Solved

POCO C++ Encryption SSL

Posted on 2011-02-17
3
2,309 Views
Last Modified: 2012-06-27
I am implementing an application that is expected to send/receive user authentication info to a remote server. Planning to use POCO library for encryption. I am very new to this kind of C++ application. I see POCO Library (C++ library by Applied Informatics) provides cryptographic hash functions including MD2, MD3, MD5. Also, POCO provides NetSSL for secured communications. I am trying to figure if I can secure the communication of usernames and passwords simply by using the cryptographic hash functions in a static library or simply by using secured sockets or by using both. What are the pros and cons of each method? What are the generic requirements for each method (digital certification server, etc). Assume little to zero exposure to Socket Programming or Encryption.
0
Comment
Question by:Mydeen Yussouf
3 Comments
 
LVL 86

Assisted Solution

by:jkr
jkr earned 50 total points
ID: 34919883
I'd rather like to point you to boost's SSL support, as it's quite straightfoward and will save you a lot of both your time and scalp hair:

http://www.boost.org/doc/libs/1_36_0/doc/html/boost_asio/overview/ssl.html
http://www.boost.org/doc/libs/1_40_0/doc/html/boost_asio/example/ssl/client.cpp
http://www.boost.org/doc/libs/1_40_0/doc/html/boost_asio/example/ssl/server.cpp

The remaining headache will come from the SSL certificate thing, yet that's nicely described at http://devsec.org/info/ssl-cert.html ("Simple SSL cert HOWTO")
0
 
LVL 1

Author Comment

by:Mydeen Yussouf
ID: 34920531
Sorry I have to use POCO...
0
 
LVL 12

Accepted Solution

by:
trinitrotoluene earned 450 total points
ID: 34924111
Well its usually a combination of both. A secure communication channel is established for encrypted communication.

If you want to make a start then what better place than

http://en.wikipedia.org/wiki/Secure_Sockets_Layer
http://en.wikipedia.org/wiki/Encryption

Also look around in Experts Exchange
http://www.experts-exchange.com/Security/Encryption/
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you thought ransomware was bad, think again! Doxware has the potential to be even more damaging.
This paper addresses the security of Sennheiser DECT Contact Center and Office (CC&O) headsets. It describes the DECT security chain comprised of “Pairing”, “Per Call Authentication” and “Encryption”, which are all part of the standard DECT protocol.
The viewer will learn how to user default arguments when defining functions. This method of defining functions will be contrasted with the non-default-argument of defining functions.
The viewer will learn how to clear a vector as well as how to detect empty vectors in C++.

679 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question