| SSL中间人攻击原理与防范 |
| |
| 引用本文: | 贾静,薛质.SSL中间人攻击原理与防范[J].信息安全与通信保密,2007(4):103-105. |
| |
| 作者姓名: | 贾静 薛质 |
| |
| 作者单位: | 上海交通大学信息安全工程学院,上海,200240 |
| |
| 摘 要: | 安全套接层SSL协议是实现网络通信安全的关键技术之一,对信息传输起到了加密和认证的作用,但并非毫无漏洞。论文先介绍了SSL协议和中间人攻击的原理,然后重点分析SSL协议在握手阶段基于X.509数字证书的信任协商不足问题,再结合ARP重定向欺骗,具体分析了SSL中间人攻击的实现原理和过程,最后给出一些防范SSL中间人攻击的建议。
|
| 关 键 词: | SSL协议 中间人攻击 ARP欺骗 数字证书 |
| 文章编号: | 1009-8054(2007)04-0103-03 |
| 修稿时间: | 2006年9月20日 |
The Principle and Prevention of SSL Man-in-the-middle Attack |
| |
| JIA Jing,XUE Zhi.The Principle and Prevention of SSL Man-in-the-middle Attack[J].China Information Security,2007(4):103-105. |
| |
| Authors: | JIA Jing XUE Zhi |
| |
| Abstract: | SSL protocol has been one of the key technologies for realizing secure communication in internet, it plays a has the function in encrypting and authenticating information transmission, however SSL may not be a flawless protocol. The paper first introduces SSL protocol and man-in-the-middle attack, then analyses the problem of distrust in the handshake of SSL protocol, discusses the restriction of trust negotiation based on X.509 digital certificate, and makes a concrete analysis of the principle of ssl man-in-the-middle attack based on arp redirection. Finally, the paper gives some suggestions on how to prevent the attack. |
| |
| Keywords: | SSL protocol Man-in-the-middle attack ARP redirection Digital certificate |
| 本文献已被 CNKI 万方数据 等数据库收录! |
|
