Introduction to Secure Socket Layer ( SSL) Connection Setup
SSL (Secure Sockets Layer) is a standard security technology
for determining an encrypted link between a server and a client. It is typically
a web server which can be a website and a browser or a mail server and a mail
client.
In other words, if i can define SSL which I said stands for
"Secure Sockets Layer." SSL is a secure protocol developed for transfer
data securely over the Internet. Many websites use SSL for protected areas of
their sites, such as user account pages and online checkout. Usually, when you
are asked to "log in" on a website, the subsequent page is secured by
SSL.
SSL allows penetrating evidence such as credit card numbers,
social security numbers, and login authorizations to be communicated securely.
Normally, data sent between browsers and web servers is directed in plain text
and leaving you exposed to eaves discharging. If an invader is able to interrupt
all data being sent between a browser and a web server, they can see and use
that evidence.
Fig 1.1- SSL-Secure Socket Layer
|
While SSL is most usually seen on the Web (HTTP), it is also
used to secure other Internet protocols, such as SMTP for distribution e-mail
and NNTP for newsgroups. Early implementations of SSL were limited to 40-bit
encryption, but now most SSL secure protocols use 128-bit encryption or higher.
SSL encrypts the data being transmitted so that a third
party cannot "eavesdrop" on the transmission and view the data being
transmitted. Only the user's computer and the secure server are able to acknowledge
the data.
Secure Socket Layer (SSL) sits on top of TCP layer, below
the application layer and acts like sockets associated by TCP connections. It
is used to secure TCP-based applications, not UDP or directly over IP. The most
common application used for SSL to secure communications is HTTP over SSL, or
HTTPS. Others include SMTP/ IMAP over SSL.
SSL keeps your name, address, and credit card communication
between you and merchant to which you are offering it. Without this kind of
encryption, online shopping would be far too apprehensive to be practical. When
you visit a Web address starting with "https," the "s"
after the "http" indicates the website is secure. These websites
often use SSL certificates to verify their authenticity.
More specifically, SSL is a security protocol. Protocols
describe how algorithms should be used; in this case, the SSL protocol limits
variables of the encryption for both the link and the data being communicated
Below is the diagram showing the connection between the SSL Server and SSL client. It will help you to understand more on the various phases of the connection between Server and the client.
Fig 1.2- SSL Server and Client Connection
|
An SSL connection is established in two main phases- the
Handshake phase and the Secure data allocation phase. The handshake phase exchanges
cryptographic algorithms, authenticates the server, and launches keys for data
encryption and Message Authentication Code (MAC). The secure data transfer
phase sends encrypted data over traditional SSL connection.
The Client originates a session by transfer a
Client Hello message to the Server. This Hello message contains:
- Version: The Client sends the version number that it supports. For example, for SSLv3, the version number is 3.0. For TLS, the version number is 3.1.
- Random: This is a Client generated random structure. It contains the Client's date and time, and a 26-byte pseudorandom number.
- Session ID (if any): This is included if the Client wants to resume a previous session. If the Session ID Length is 0, it indicates a new session.
- Cipher Suite: This is the list of cipher suites that are supported by the Client. An example of a cipher suite is TLS_RSA_WITH_DES_CBC_SHA, where TLS is the protocol version, RSA is the algorithm that will be used for key exchange, DES_CBC is the encryption algorithm and SHA is the hash function.
- Compression Methods: Currently, no compression methods are supported.
The Server directs back the
highest protocol version that is maintained by the Client and the Server. This
version will be used through the connection. The Server rejoins with its own
Hello message. This Hello message contains:
- Version: The Server sends the highest version number supported by both Client and Server.
- Random: The Server also generates its own random value. It also contains its own date and time.
- Session ID: If the Client sends an empty session ID to initiate a new session, the server generates a new session ID. If the Client sends a non-zero session ID to resume a previous session, the uses the same session ID that is sent by the Client. If the Server cannot or will not resume a previous session, it generates a new session ID.
- Cipher Suite: This is the single cipher suite selected by the Server out of the cipher suites proposed by the Client.
- Compression Method: Currently, no compression methods are supported.