Circuits, Communications and Systems, Pacific-Asia Conference on (2009)
May 16, 2009 to May 17, 2009
SSL is a cryptographic protocol that is widely used in secure applications based on web browser, such as e-payment. The protocol is based on the principle of PKI and uses digital certificates to realize secure communication. However, the use of certificate in SSL does not obey the strict hierarchy CAs, which causes some secure defects in SSL. Besides, session key of SSL is limited by the exportation of USA, and its valid length is only 40 bits, and the length is vulnerable to exhaustive attack. A scheme proposed to improve security of SSL by modifying hand-shake protocol. Analyzing the scheme shows that it not only can remedy the secure defects of SSL, but also can add the valid length of session key in SSL.
SSL, Session key, Exhaustive attack
L. Ruixia and Z. Huawei, "A Scheme to Improve Security of SSL," 2009 Pacific-Asia Conference on Circuits, Communications and Systems (PACCS 2009)(PACCS), Chengdu, 2009, pp. 401-404.