Chinese Journal of Network and Information Security ›› 2017, Vol. 3 ›› Issue (12): 22-30.doi: 10.11959/j.issn.2096-109x.2017.00224

• Papers • Previous Articles     Next Articles

Protocol to enhance the security of Early data in TLS 1.3

Xing-long ZHANG1,Qing-feng CHENG1,2(),Jian-feng MA2   

  1. 1 Information Engineering University,Zhengzhou 450004,China
    2 College of Computer Science,Xidian University,Xi’an 710071,China
  • Revised:2017-11-28 Online:2017-12-01 Published:2018-01-12
  • Supported by:
    The National High Technology Research and Development Program (863 Program)(2015AA016007);The National Key Laboratory Foundation of Cryptography(MMKFKT201514)


The new 0-RTT Internet key exchange was drawn on the TLS 1.3 session resumption phase,the rFSOPKE protocol was constructed,and the Early data encryption and transmission process were improved.The rFSOPKE protocol can protect the forward security of Early data and protect it from replay attacks during the validity period of the Ticket.Compared with the previous Early data transmission process,rFSOPKE greatly enhanced the security of Early data.Due to the increase in the calculation and transmission overhead of this protocol when sending Early data,the efficiency of the protocol is reduced.However,rFSOPKE can embed the appropriate algorithm according to the different application environment,so more efficient algorithms should be chosen to improve the protocol implementation speed.

Key words: 0-RTT, Early data, forward security, replay attack, rFSOPKE

CLC Number: 

No Suggested Reading articles found!