Abstract:SSL protocol has been one of the key technologies for realizing secure communication in internet, it plays a has the function in encrypting and authenticating information transmission, however SSL may not be a flawless protocol. The paper first introduces SSL protocol and man-in-the-middle attack, then analyses the problem of distrust in the handshake of SSL protocol, discusses the restriction of trust negotiation based on X.509 digital certificate, and makes a concrete analysis of the principle of ssl man-in-the-middle attack based on arp redirection. Finally, the paper gives some suggestions on how to prevent the attack.

The Principle and Prevention of SSL Man-in-the-middle Attack