KEMBAR78
Lecture 5 Secure Socket Layer (SSL) | PDF | Transport Layer Security | Public Key Cryptography
Scribd
Upload
15 views8 pages

Lecture 5 Secure Socket Layer (SSL)

Secure Socket Layer (SSL) is a security technology that establishes an encrypted link between a web server and a browser, requiring an SSL certificate for trust. The certificate contains the owner's public key, ID, issuer name, and a signature from the Certificate Authority, and is obtained through a Certificate Signing Request (CSR). SSL operates through an SSL handshake using public, private, and session keys to encrypt data transmitted between the browser and server.

Uploaded by

محمد التمش
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
15 views8 pages

Lecture 5 Secure Socket Layer (SSL)

Secure Socket Layer (SSL) is a security technology that establishes an encrypted link between a web server and a browser, requiring an SSL certificate for trust. The certificate contains the owner's public key, ID, issuer name, and a signature from the Certificate Authority, and is obtained through a Certificate Signing Request (CSR). SSL operates through an SSL handshake using public, private, and session keys to encrypt data transmitted between the browser and server.

Uploaded by

محمد التمش
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
You are on page 1/ 8

Secure Socket Layer

(SSL)
SSL
• An industry standard security technology for establishing
an encrypted link between a web server and a browser

• A certificate is required to established a trust. Web server


requires an SSL certificate to create secure connection
SSL Certificate
 Contains a public key of the owner
 Certificate owner ID
 Name of the issuer
 Signature of the Certificate Authority
How to get the digital SSL Certificate

 To get a certificate, you must


create a Certificate Signing Request (CSR) on your server
 This process creates a private key and public key on your
server
 The CSR file that you send to CA only contains public key
 CA checks the identity of the sender, puts a stamp (digital
signature) on the certificate and send it back to the owner
 Once you get the certificate, you have to install it on the
server
How SSL certificate works

 When a browser attempts to access a website that is


secured by SSL, the browser and the web server establish
an SSL connection using a process called an “SSL
Handshake”

 three keys are used to set up the SSL connection: the


public, private, and session keys

 Public key algorithm is only used during SSL handshake to


create symmetric key. All transmitted data is encrypted
using symmetric session key
 Browser connects to a web server (website) secured with SSL (https).
Browser requests that the server identify itself
 Server sends a copy of its SSL Certificate, including the server’s public key
 Browser checks the certificate root against a list of trusted CAs and that
the certificate is unexpired, unrevoked, and that its common name is valid
for the website that it is connecting to. If the browser trusts the certificate,
it creates, encrypts, and sends back a symmetric session key using the
server’s public key
 Server decrypts the symmetric session key using its private key and sends
back an acknowledgement encrypted with the session key to start the
encrypted session
 Server and Browser now encrypt all transmitted data with the session key
SSL vs TLS

 TLS (Transport Layer Security) is the newer version of SSL

 SSL 2.0 and SSL 3.0 were released

 SSL 4.0 is referred to as TLS


Private/Public Key Mechanism
◦ Example: PGP (Pretty Good Privacy)

6. verify the
1. signed with the 5. decrypted with the signature using
sender’s private key session key the sender’s
public key
2. encrypted with
the session key

3. encrypted with the


recipient’s public key 4. decrypted with the
recipient’s private key

Confidentiality, Integrity
CN8816: Network Security and Authentication 8

You might also like