|Lesson 10|| SSL transactions|
|Objective||Describe the SSL protocol and its use in secure communications. |
SSL Transactions (Secure Communications)
You now understand certificates. Enterprise-grade Web servers allow you to use
certificates for authentication and SSL encryption. The SSL protocol allows applications to exchange data over public networks privately, preventing
eavesdropping, tampering, and message forgery. SSL enables two applications to communicate over the network using authentication with digital
certificates. In addition, message reliability is ensured with SSL's use of encryption and message digests.
When using the SSL protocol, the top-level sequence of events is:
The SSL specification details the data structures, client/server handshake protocol, certificate and key exchange procedures, messages, constants, and so on. It is not necessary to know
all the internal details to use the SSL protocol.
- The client and server applications using the asymmetric keys in the form of certificates are authenticated.
- A random symmetric session key is encrypted to the server's public key and transmitted to the server.
- All data is encrypted using the random symmetric key.
- A message authentication that has an algorithm is applied to envelop all information to ensure integrity.
SSL encrypts communications between two points. It is not as ambitious as SET, which outlines a more ambitious information exchange procedure in addition to encryption. Although SSL helps prevent eavesdropping from hackers, it is not completely secure. Most nations have embraced the use of SSL, but e-commerce will likely move to protocols such as SET or radically improved uses of SSL to ensure that customers feel completely secure about transacting online.
The following slideshow demonstrates the latest in SSL protocol technologies
An SSL connection can be in two phases, as shown in the ssl-connection below.
The next lesson will cover the SET protocol.
- For more information about SSL, go to www.ssl.com.
- For more information about cryptography in general, go to rsa.com