Introduction to Secure Socket Layer ( SSL) Connection Setup

SSL (Secure Sockets Layer) is a standard security technology for determining an encrypted link between a server and a client. It is typically a web server which can be a website and a browser or a mail server and a mail client.

In other words, if i can define SSL which I said stands for "Secure Sockets Layer." SSL is a secure protocol developed for transfer data securely over the Internet. Many websites use SSL for protected areas of their sites, such as user account pages and online checkout. Usually, when you are asked to "log in" on a website, the subsequent page is secured by SSL.

SSL allows penetrating evidence such as credit card numbers, social security numbers, and login authorizations to be communicated securely. Normally, data sent between browsers and web servers is directed in plain text and leaving you exposed to eaves discharging. If an invader is able to interrupt all data being sent between a browser and a web server, they can see and use that evidence.

Fig 1.1- SSL-Secure Socket Layer
While SSL is most usually seen on the Web (HTTP), it is also used to secure other Internet protocols, such as SMTP for distribution e-mail and NNTP for newsgroups. Early implementations of SSL were limited to 40-bit encryption, but now most SSL secure protocols use 128-bit encryption or higher.

SSL encrypts the data being transmitted so that a third party cannot "eavesdrop" on the transmission and view the data being transmitted. Only the user's computer and the secure server are able to acknowledge the data.

Secure Socket Layer (SSL) sits on top of TCP layer, below the application layer and acts like sockets associated by TCP connections. It is used to secure TCP-based applications, not UDP or directly over IP. The most common application used for SSL to secure communications is HTTP over SSL, or HTTPS. Others include SMTP/ IMAP over SSL.

SSL keeps your name, address, and credit card communication between you and merchant to which you are offering it. Without this kind of encryption, online shopping would be far too apprehensive to be practical. When you visit a Web address starting with "https," the "s" after the "http" indicates the website is secure. These websites often use SSL certificates to verify their authenticity.

More specifically, SSL is a security protocol. Protocols describe how algorithms should be used; in this case, the SSL protocol limits variables of the encryption for both the link and the data being communicated

Below is the diagram showing the connection between the SSL Server and SSL client. It will help you to understand more on the various phases of the connection between Server and the client.

Fig 1.2- SSL Server and Client Connection

An SSL connection is established in two main phases- the Handshake phase and the Secure data allocation phase. The handshake phase exchanges cryptographic algorithms, authenticates the server, and launches keys for data encryption and Message Authentication Code (MAC). The secure data transfer phase sends encrypted data over traditional SSL connection.

The Client originates a session by transfer a Client Hello message to the Server. This Hello message contains:
  • Version: The Client sends the version number that it supports. For example, for SSLv3, the version number is 3.0. For TLS, the version number is 3.1.
  • Random: This is a Client generated random structure. It contains the Client's date and time, and a 26-byte pseudorandom number. 
  • Session ID (if any): This is included if the Client wants to resume a previous session. If the Session ID Length is 0, it indicates a new session.
  • Cipher Suite: This is the list of cipher suites that are supported by the Client. An example of a cipher suite is TLS_RSA_WITH_DES_CBC_SHA, where TLS is the protocol version, RSA is the algorithm that will be used for key exchange, DES_CBC is the encryption algorithm and SHA is the hash function.
  • Compression Methods: Currently, no compression methods are supported.

The Server directs back the highest protocol version that is maintained by the Client and the Server. This version will be used through the connection. The Server rejoins with its own Hello message. This Hello message contains:
  • Version: The Server sends the highest version number supported by both Client and Server.
  • Random: The Server also generates its own random value. It also contains its own date and time.
  • Session ID: If the Client sends an empty session ID to initiate a new session, the server generates a new session ID. If the Client sends a non-zero session ID to resume a previous session, the uses the same session ID that is sent by the Client. If the Server cannot or will not resume a previous session, it generates a new session ID.
  • Cipher Suite: This is the single cipher suite selected by the Server out of the cipher suites proposed by the Client.
  • Compression Method: Currently, no compression methods are supported.