| 摘要 |
A secure computer network (40) service based on public key cryptography enables communication between a client (28, 29 and 30) and a server (22) running on any node of the computer network to communicate critical information in a secret and integral manner against compromised certificate based attacks, such as an "ex-employee" attack on the Secure Socket Layer (SSL) handshake protocol. A two-step delayed commitment scheme is implemented, whereby in the first step, only partial information concerning a pre-master secret encrypted with server's public key is initially sent, and in a second step, full commitment to the pre-master secret encrypted with the server's public key is not performed until after an intervening communication from the server containing random information is received, thereby stopping the attacker from performing 1) switching of a compromised certificate and 2) re-encryption of a learned pre-master secret with the public key of the legitimate certificate during a single protocol run, thus preventing such an attack. The method integrates the two-step delayed commitment scheme to current authentication and key exchange protocols, requiring only minimum changes to the current protocol, yet providing enhanced security against attacks using compromised certificates. |
