| 公钥基础设施(PKI)安全性研究 |
| |
| 引用本文: | 田仲富.公钥基础设施(PKI)安全性研究[J].中国安全科学学报,2009,19(2). |
| |
| 作者姓名: | 田仲富 |
| |
| 作者单位: | 东北林业大学机电工程学院,哈尔滨,150040 |
| |
| 摘 要: | 详细介绍公钥基础设施(PKI)的基本概念、PKI的基本框架组成以及其各部分的主要特征、功能;重点对PKI的安全性问题作了剖析,当前PKI的最主要安全缺陷表现在两个方面:其一,政策性缺陷即PKI本身的标准不一,没有一个统一的国际标准;其二,即PKI在应用中的合理性问题主要包括其证书认证、密钥的安全性以及密钥的长度等问题。对于PKI的自身及其使用缺陷,笔者认为应由相关权威部门尽早地制定出一套统一的标准,另外,还要相应地增强其公钥加密算法以及采用合理的密钥长度,进而完善证书的颁发、撤销以及认证等问题。
|
| 关 键 词: | 公钥基础设施(PKI) CA服务器 公钥 认证模型 安全策略 |
Research on the Security of Public Key Infrastructure |
| |
| TIAN Zhong-fu.Research on the Security of Public Key Infrastructure[J].China Safety Science Journal,2009,19(2). |
| |
| Authors: | TIAN Zhong-fu |
| |
| Abstract: | The basic concept,framework,features and functions of PKI (public key infrastructure) are detailed,and the security problems are explored with emphasis. Two security problems about PKI are pointed out; one is that there are not unitive international standards; the other is the rational problems in application such as authentication of certificate,key security and the key length,etc.. For the first problem,related authority departments should establish a set of uniform standards; for the second,the cryptographic algorithm should be strengthened,the key length should be rationally adopted,and the issue,cancel and authentication of certificate should be perfected. |
| |
| Keywords: | public key infrastructure (PKI) certificate authority server public key certification model security policy |
| 本文献已被 维普 万方数据 等数据库收录! |
|
