Welcome!

AJAX & REA Authors: Lee Novak, Brad Abrams, Alin Irimie, Jonny Defh, RealWire News Distribution

Related Topics: AJAX & REA

AJAX & REA: Article

AJAX Secure Service Layer - aSSL Version 1.2beta3 Release

aSSL's Sullo to Port the New aSSL Version to PHP and Other Languages in the Coming Weeks
By RIA News Desk
Article Rating:
January 10, 2007 08:00 AM EST
Reads:
 5,941
(SYS-CON Media) Francesco Sullo (pictured) has released aSSL version 1.2beta3 with a Javascript/ASP server-side component. aSSL is a library distributed under MIT License thats implements a technology similar to SSL without HTTPS.

aSSL enables the client to negotiate a secret random 128-bit key with the server using the RSA algorithm. Once the connection has been established, the data will be sent and received using AES algorithm.

Making the announcement on the aSSL website, Sullo said that in the coming weeks he would be working on porting this new aSSL version to PHP and other languages.

The aSSL 1.2 technology is changed respect to the previous 1.1 one.
How aSSL 1.2 works:
• The browser calls the server to start the process.
• The server returns its RSA modulus (e.g. the public key) and the public exponent (3 or 10001).
• The browser generates a random exchange 128-bit key, encrypts it using the server public key and passes the encrypted exchange key to the server.
• The server receives this encrypted 128-bit exchange key, decrypts it with its private key and, if the result is ok, returns the session duration time.
• The browser receives the session duration time and sets a timeout to maintain alive the connection.
• All subsequent client-server exchanges via aSSL are encrypted and decrypted using the AES Rijndael algorithm.


aSSL 1.2 uses Tom Wu's BigIntegers and RSA in JavaScript to negotiate the secret 128-bit key and Chriss Veness's AES Javascript implementation for the next exchanges.

Published January 10, 2007 – Reads 5,941
Copyright © 2007 SYS-CON Media, Inc. — All Rights Reserved.
Syndicated stories and blog feeds, all rights reserved by the author.

More Stories By RIA News Desk

Ever since Google popularized a smarter, more responsive and interactive Web experience by using AJAX (Asynchronous JavaScript + XML) for its Google Maps & Gmail applications, SYS-CON's RIA News Desk has been covering every aspect of Rich Internet Applications and those creating and deploying them. If you have breaking RIA news, please send it to RIA@sys-con.com to share your product and company news coverage with AJAXWorld readers.

Comments (2) View Comments

Share your thoughts on this story.

Add your comment
You must be signed in to add a comment. Sign-in | Register

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.

Most Recent Comments
ajax news desk 01/10/07 01:55:22 AM EST

Francesco Sullo has released aSSL version 1.2beta3 with a Javascript/ASP server-side component. aSSL is a library distributed under MIT License thats implements a technology similar to SSL without HTTPS. aSSL enables the client to negotiate a secret random 128-bit key with the server using the RSA algorithm.
ajax news desk 01/10/07 01:55:03 AM EST

Francesco Sullo has released aSSL version 1.2beta3 with a Javascript/ASP server-side component. aSSL is a library distributed under MIT License thats implements a technology similar to SSL without HTTPS. aSSL enables the client to negotiate a secret random 128-bit key with the server using the RSA algorithm.