| 应用OpenSSL对SSL协议中间人攻击的实现 |
| |
| 引用本文: | 陈昱,江兰帆.应用OpenSSL对SSL协议中间人攻击的实现[J].计算机安全,2009(3):69-72. |
| |
| 作者姓名: | 陈昱 江兰帆 |
| |
| 作者单位: | 福州人学软件学院,福建福州,350108 |
| |
| 摘 要: | SSL是在互联网上提供安全通讯的密码学协议。在分析SSL协议和中间人攻击原理的基础上,利用OpenSSL开发库实现了中间人攻击,包括会话劫持、公钥证书的伪造和数据的转发,为用户安全使用SSL协议提供了建议和参考。
|
| 关 键 词: | SSL协议 中间人攻击 OpenSSL ARP欺骗 |
The Implementation of SSL Man-in-the-middle Attack Using OpenSSL |
| |
| CHEN Yu,JIANG Lan-fan.The Implementation of SSL Man-in-the-middle Attack Using OpenSSL[J].Network & Computer Security,2009(3):69-72. |
| |
| Authors: | CHEN Yu JIANG Lan-fan |
| |
| Affiliation: | Software College;Fuzhou University;Fujian Fuzhou 350108;China |
| |
| Abstract: | SSL was a cryptographic protocol that provides secure communications on the Internet. This paper first analysed the principle of SSL protocol and man-in-the-middle attack, then introduced how to implemente man-in-the-middle Attack using OpenSSL Library, including Session Hijack, falsification of X.509 digital certificate and relayed messages between victims. The experiment provided recommendations and reference for clients using SSL protocol in security. |
| |
| Keywords: | OpenSSL |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
|
