?
Solved

C++ Winsock with SSL

Posted on 2004-03-26
8
Medium Priority
?
1,491 Views
Last Modified: 2010-08-05
I am trying to design and implement a very efficient secure winsock server.  I have the design almost finish except for the fact that it is not secure.  I need to add SSL to my server and I have no clue how to do this.  

My guess is that I would use OpenSSL.  Can anyone help me do this?  How hard will implemented SSL be?  Is there any documentation out there showing examples how to use OpenSSL?

I need a lot of help with this.  Please help me.

Thanks
0
Comment
Question by:leobaz2
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
8 Comments
 
LVL 44

Accepted Solution

by:
Karl Heinz Kremer earned 336 total points
ID: 10694099
Look at the OpenSSL documentation page at http://www.openssl.org/docs/
You will find documents about how to use both the command line tools, but also the library.
0
 
LVL 22

Assisted Solution

by:grg99
grg99 earned 332 total points
ID: 10694706
First, ponder a few things:

(1) "Really efficient" and "SSL" are mostly contradictory.  Encryption with DES is quite slow; setting up a SSL connection takes a fair amount of time; checking for valid certificates can take quite a while.    Think really hard, do you need speed more than you need absolute security?  Would a lower level of security be good enough?

(2)  Looking at the OpenSSL exploits list is very disconcerting.  Can you really trust a system that has had so many holes over time?  Back when I was using SSL a lot I'd have to check for security updates every week, as there often was a patch a week for a while.


 
0
 

Author Comment

by:leobaz2
ID: 10694829
Well, I am trying to implement an online poker room similar to party poker and ultimate bet.  The server needs to be very efficient since I might be dealing with 35,000 people sending requests at the same time.

However, I also need security from client to server.  It looks like Party Poker and Paradise Poker are both secured by thawte (www.thawte.com) which I think uses OpenSSL.  I know that on Party Poker is says it uses SSLv3/TLSv1 encryption algorithm for message between client and server.  It also has an OpenSSL icon right next to the thawte icon. http://www.paradisepoker.com/security.html

Setting up an online poker room must have its server's outside the USA.  Therefore, from what I read, there are certain algorithms that I cannot use for my security.

What are the other SSL implementations out there that I can you?
0
 
LVL 4

Assisted Solution

by:booki
booki earned 332 total points
ID: 10695164
leobaz2,

An article with source:
http://www.jetbyte.com/portfolio-showarticle.asp?articleId=48&catId=1&subcatId=2

Another tutorial/example:
http://www.rtfm.com/openssl-examples/

A SSL/TLS protocol analyzer:
http://www.rtfm.com/ssldump/

A book w/"Extremely detailed coverage of SSL/TLS":
SSL and TLS: Designing and Building Secure Systems, Addison-Wesley, 2001 ISBN 0-201-61598-3

b.

0
 
LVL 49

Expert Comment

by:DanRollins
ID: 10711806
One note:  On your Poker server, be careful with how you choose your random number seed (inside joke:)
-- Dan
0

Featured Post

Get 15 Days FREE Full-Featured Trial

Benefit from a mission critical IT monitoring with Monitis Premium or get it FREE for your entry level monitoring needs.
-Over 200,000 users
-More than 300,000 websites monitored
-Used in 197 countries
-Recommended by 98% of users

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Article by: SunnyDark
This article's goal is to present you with an easy to use XML wrapper for C++ and also present some interesting techniques that you might use with MS C++. The reason I built this class is to ease the pain of using XML files with C++, since there is…
E-commerce is quite a gambling world, and you should never entrust your business to a lucky chance. In order to outrun your competitors in a race to attract as many customers as possible, you need to have a well thought-out strategy under your belt.…
The goal of the tutorial is to teach the user how to use functions in C++. The video will cover how to define functions, how to call functions and how to create functions prototypes. Microsoft Visual C++ 2010 Express will be used as a text editor an…
The viewer will be introduced to the technique of using vectors in C++. The video will cover how to define a vector, store values in the vector and retrieve data from the values stored in the vector.
Suggested Courses

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question