![]() Let’s start with a familiar example-accessing a web site with HTTPS-and use this example to pick apart the cryptographic pieces of interest. Command-line and code examples are one way to bring the main topics into focus together. The documentation for OpenSSL is spotty beyond the man pages, which become unwieldy given how big the OpenSSL toolkit is. Furthermore, calling OpenSSL command-line utilities begins with the term openssl. For example, OpenSSL functions often have SSL in the name even when TLS rather than SSL is in play. Nonetheless, it is common to refer to SSL/TLS as if they are one and the same protocol. TLSv1 and SSLv3 are alike, but not enough so to work together. SSL is versioned (e.g., SSLv2 and SSLv3), and in 1999 Transport Layer Security (TLS) emerged as a similar protocol based upon SSLv3. This feature is implemented with hash functions, which likewise come with the OpenSSL toolkit. For example, SSL supports message integrity, which assures that a received message is the same as the one sent. These two key SSL services, in turn, are tied to others that get less attention. Even if eavesdropper Eve intercepts an encrypted message from Alice to Bob (a man-in-the-middle attack), Eve finds it computationally infeasible to decrypt this message. This process safeguards network conversations. ![]() The receiver then decrypts each received message.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |