公开(公告)号：KR101865921B1

公开(公告)日：2018-06-11

申请号：KR1020110098395

申请日：2011-09-28

Applicant: 한국전력공사

Inventor： 임용훈 ,  최문석 ,  최재덕 ,  민병길 ,  신인철 ,  서정택 ,  이철원

IPC: H04L29/06 ,  H04L9/30 ,  H04L9/14 ,  H04L9/08

Abstract: 암호화통신시스템은웹서버, 클라이언트, 및트래픽감시장치를포함한다. 웹서버는미리저장된개인키를이용하여통신설정을위한설정요청메시지에포함된초기해시값으로부터서명값을생성하고, 서명값을포함하는설정응답메시지를전송한다. 클라이언트는미리생성된복수개의비밀값들을이용하여복수개의해시충돌파라미터들을생성하고, 암호화데이터, 복수개의해시충돌파라미터들및 서명값을포함하는트래픽을전송한다. 트래픽감시장치는트래픽을수집하여복수개의파라미터들로부터해시충돌값을생성하고, 서명값을이용하여해시충돌값에대한유효성검증결과를생성하며, 유효성검증결과에따라트래픽을폐기하거나암호화데이터를웹서버로전송한다.

公开(公告)号：KR1020130034409A

公开(公告)日：2013-04-05

申请号：KR1020110098395

申请日：2011-09-28

Applicant: 한국전력공사

Inventor： 임용훈 ,  최문석 ,  최재덕 ,  민병길 ,  신인철 ,  서정택 ,  이철원

IPC: H04L9/30 ,  H04L12/26

CPC classification number: H04L63/306 ,  H04L9/088 ,  H04L9/14 ,  H04L9/30

Abstract: PURPOSE: A traffic monitoring apparatus, a method, and an encoded communication system are provided to block an abnormal encoded traffic generated in a web server and a communication node in which did not performed a communication setting in advance. CONSTITUTION: A communication system(100) comprises a web server(120), a traffic monitoring apparatus(130), and a client(110). The web server uses a private key which is stored in advance in order to produce a sign value from an initial hash value and transmit the value. A client produces a plurality of hash collision parameters by using a plurality of secrete values produced in advance, and transmits a traffic in which includes the encoded data, a plurality of hash collision parameters, and the sign value. A traffic monitoring apparatus produces the hash collision value from a plurality of hash collision parameters by collecting the traffic, and produces an effective certification result of the hash collision value by using the sign value. The traffic monitoring apparatus discards the traffic or transmits the encoded data to the web server according to the effective certification result. [Reference numerals] (10) Communication network;

Abstract translation: 目的：提供一种交通监控装置，方法和编码通信系统，以阻止在Web服务器中生成的异常编码流量和未预先进行通信设置的通信节点。 构成：通信系统（100）包括网络服务器（120），交通监控设备（130）和客户机（110）。 Web服务器使用预先存储的私钥，以便从初始散列值产生符号值并发送该值。 客户机通过使用预先产生的多个分离值产生多个散列冲突参数，并且发送包含编码数据的业务，多个散列冲突参数和符号值。 交通监控装置通过收集流量从多个哈希冲突参数产生哈希冲突值，并通过使用符号值产生哈希冲突值的有效认证结果。 流量监控装置根据有效的认证结果，丢弃流量或将编码数据发送到Web服务器。 （附图标记）（10）通信网络;