With advancement information communication technology, personal information and confidential data that are stored and accessed on the web is becoming more prevalent. The valuable information when either stolen or illegally acquired by others will not ...
With advancement information communication technology, personal information and confidential data that are stored and accessed on the web is becoming more prevalent. The valuable information when either stolen or illegally acquired by others will not only exploit those individuals involved but also can bring about social chaos and turmoil. Recently, with the emergence of security threatening issues, such as malignant code, zombie PC, etc., information security has become a critical issue causing a grave public concern. Under such situation, today quantum cryptography system is being considered as one of the advanced alternatives to address the challenge.
Current internet security technology, Secure Socket Layer(SSL) is most widely used web security protocols in the world; its cryptography system is designed, mostly based on the modern password, utilizing mathematical calculation. As such, one vulnerably for SSL is the public-key based cryptographic algorithm during the Handshake Protocol. In fact, the public-key based cryptography system has proven to be easily compromised when quantum computers are introduced.
This study examines the vulnerability displayed during the handshake process and suggests encrypting MD5 and hash function after key distribution by utilizing BB84 protocols and GHZ states swapping for RSA based handshake protocol with Diffie-Hellman algorithm based handshake. The suggestion implies by applying the quantum key distribution protocol only for distributing the encrypted key while preserving the existing algorithm system, and accordingly, the quantum handshake has the advantage of being highly extensible. Furthermore, the enhanced protocol with its strengthened security makes it improbable for tapping or intercepting.
There are limitations in applying quantum in web security for commercial use; however, the purpose of the research when technical issues are resolved, the quantum protocol will definitely demonstrate as an outstanding feature of highly impenetrable security.