Digital Signature Standard," U.S. Department of Commerce, DRAFT, 19 Aug 1991.
[46] National Institute of Standards and Technology, NIST FIPS PUB 186, "Digital Signature Standard," U.S. Department of Commerce, May 1994.
[47] S. Goldwasser and J. Kilian, Almost all primes can be quickly certified, in Proc. Annual ACM Symposium on the Theory of Computing, 1986, page. 316-329,
[48] I. B. Damgard and P. Landrock, "Improved Bounds for the Rabin Primality Test", Cryptography and Coding III, M. J. Ganley, ed. Oxford: Clarendon Press, 1993, pp. 117-128
[49] I.B.Damgard , P. Landrock and, C.Pomerance, "Average Case Error Estimates for the Strong Probable Prime Test", Mathematics of Computation, v.61, n.203, Jul 1993, pp. 177-194
[50] A. K. Lenstra and H. W. Lenstra, Jr. eds. Lecture Notes in Mathematics 1554: The Development of the Number Field Sieve, Springer-Verlag, 1993
[51] A. Selby and C.Mitchell, Algorithms for software implementations of RSA, IEEE Proceedings, 136(3), Pt. E, 1989, page 166-170
[52]S.P.Miller,B.C.Neuman,J.I.Schiller,and J.H.Saltzer,"Section E.2.1:Kerberos Authentication and Authorization System," MIT Project Athena,Dec 1987.
[53]R.M.Needham and M.D.Schroeder,"Using Encryption for Authentication in Large Networks of Computers," Communications of the ACM,v.21,n.12,Dec 1978,pp.993-999.
[54]B.C.Neuman and T.Ts'o,"Kerberos:An Authentication Service for Computer Networks," IEEE Communications Magazine,v.32,n.9,Sep 1994,pp.33-38.
[55]J.G.Steiner,B.C.Neuman,and J.I.Schiller,"Kerberos:An Authentication Service for Open Network Systems," USENIX Conference Proceedings,Feb 1988,pp.191-202.
[56]Shamir A.Identity-Based Cryptosystems and Signature Schemes.Proceedings of Crypto 1984.Berlin:Springer-Verlag,1984.47-53.
[57]CCITT,Recommendation X.509,"The Directory—Authentication Framework," Consultation Committee,International Telephone and Telegraph,International Telecommunications Union,Geneva,1989.
[58]C.I'Anson and C.Mitchell,"Security Defects in CCITT Recommendation X.509—the Directory Authentication Framework," Computer Communications Review,v.20,n.2,Apr 1990,pp.30-34.
[59]C.J.Mitchell,M.Walker,and D.Rush,"CCITT/ISO Standards for Secure Message Handling," IEEE Journal on Selected Areas in Communications,v.7,n.4,May 1989,pp.517-524.
[60]CCITT,Recommendation X.509,"The Directory-Authentication Framework," Consultation Committee,International Telephone and Telegraph,International Telecommunications Union,Geneva,1989
[61]李荣森,秦杰,窦文华.RSA系列算法在工程中的应用研究.计算机科学.2006