Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

C++ Winsock with SSL

Posted on 2004-03-26
8
1,335 Views
Last Modified: 2010-08-05
I am trying to design and implement a very efficient secure winsock server.  I have the design almost finish except for the fact that it is not secure.  I need to add SSL to my server and I have no clue how to do this.  

My guess is that I would use OpenSSL.  Can anyone help me do this?  How hard will implemented SSL be?  Is there any documentation out there showing examples how to use OpenSSL?

I need a lot of help with this.  Please help me.

Thanks
0
Comment
Question by:leobaz2
8 Comments
 
LVL 44

Accepted Solution

by:
Karl Heinz Kremer earned 84 total points
ID: 10694099
Look at the OpenSSL documentation page at http://www.openssl.org/docs/
You will find documents about how to use both the command line tools, but also the library.
0
 
LVL 22

Assisted Solution

by:grg99
grg99 earned 83 total points
ID: 10694706
First, ponder a few things:

(1) "Really efficient" and "SSL" are mostly contradictory.  Encryption with DES is quite slow; setting up a SSL connection takes a fair amount of time; checking for valid certificates can take quite a while.    Think really hard, do you need speed more than you need absolute security?  Would a lower level of security be good enough?

(2)  Looking at the OpenSSL exploits list is very disconcerting.  Can you really trust a system that has had so many holes over time?  Back when I was using SSL a lot I'd have to check for security updates every week, as there often was a patch a week for a while.


 
0
 

Author Comment

by:leobaz2
ID: 10694829
Well, I am trying to implement an online poker room similar to party poker and ultimate bet.  The server needs to be very efficient since I might be dealing with 35,000 people sending requests at the same time.

However, I also need security from client to server.  It looks like Party Poker and Paradise Poker are both secured by thawte (www.thawte.com) which I think uses OpenSSL.  I know that on Party Poker is says it uses SSLv3/TLSv1 encryption algorithm for message between client and server.  It also has an OpenSSL icon right next to the thawte icon. http://www.paradisepoker.com/security.html

Setting up an online poker room must have its server's outside the USA.  Therefore, from what I read, there are certain algorithms that I cannot use for my security.

What are the other SSL implementations out there that I can you?
0
 
LVL 4

Assisted Solution

by:booki
booki earned 83 total points
ID: 10695164
leobaz2,

An article with source:
http://www.jetbyte.com/portfolio-showarticle.asp?articleId=48&catId=1&subcatId=2

Another tutorial/example:
http://www.rtfm.com/openssl-examples/

A SSL/TLS protocol analyzer:
http://www.rtfm.com/ssldump/

A book w/"Extremely detailed coverage of SSL/TLS":
SSL and TLS: Designing and Building Secure Systems, Addison-Wesley, 2001 ISBN 0-201-61598-3

b.

0
 
LVL 49

Expert Comment

by:DanRollins
ID: 10711806
One note:  On your Poker server, be careful with how you choose your random number seed (inside joke:)
-- Dan
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Read about how to choose the best possible content marketing agency to suit your needs. Content marketing has become an integral part of running a successful tech business, so it is wise to be informed.
Container Orchestration platforms empower organizations to scale their apps at an exceptional rate. This is the reason numerous innovation-driven companies are moving apps to an appropriated datacenter wide platform that empowers them to scale at a …
The viewer will learn how to use the return statement in functions in C++. The video will also teach the user how to pass data to a function and have the function return data back for further processing.
This video explains how to create simple products associated to Magento configurable product and offers fast way of their generation with Store Manager for Magento tool.

792 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question