All About Ssl

By: Clyde Lee Dennis

An SSL, or Secure Socket Layer, is technology that has been developed that allows web browsers and web servers to communicate over a secured connection.

The system uses cryptography that uses two keys to encrypt data ? a public key known to everyone and a private or secret key known only to the recipient of the message. It's a way to encrypt data, like credit cards numbers (as well other personally identifiable information), which prevents the "bad guys" from stealing your information for malicious intent.

The recently introduced SSL v3 improved upon SSL v2 by adding SHA-1 based ciphers, and support for certificate authentication. SSL v2 was known to be flawed in a variety of ways. Identical cryptographic keys are used for message authentication and encryption. The older version did not have any protection for the handshake, meaning a Man-in-the-middle downgrade attack could go undetected.

SSL has recently been succeeded by Transport Layer Security (TLS), which is based on SSL and is included as part of both the Microsoft and Netscape browsers and most Web server products. SSL uses the public-and-private key encryption system from RSA, which also includes the use of a digital certificate.

SSL-enabled client software can use standard techniques of public-key cryptography to check that a server's certificate and public ID are valid and have been issued by a certificate authority (CA) listed in the client's list of trusted CAs. Client authentication allows a server to confirm a user's identity. It's a way to assure a client that they are dealing with the real server they intended to connect to. It can prevent any unauthorized clients from connecting to the server, preventing anyone from meddling with data going to or coming from the server.

From the very beginning SSL was designed to provide security between client and server, and to avoid any kind of 3-way man-in-the-middle attack.

Conceptually it's quite simple: it negotiates the cryptography algorithms and keys between two sides of a communication, and establishes an encrypted tunnel through which other protocols (like HTTP) can be transported. It can also be easily passed through firewalls and proxies, as well as through NAT (Network Address Translation) without issues.

Technology
 • 
 • 
 • 
 • 
 • 
 • 
 • 
 • 
 • 
 • 
 • 
 • 
 • 
 • 
 • 
 • 
 • 
 • 
 • 
 • 

» More on Technology