A Study Of The Trust Path Finding And Secure Communication Based On PKI

As the key and basic technology of information security,PKI has become a important platform of trust and authorization in network applications and provides secure safeguard of confidentiality,integrity,authentication and anti-denied for various application in the network. The core of PKI is to solve the trust problem in the information cyberspace, confirm various kinds of economy, military subject(include organizations and individuals)in information cyberspace, protect the security interests of different subjects in information cyberspace. In order to make PKI system do well in communication of network and satisfaction the mutual-trust between CA,this article studies from two aspects.The one is secure communications based on the SSL protocol,the other is PKI trust path search.The thesis is consisted mainly by following works:Firstly, it studies on the theories of PKI cryptosystem,digital signature andother related ones.And also analyses the main functions and compiler of OpenSSL software.Secondly, to analyze the existing PKI trust model,several typical trust models are thoroughly studied on.Based on the trust model,it studies two algorithms that finds trust path rapidly and efficiently.Those algorithms are based on group of random search from the basic of assessing trust path,and different from traditional search algorithms which just adopts the average trust values to obtain recommend path or bases on the graph,those advantage is that theysearch the better solution quickly and make the result more accurately.The article gives the specific algorithm implementation process,then verifies theanalysis and simulates research for the algorithm at last.Thirdly, focus on the SSL handshake protocol,the thesis implements a small self-signed CA system,which is based on OpenSSL by the way of command-line on windows platform.At the same time,combined with combined with OpenSSL encryption library and SSL protocol library,it realizes a secure channel that communicates between the client and the service,and explains the specific process of the secure communication.