Flux rss

Cryptography - Secure Sockets Layers (SSL)

Introduction to SSL

SSL (Secure Sockets Layers) is a process that manages the security of transactions made on the Internet. The SSL standard was developed by Netscape, together with Mastercard, Bank of America, MCI and Silicon Graphics. It is based on a public-key encryption process to guarantee that data sent over the Internet remain secure. Its principle involves establishing a secure (encrypted) communication channel between two machines (a client and a server) after an authentication phase.

The SSL system is independent of the protocol used, which means it can secure transactions made on the Web via the HTTP protocol as well as connections via the FTP, POP and IMAP protocols. SSL acts as an additional layer, making it possible to guarantee secure data, that is located between the application layer and the transport layer (TCP protocol for example).

As such, SSL is transparent for the user (this means the user may not know he is using SSL). For example, a user using an Internet browser to connect to an e-commerce website protected by SSL will send encrypted data without having to perform any special operation.
Almost all browsers now support the SSL protocol. Netscape Navigator, for example, displays a locked padlock to indicate a connection to an SSL secure website and an open padlock in the opposite case, whereas Microsoft Internet Explorer displays a padlock only for a connecton to an SSL secure site.

in Internet Explorer in Mozilla
viewing an SSL secure connection in Internet Explorer viewing an SSL secure connection in Mozilla

An SSL secure web server has a URL that starts with https://, where the "s" of course means secure.

In mid-2001, the SSL patent that had until then belonged to Netscape was bought by the IETF (Internet Engineering Task Force) and was renamed TLS (Transport Layer Security).

How SSL 2.0 works

Transaction security with SSL 2.0 is based on an exchange of keys between a client and a server. An SSL secure transaction is made according to the following model:

  • Firstly, the client connects to the commercial site protected by SSL and asks it for authentication. The client also sends the list of cryptosystems it supports, sorted in descending order by key length.
  • The server receiving the request sends a certificate to the client, containing the server's public key signed by a certification authority (CA), as well as the name of the cryptosystem that is highest on the list it is compatible with (the length of the encryption key - 40 bits or 128 bits - will be that of the shared cryptosystem having the largest key size).

    SSL transaction

  • The client verifies the certificate's validity (and therefore the merchant's authenticity), then creates a random secret key (more precisely a supposedly random block), encrypts this key with the server's public key, and then sends the server result (the session key).
  • The server is capable of decrypting the session key with its private key. As such, the two entitites have a shared key that only they know. The remaining transactions can be made using the session key, guaranteeing the integrity and confidentiality of exchanged data.

SSL 3.0

SSL 3.0 aims to authenticate the server vis-à-vis the client and possibly the client vis-à-vis the server.

More information

This document entitled « Cryptography - Secure Sockets Layers (SSL) » from Kioskea (en.kioskea.net) is made available under the Creative Commons license. You can copy, modify copies of this page, under the conditions stipulated by the licence, as this note appears clearly.

Résultats pour Cryptography Secure Sockets Layers (SSL)

SSL What is secure socket laye SSLr? What is its main purpose and how does SSL are technologies are employed in securing TCP/IP implementations en.kioskea.net/forum/affich-13647-ssl
Cryptography - Secret-key systems Symmetric encryption (also called private-key encryption or secret-key encryption) involves using the same key for encryption and decryption. Encryption involves applying an operation (an algorithm) to the data to be encrypted using the private key... en.kioskea.net/crypto/cleprivee.php3
Cryptography - Secure HTTP (S-HTTP) S-HTTP (Secure HTTP) is a process that protects HTTP transactions and is based on an improvement to the HTTP protocol that was made in 1994 by EIT (Enterprise Integration Technologies). It makes it possible to establish a secure connection for e... en.kioskea.net/crypto/shttp.php3

Résultats pour Cryptography Secure Sockets Layers (SSL)

How to disable the security Center under windows XP?How to disable the security Center under windows XP? Intruduction Disable Alerts Turn off Windows Security Center Intruduction Windows security Center is a component that works under Windows XP service pack 2 for providing... en.kioskea.net/faq/sujet-617-how-to-disable-the-security-center-under-windows-xp
Securing your wireless networkSecuring your wireless network What is Wi-Fi? Ad-hoc mode Infrastructure mode connection Security and protection What is Wi-Fi? Wi-Fi regroups various IEEE802.11 standards and technologies, using radio waves to provide reliable... en.kioskea.net/faq/sujet-431-securing-your-wireless-network
How do I know if a website is secure?Some web sites use a secure connection between the web site and your browser. This may be important to you, for instance, if you want to pay online for a product or a service and have to enter credit card information or other personal... en.kioskea.net/faq/sujet-2-how-do-i-know-if-a-website-is-secure
1 2 3 Next

Résultats pour Cryptography Secure Sockets Layers (SSL)

Losing Internet connectionHello, I work in a company that has about 12 clients Windows XP, Mac OS 10.4 and Mac OS 10.5. When we try to connect to a Mac computer from another Mac cpu to Drop something in a drop box, the internet goes out. I then need to reset the wireless and... en.kioskea.net/forum/affich-30129-losing-internet-connection
Password Expiration n security ? (Solved)Hello, Don't complex rules and password expiration cause people to write down their passwords? Doesn't that defeat the security? en.kioskea.net/forum/affich-1553-password-expiration-n-security
Sharing n security plz?? (Solved)Hello, How do I enable Windows 2000-like file sharing and security in Windows XP workgroups? en.kioskea.net/forum/affich-1476-sharing-n-security-plz
1 2 3 Next

Résultats pour Cryptography Secure Sockets Layers (SSL)

Download LogMeIn Free LogMeIn Free is a program which allows to control a remote computer. It uses a reassured footbridge SSL to make easier the access to any computer. By using LogMeIn Free, which is therefore free, be benefit of: security multi-touches by protecting... en.kioskea.net/telecharger/telecharger-277-logmein-free
Download Zero Footprint CryptZero Footprint Crypt is a powerful program of encryption. In some minutes you will be capable of crypt and of hiding sensitive files; more need to care you of spies and eyes.The interface of the user is intuitive with an explorer allowing even to the... en.kioskea.net/telecharger/telecharger-507-zero-footprint-crypt
Download Secunia Personal Software InspectorThe Secunia PSI is the FREE security tool that is designed with the sole purpose of helping you secure your computer from software vulnerabilities. Software vulnerabilities affect all applications installed on your computer, from the Operating System... en.kioskea.net/telecharger/telecharger-81-secunia-personal-software-inspector
1 2 3 Next

Résultats pour Cryptography Secure Sockets Layers (SSL)

Swedish researchers find hole in 'flawless' encryption technologyA trader at the Philippine Stock Exchange in Manila's financial district in Makati monitors share prices on a computer. Quantum cryptography, a new technology until now considered 100 percent secure against attacks on sensitive data traffic, has... en.kioskea.net/actualites/swedish-researchers-find-hole-in-flawless-encryption-technology-10299-actualite.php3
BlackBerry vows to keep messages secret after India seeks codeA Research In Motion employee displays a BlackBerry at a product launch in Mumbai in 2007. The Canadian maker of BlackBerry, involved in a security scrap with India, has promised customers it will not allow New Delhi to read text messages sent on its... en.kioskea.net/actualites/blackberry-vows-to-keep-messages-secret-after-india-seeks-code-10406-actualite.php3
India says no security threat from BlackBerry: reportA woman sends text messages on her Blackberry phone. BlackBerry mobile devices do not pose a security threat and no permission is needed from the Indian government to make the service available, an official said Wednesday, according to media reports.... en.kioskea.net/actualites/india-says-no-security-threat-from-blackberry-report-10505-actualite.php3
1 2 3 Next

Résultats pour Cryptography Secure Sockets Layers (SSL)

Cryptography - Secure Shell (SSH protocol) The Internet makes it possible to carry out a wide variety of remote operations, and particularly server administration and file transfers. The Telnet protocol and the BSD r-commands (rsh, rlogin and rexec) that let users perform these remote tasks... en.kioskea.net/crypto/ssh.php3
Cryptography - The SET protocol SET (Secure Electronic Transaction) is a protocol that was developed by Visa and MasterCard and that uses the SSL standard. SET is based on the use of an electronic signature from the buyer and a transaction involving not only the buyer and the... en.kioskea.net/crypto/set.php3
Cryptography - Session keys Asymmetric algorithms (which come into play in public-key cryptosystems) make it possible to eliminate problems related to key sharing via a secure channel. However, they remain much less effective (in terms of calculation time) than symmetric... en.kioskea.net/crypto/cledesession.php3
1 2 3 Next