• Create BookmarkCreate Bookmark
  • Create Note or TagCreate Note or Tag
  • PrintPrint

Attacks on SSL

One of the many functions of SSL is providing for encrypted communications. Many attacks on SSL are designed to break the encryption by discovering the secret key used. Remember that SSL uses symmetric key cryptography to provide encryption. This basically means that the client and server each share the same secret key that is used to both encrypt and decrypt the communications. If an attacker can discover this secret, he can decrypt the communications.

The way that this symmetric key is generated is important. In a basic sense, combining a random number with some mathematical computation might generate the secret key. The computation will remain the same and should produce a secret key that cannot be easily deduced. Because an attacker will most likely know what the computation is because it is part of the software and public knowledge, he will be more interested in finding out what the randomly generated number is. If he can figure out what the random number is, he can simply run it through the same computation to get the secret key.


PREVIEW

                                                                          

Not a subscriber?

Start A Free Trial


  
  • Creative Edge
  • Create BookmarkCreate Bookmark
  • Create Note or TagCreate Note or Tag
  • PrintPrint