The methods of using SSL protocol in embedded e-Commerce systemare studied for solving the security issue of online trading . In the application of RSA public key algorithm, the longer key length is, the lower system's efficiency is. Based on the mechanisms of SSL handshake protocol, SSL is extended with elliptic curve cryptography. Elliptic Curve Diffie-Hellman (ECDH) and Elliptic Curve Digital Signature Algorithm (ECDSA) are implemented. The ECC has a smaller size and faster computing speed in the same security level. The program is tested by OpenSSL1.0.1.And the results show that the SSL processing is improved and the storage space is reduced when ensuring the security. The design which is efficient and safe is provided for the embedded e-Commerce system. And the design solves the problem of strain on the resources of embedded devices.%为解决网上交易的安全问题,研究了在嵌入式电子商务系统中SSL协议双向认证的方法。针对RSA公钥算法伴随密钥长度增加明显降低系统效率,使用椭圆曲线公钥算法(ECC)对SSL握手协议进行扩展,实现椭圆曲线密钥交换算法(ECDH)、椭圆曲线数字签名算法(ECDSA),在同等安全等级下ECC具有更小的密钥尺寸和更快的计算速度。使用OpenSSL1.0.1进行性能测试,结果表明该方案在保证安全性同时提高了SSL处理速度、减小存储空间,此方案适用于嵌入式设备资源紧张的状况,为嵌入式电子商务系统提供了一种安全可靠的解决方案。
展开▼