3222

3140

كارشناسي ارشد

﴿ مخابرات ﴾

اصفهان : دانشگاه صنعتي اصفهان ، دانشكده برق و كامپيوتر

1385

يازده ، 110 ،[II] ، ص : مصور ، جدول ، نمودار

ص . ع : به فارسي و انگليسي

مهدي برنجكوب

محمد دخيل عليان

مهندسي برق و كامپيوتر

ID3140

به فارسي و انگليسي : قابل رويت در نسخه ديجيتالي

Abstract The recent explosive growth of the Internet and the World Wild Web has brought aneed to securely protect sensitive communication over the open network Making sure thatcommunications remain secure between clients and Web servers is a critical issue SecureSocket Layer SSL is a separate layer that is added to Internet s protocol architecture justfor security between the application layer and TCP layer Upon today multiple versions ofSSL and its capabilities have been published and its different implementations have beenmade Analysis of SSL based sessions is an important problem that attracted muchattention of cryptanalysts Different attacks are proposed against this protocol in some ofthem the specifications of protocol and in the others application conditions have resultedin vulnerability Main attacks that SSL designers have not considered are Denial ofService attack and Traffic Analysis attack Implementers or users who concerned withthese attacks should use other protections beside SSL In this thesis SSL protocol alongwith its specifications in different versions is explained and the security of SSL basedsessions is analyzed This analysis consists of all the reported attacks At the end of thesis several suggestions are made for improving SSL protocol such as a 3 stage handshake thatreduces the number of round trips and results in fast negotiation Also some counter attacks are proposed against some attacks that are preferred to existing methods in SSL

مهدي برنجكوب

محمد دخيل عليان