Research and Implementation of Three HTTPS Attacks
With the rapid development of network applications, the issues of Network transmission security become very important. Therefore, SSL protocol is more and more widely used in a variety of network services. But the SSL protocol itself is not perfect, in practice, there are also problems. For the deficiencies of endpoint authentication in the SSL handshake process, the paper analyzes two kinds of defects existing in the SSL hand-shake process. Firstly, handshake process, in the first stage of the SSL connection, using plaintexts, existing the possibility of being monitored and tampered. Secondly, SSL deployment of the actual application.