Title :
A Scheme to Improve Security of SSL
Author :
Huawei, Zhao ; Ruixia, Liu
Author_Institution :
Sch. of Comput. & Inf. Eng., Shandong Univ. of Finance, Jinan, China
Abstract :
SSL is a cryptographic protocol that is widely used in secure applications based on web browser, such as e-payment. The protocol is based on the principle of PKI and uses digital certificates to realize secure communication. However, the use of certificate in SSL does not obey the strict hierarchy CAs, which causes some secure defects in SSL. Besides, session key of SSL is limited by the exportation of USA, and its valid length is only 40 bits, and the length is vulnerable to exhaustive attack. A scheme proposed to improve security of SSL by modifying hand-shake protocol. Analyzing the scheme shows that it not only can remedy the secure defects of SSL, but also can add the valid length of session key in SSL.
Keywords :
cryptographic protocols; telecommunication security; SSL; cryptographic protocol; secure communication; Authentication; Circuits; Computer science; Computer security; Cryptographic protocols; Encapsulation; Finance; Information security; Public key; Resists; Exhaustive attack; SSL; Session key;
Conference_Titel :
Circuits, Communications and Systems, 2009. PACCS '09. Pacific-Asia Conference on
Conference_Location :
Chengdu
Print_ISBN :
978-0-7695-3614-9
DOI :
10.1109/PACCS.2009.148
