Scribd Logo
Upload

Welcome to Scribd!

  • An Introduction To Secure Sockets Layer (SSL)

    Uploaded by

    LAIBA
    22 views7 pages
    ssl certificate ddescription

    Original Title

    SSL Certificate

    Copyright

    © © All Rights Reserved

    Available Formats

    PPT, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    ssl certificate ddescription

    Copyright:

    © All Rights Reserved
    Download as PPT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    22 views7 pages

    An Introduction To Secure Sockets Layer (SSL)

    Uploaded by

    LAIBA
    ssl certificate ddescription

    Copyright:

    © All Rights Reserved
    Download as PPT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 7

    An Introduction to Secure

    Sockets Layer (SSL)


    SSL – Design Goals
    • Secure transmission between client and server at
    the lowest level – socket level
    – Protocol sits on top of TCP
    • Peer Authentication
    – Server is automatically authenticated, client is
    optionally
    – Allows both machines to establish an encrypted
    connection.
    Cont..
    • SSL includes two sub-protocols: the SSL
    Record Protocol and the SSL Handshake
    Protocol.
    • Record Protocol -- defines the format used to
    transmit data.
    • Handshake Protocol -- using the Record
    protocol to exchange messages b/t an SSL-
    enable server and an SSL-enable client.
    How does SSL Work?
    • How a client and a server create a secure
    connection?
    • The SSL protocol uses RSA public key
    cryptography for Internet Security.
    • Public key encryption uses a pair of
    asymmetric keys for encryption and
    decryption.
    Cont..
    • Each pair of keys consists of a public key
    and a private key. The public key is made
    public by distributing it widely; the private
    key is always kept secret.
    • Data encrypted with the public key can be
    decrypted only with the private key, and
    vice versa.
    Handshaking Protocol
    Client send hello message including
    a random message and its protocol
    version, session ID, cipher suite, and client Server replies with a hello message with its
    compression method
    own protocols, random message, its certificate
    server
    and requests for client certificate if necessary

    Client authenticates server, then


    creates a pre-master secret for the
    session and encrypts the message client
    with the servers public key (may Server authenticates the client if necessary,
    send its certificate also) server and uses its private key to decode the message
    and the pre-master secret, then creates a master
    secret key for the session and tells the client
    Client decodes the master key and that it will use the master key for the session
    tells the server that it will use the
    key to encode the session also. client

    server Handshake is done


    Certificate

    Subject Distinguished Name, Public Key

    Issuer Distinguished Name, Signature

    Period of Validity Not Before Date, Not After Date


    Administrative Info Version, Serial Number

    Extended Info

    You might also like