Cipher Suite Setting Problem of SSL Protocol and it's Solutions

As the use of Internet is being generalized, the security problems about data transfer are rearing up as the important issue. There are many security protocols to solve the problems and the SSL (secure socket layer) protocol is the most widely used one among them. While the SSL protocol is designed...

Full description

Saved in:
Bibliographic Details
Main Authors: Yoonyoung Lee, Soonhaeng Hur, Dongho Won, Seungjoo Kim
Format: Conference Proceeding
Language:English
Subjects:
Access protocols
Application software
Cipher Suite
Cryptography
Data security
Forgery
Information security
Internet
IP networks
Secure Socket Layer
Security
Sockets
SSL
TCPIP
Online Access:Request full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:As the use of Internet is being generalized, the security problems about data transfer are rearing up as the important issue. There are many security protocols to solve the problems and the SSL (secure socket layer) protocol is the most widely used one among them. While the SSL protocol is designed to defend the client from active attacks such as message forgery and message alteration, the cipher suite setting can be easily modified. If the attacker draws on a malfunction of the client system and modifies the software's cipher suite setting to the symmetric key algorithm which has short key length, he can eavesdrop and cryptanalyze the encrypted data. In this paper, we examine the web sites whether they generate the security session through the symmetric key algorithm which has short key length and propose the solution of the cipher suite setting problem.
DOI:10.1109/WAINA.2009.76