The algorithm and how SSL works

Tram Ho

1. What is SSL

SSL is more than just a security certificate. It also has a more technical definition. SSL is a protocol that enables the secure and secure transmission of information over the network.

The connection between a web browser to any point on the Internet goes through many independent systems. And there isn’t any protection against the information on the transmission line. No one, either the user or the Web server, has any control over the data path or can control whether someone is infiltrating information on the transmission line.

To protect confidential information on the Internet or any TCP / IP network. SSL incorporates the following elements to establish a secure transaction:

  • Authentication: ensure the authenticity of the page on which you’ll be working on the other end of the connection. Also, Web sites need to check the authenticity of the user.
  • Encryption: ensuring information cannot be accessed by third parties. To eliminate eavesdropping of “sensitive” information as it is transmitted over the Internet. The data must be encrypted so that it cannot be read by anyone other than the sender and receiver.
  • Data integrity: ensuring information is not misleading. Exactly show original information sent.
  • Using SSL, Web sites can provide information security. Authentication and data integrity to users. SSL is integrated into browsers and Web servers. Allows users to work with Web sites in safe mode.

2. SSL protocol

SSL was developed by Netscape. Today, the SSL protocol is widely used on the World Wide Web to authenticate and encrypt information between client and server. Internet Engineering Task Force (IETF) organization standardized SSL and renamed it TLS (Transport Layer Security). Despite a name change, TSL is just a new version of SSL. TSL version 1.0 is equivalent to SSL version 3.1. However, SSL is a more widely used term.

SSL is designed as a separate protocol for security, supporting a wide variety of applications. The SSL protocol works above TCP / IP and below higher layer application protocols such as HTTP, IMAP, and FTP.

SSL is not a single protocol but rather a set of standardized procedures that perform the following security tasks:

  • Server Authentication: Allows users to authenticate the server that wants to connect. At this point, the browser side uses public encryption techniques to ensure that the server’s certificate and public ID are valid and is issued by a CA (certificate authority) in the client’s list of trusted CAs. This is very important for the user. For example, when sending credit card numbers over the network, the user really wants to check whether the server that will receive this information is the server they intend to send to.
  • Client Authentication: Allows the server side to authenticate the user wanting to connect. The server side also uses public encryption techniques to check if the server’s certificate and public ID are valid and are issued by a CA in the server’s list of trusted CAs. This is very important for the providers. For example, when a bank intends to send customers confidential financial information, it is very tempting to check the identity of the recipient.
  • Connection encryption: All information exchanged between the client and the server is encrypted over the transmission line to improve security. This is very important for both parties when the transactions are private. In addition, all data sent on an encrypted SSL connection is also protected by automatic tamper-detection, changes in data. (that is the hash algorithm).

The SSL protocol consists of 2 sub-protocols:

  • SSL record protocol: defines the format used to transmit data
  • SSL handshake protocol (called the handshake protocol): uses the SSL record protocol to exchange some information between the server and the client to first establish an SSL connection.

3. The algorithms used in SSL

The SSL encryption and authentication algorithms used include:

  • DES (Data Encryption Standard) is an encryption algorithm with a key length of 56 bits.
  • 3-DES (Triple-DES): is an encryption algorithm whose key length is 3 times the key length in DES encryption.
  • DSA (Digital Signature Algorithm): is part of the digital authentication standard used by the US government.
  • KEA (Key Exchange Algorithm) is a key exchange algorithm currently used by the US government.
  • MD5 (Message Digest algorithm) was developed by Rivest.
  • RSA: public encryption algorithm for both authentication and data encryption developed by Rivest, Shamir, and Adleman.
  • RSA key exchange: is key exchange algorithm used in SSL based on RSA algorithm.
  • RC2 and RC4: encryption algorithms developed by Rivest for RSA Data Security.
  • SHA-1 (Secure Hash Algorithm): is a hashing algorithm used by the US government.

When a client and server exchange information during a handshake. They will identify the strongest possible encryption and use them during the SSL session.

Conclude

SSL Certificate Security has become and is becoming a global technology security standard. Even Google is coming up to show only sites that have SSL certificates. Therefore, understanding SSL will help you have more knowledge to build and operate your Web site. Good luck.

Share the news now

Source : Viblo