| With the rapid development and the extensive application of Internet, the importance and the urgency of the network and information security have become increasingly prominent. Netscape Company has put forward the Secure Socket Layer protocol SSL (Secure Socket Layer) based on public-key technology, therefore it can guarantee the confidentiality and the reliability of the communications between two entities. The SSL protocol is the industry standard for secure communications internet.The OpenSSL is an open source product implementing SSL protocol. Its documents are published on the official website of OpenSSL. The documents of OpenSSL are limited in command line tool and API Specifications. We can'nt know the design ideas and process details.This paper is based on the source codes of OpenSSL, tracks communication between client and server. The author's ideas about the development of software and realization of the technology and skills shall be sorted out. Analyzed how to use interface and polymorphism of object-oriented to dynamically load multi encryption algorithm. Analyzed how to select the cipher suites. Point out deficiency of SSL message, like Client hello, Server hello, Client Key Exchange, Server certificate etc.Using third-party mail software with OpenSSL library embedded, Connect with the Gmail server to testing, Test results showed that the analysis process above. By the way, compare to IE connection with Gmail server, Test results show that default encryption algorithm and strength of IE is not high.Design the project about secure logging on Websits basis on RSA dissymmetrical algorithm. Resolve the problem of intermediator assault.Analysis and testing through OpenSSL, it is a reference for studying OpenSSL and SSL protocol and implementation. It is reference for our Design and Implementation of SSL in the future. |
PDF Full Text Request