Recently, the Ministry of Industry and Information Technology, the Ministry of Education, the Ministry of Science and Technology and other seven departments jointly issued the "Implementation Opinions on Promoting the Innovation and Development of Future Industries".It is necessary to promote open source technology, build an open source community, and build an open source ecosystem。With the steady advancement of the digital transformation strategy, open source has become a continuous driving force to stimulate technological breakthroughs and promote the development of the information industry, and strengthening the construction of the open source system is of great significance to empower the high-quality development of the digital economy.
Adhering to the concept of deep cultivation of software root technology and open source, Huawei has worked with industry partners to innovate and break through key technologies to build the first fully self-developed cryptographic suite OpenHitls in China. As the first batch of start-up members of the openhitls communityIt has cooperated with more than 10 industry-university-research institutions such as Huawei, China Merchants Bank, Xidian University, Shanghai Jiao Tong University, and Shandong University to promote the rapid application and development of domestic cryptographic security standards, accelerate ecological construction, and promote the implementation of business secrets in all walks of life through open source co-construction and sharing.
Kou Zengjie, senior vice president of Tianrongxin Technology Group (fifth from left).
OpenHitls aims to create a technology-leading cipher suite with extreme features, extreme performance, and high trust, and meets the diverse requirements of different scenarios in various industries through a lightweight and tailorable software technology architecture, making application security simpler, and at the same time exploring advanced algorithm innovation practices such as post-quantum, and building a cutting-edge cryptographic technology base. At present, the openHITLS community has jointly carried out source ** function verification and security testing for start-up members。Relying on OpenHitls, Tianrongxin takes the scene as the traction and the iconic products as the starting point to connect R&D and application to accelerate the industrialization process.
Application scenario 1: High-performance encryption and decryption products
As network cipher machines, server cipher machines and other products are widely used in important fields such as government cloud, finance, and energy, higher requirements are put forward for encryption and decryption processing performance.
OpenHitls improves the performance of algorithms through CPU instruction set and algorithm optimization, significantly improves the performance of cryptographic products based on localized platforms, and accelerates the progress of high-performance cryptographic products.
Application scenario 2: Lightweight cryptographic products
Miniaturized and lightweight cryptographic products and modules are widely used in business scenarios such as the Internet of Vehicles and the Internet of Things, providing security assurance capabilities such as identity authentication, transmission encryption and decryption, and encrypted storage of sensitive data for such terminals.
OpenHitls adopts a lightweight and tailorable software technology architecture, which decouples the protocols, certificates, algorithms, and scheduling functions in the cryptographic module, and can be freely selected according to the needs of different scenarios through tailoring methods, supporting a minimum cutting granularity of 20KB, providing the optimal cost solution for different scenarios in various industries and making application security simpler.
Application scenario 3: SSL offloading
As the most widely used encrypted communication protocol, SSL improves the security of data transmission, but it also occupies a large number of server resources, and at the same time, a large number of network malicious attacks also use SSL protocol to hide and evade the inspection of network security devices. Web Application Firewall, Server Load Balancer, SSL VPN, and other devices can effectively reduce the consumption of server resources during encryption and decryption by integrating SSL offloading functions, and detect and prevent malicious attacks hidden in encryption protocols.
OpenHitls has widely supported mainstream versions of TLS and TLCP protocols, which can quickly complete the compatibility and adaptation of products, and combine high-performance cryptographic algorithms to achieve high-performance processing of SSL protocols.
Over the years, Topsec has actively participated in open source community building activities and has joinedOpenEuler, OpenKylin, and OpenAnolisand other open source communities. While actively contributing to the community, we will focus on promoting the application of open source community achievements in products, improving product technology innovation capabilities, and driving the high-quality development of the industry.
topsec
In the future, Topsec will, as always, support and participate in the construction of open source communities, deepen industrial applications, work with community members to expand more application scenarios, create more demonstration projects, and provide strong support for promoting the construction of a digital power and a network power.