Title :
Cipher Suite Setting Problem of SSL Protocol and it´s Solutions
Author :
Lee, Yunyoung ; Hur, Soonhaeng ; Won, Dongho ; Kim, Seungjoo
Author_Institution :
Dept. of Electr. & Comput. Eng., Sungkyunkwan Univ., Suwon, South Korea
Abstract :
As the use of Internet is being generalized, the security problems about data transfer are rearing up as the important issue. There are many security protocols to solve the problems and the SSL (secure socket layer) protocol is the most widely used one among them. While the SSL protocol is designed to defend the client from active attacks such as message forgery and message alteration, the cipher suite setting can be easily modified. If the attacker draws on a malfunction of the client system and modifies the software´s cipher suite setting to the symmetric key algorithm which has short key length, he can eavesdrop and cryptanalyze the encrypted data. In this paper, we examine the web sites whether they generate the security session through the symmetric key algorithm which has short key length and propose the solution of the cipher suite setting problem.
Keywords :
Internet; cryptography; protocols; Internet; SSL protocol; cipher suite setting problem; message forgery; secure socket layer protocol; symmetric key algorithm; Access protocols; Application software; Cryptography; Data security; Forgery; IP networks; Information security; Internet; Sockets; TCPIP; Cipher Suite; SSL; Secure Socket Layer; Security;
Conference_Titel :
Advanced Information Networking and Applications Workshops, 2009. WAINA '09. International Conference on
Conference_Location :
Bradford
Print_ISBN :
978-1-4244-3999-7
Electronic_ISBN :
978-0-7695-3639-2
DOI :
10.1109/WAINA.2009.76
