Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

C++ Winsock with SSL

Posted on 2004-03-26
8
Medium Priority
?
1,541 Views
Last Modified: 2010-08-05
I am trying to design and implement a very efficient secure winsock server.  I have the design almost finish except for the fact that it is not secure.  I need to add SSL to my server and I have no clue how to do this.  

My guess is that I would use OpenSSL.  Can anyone help me do this?  How hard will implemented SSL be?  Is there any documentation out there showing examples how to use OpenSSL?

I need a lot of help with this.  Please help me.

Thanks
0
Comment
Question by:leobaz2
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
8 Comments
 
LVL 44

Accepted Solution

by:
Karl Heinz Kremer earned 336 total points
ID: 10694099
Look at the OpenSSL documentation page at http://www.openssl.org/docs/
You will find documents about how to use both the command line tools, but also the library.
0
 
LVL 22

Assisted Solution

by:grg99
grg99 earned 332 total points
ID: 10694706
First, ponder a few things:

(1) "Really efficient" and "SSL" are mostly contradictory.  Encryption with DES is quite slow; setting up a SSL connection takes a fair amount of time; checking for valid certificates can take quite a while.    Think really hard, do you need speed more than you need absolute security?  Would a lower level of security be good enough?

(2)  Looking at the OpenSSL exploits list is very disconcerting.  Can you really trust a system that has had so many holes over time?  Back when I was using SSL a lot I'd have to check for security updates every week, as there often was a patch a week for a while.


 
0
 

Author Comment

by:leobaz2
ID: 10694829
Well, I am trying to implement an online poker room similar to party poker and ultimate bet.  The server needs to be very efficient since I might be dealing with 35,000 people sending requests at the same time.

However, I also need security from client to server.  It looks like Party Poker and Paradise Poker are both secured by thawte (www.thawte.com) which I think uses OpenSSL.  I know that on Party Poker is says it uses SSLv3/TLSv1 encryption algorithm for message between client and server.  It also has an OpenSSL icon right next to the thawte icon. http://www.paradisepoker.com/security.html

Setting up an online poker room must have its server's outside the USA.  Therefore, from what I read, there are certain algorithms that I cannot use for my security.

What are the other SSL implementations out there that I can you?
0
 
LVL 4

Assisted Solution

by:booki
booki earned 332 total points
ID: 10695164
leobaz2,

An article with source:
http://www.jetbyte.com/portfolio-showarticle.asp?articleId=48&catId=1&subcatId=2

Another tutorial/example:
http://www.rtfm.com/openssl-examples/

A SSL/TLS protocol analyzer:
http://www.rtfm.com/ssldump/

A book w/"Extremely detailed coverage of SSL/TLS":
SSL and TLS: Designing and Building Secure Systems, Addison-Wesley, 2001 ISBN 0-201-61598-3

b.

0
 
LVL 49

Expert Comment

by:DanRollins
ID: 10711806
One note:  On your Poker server, be careful with how you choose your random number seed (inside joke:)
-- Dan
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The online market is growing at an unprecedented rate and retail eCommerce sales are expected to reach $4 trillion by 2020. Yet, the profit is not just there for the taking because you have to set yourself apart from the competition.
WooCommerce is becoming the most powerful e-commerce plugin for Wordpress. And why not. The platform comprises of numerous core plugins that may come in handy, powerful options to make your website development task much easier.
The goal of the video will be to teach the user the difference and consequence of passing data by value vs passing data by reference in C++. An example of passing data by value as well as an example of passing data by reference will be be given. Bot…
The viewer will learn additional member functions of the vector class. Specifically, the capacity and swap member functions will be introduced.

636 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question