| With the rapid development and the extensive application of Internet, the importance and the urgency of the network and information security have become increasingly prominent. Netscape Company has put forward the Secure Socket Layer protocol SSL (Secure Socket Layer) based on public-key technology, therefore it can guarantee the confidentiality and the reliability of the communications between two entities. The SSL protocol is the Industry Standard for secure communications via internet.Many software products we are using now are written in the USA. The USA limited the export of encryption algorithms in the past. Although in January 2000, the USA relaxed this limitation and export of encryption algorithms with high intensity were no longer forbidden, we cannot make sure that the high intensity algorithms have been integrated into the software products we employ. It is still the best choice to use our own encryption algorithms in SSL and TLS protocols.The OpenSSL is an open source product implementing SSL protocol. Its documents are published on the official website of OpenSSL. The documents of OpenSSL are limited in command line tool and API Specifications, but it is difficult to search the published literatures about the analysis of the source codes of OpenSSL.The first step is to deeply analyse the handshake process. It is the foundation on which SSL and TLS can ensure communication security. The handshake process contains the exchange of many kinds of messages. It is necessary to comprehend their order, structure, content and effect as well as KDF hidden behind them.then based on the source codes of OpenSSL. We deeply study how to realize SSL communication. In the end, according to tracking the client and server communications of OpenSSL by ssldump, the whole process of analyzing on the SSL shake hand and encryption of application data has been completed. |
PDF Full Text Request