| Secure Socket Layer Protocol ( SSL ) is a security protocol that provides communications privacy over the Internet. The primary goal of the SSL protocol is to provide privacy and reliability between two communicating applications. The protocol adopts many encryption algorithms, and possesses a lot of functions such as information encryption, digital signature, integrality checking and key exchange. It also allows client/server applications to communicate in a way that is designed to prevent eavesdropping, tampering, or message forgery. SSL protocol is presented by Netscape Communication primitively, with the version v2.0 and v3.0 . IETF makes TLS as a universal standard at the foundation of SSLv3.0 ( actually v3.1, it's very near to v3.0) . With the features of high security, strong applicability, convenient realization, SSL is applied over the Internet widely, and becomes practical standard of SHTTP, SSMTP, SET, SSL-VPN.Strengthening the research of SSL protocol, raveling its security mechanism, searching the potential security leak and making self-safety and active attack make important practical sense and technical value for vindicating the security of national politics, economy, national defence and diplomatism.Author participates in and takes on this research in the period of reading for master's degree. Firstly, begin with unscrambling protocols, clarifying the structure and mechanism of SSL protocol, then study the SSL mechanism in many aspects, finally, realize the exposure of cipher_suite-03 by cryptanalysis technology and method. The production of this research produces favorable benefit. This paper is the technical conclusion of the research production.There are four parts in the paper, the first part introduces the development situation of SSL protocol, realizing features and the purpose of this research.The second part is the summarizing of SSL protocol. Firstly, it shows two important notions of SSL protocols: Session state and Connection state. Then it introduces four formats of SSL Record protocol and the disposing manner of Application data. Finally, it describes handshake protocol stressly, and studies the handshake types, handshake flow, authentication manner and key-generation mechanism particularly.The third part studies the security mechanism in deeply, it analyzes the resisting attacks ability of SSL in many aspects, and it opens out the weakness of SSL and potential attacking behavior.The fourth part of the paper analyzes the security of SSL cryptography algorithm, and sortly introduces the cryptography systems adopted in SSL. Then combined with practical data, using the weakness of export algorithm key-generation mechanism and the rule of finished message plaintext, it forms the thought of trying out the keys, and finally realize the exposure of cipher_suite-03. |
PDF Full Text Request