| User Opinions |
75%
25%
(4 votes)
|
|
Thank you for rating this answer.
|
Secure Sockets Layer (SSL) and Transport Layer Security (TLS), its successor, are cryptographic protocols which provide secure communications on the Internet for such things as e-mail, Internet faxing, and other data transfers. There are slight differences between SSL 3.0 and TLS 1.0, but the protocol remains substantially the same. The term "SSL" as used here applies to both protocols unless clarified by context.
The description of the SSL protocol
SSL provides endpoint authentication and communications privacy over the Internet using cryptography. In typical use, only the server is authenticated (i.e. its identity is ensured) while the client remains unauthenticated; mutual authentication requires public key infrastructure (PKI) deployment to clients. The protocols allow client/server applications to communicate in a way designed to prevent eavesdropping, tampering, and message forgery.
SSL involves three basic phases:
Peer negotiation for algorithm support
Public key encryption-based key exchange and certificate-based authentication
Symmetric cipher-based traffic encryption
During the first phase, the client and server negotiation uses cryptographic algorithms. Current implementations support the following choices:
for public-key cryptography: RSA, Diffie-Hellman, DSA or Fortezza;
for symmetric ciphers: RC2, RC4, IDEA, DES, Triple DES or AES;
for one-way hash functions: MD2, MD4, MD5 or SHA.
How SSL works
The SSL protocol exchanges records; each record can be optionally compressed, encrypted and packed with a message authentication code (MAC). Each record has a content_type field that specifies which upper level protocol is being used.
When the connection starts, the record level encapsulates another protocol, the handshake protocol, which has content_type 22.
The client sends and receives several handshake structures:
It sends a ClientHello message specifying the list of cipher suites, compression methods and the highest protocol version it supports. It also sends random bytes which will be used later.
Then it receives a ServerHello, in which the server chooses the connection parameters from the choices offered by the client earlier.
When the connection parameters are known, client and server exchange certificates (depending on the selected public key cipher). These certificates are currently X.509, but there is also a draft specifying the use of OpenPGP based certificates.
The server can request a certificate from the client, so that the connection can be mutually authenticated.
Client and server negotiate a common secret called "master secret", possibly using the result of a Diffie-Hellman exchange, or simply encrypting a secret with a public key that is decrypted with the peer's private key. All other key data is derived from this "master secret" (and the client- and server-generated random values), which is passed through a carefully designed "Pseudo Random Function".
TLS/SSL have a variety of security measures:
Numbering all the records and using the sequence number in the MACs.
Using a message digest enhanced with a key (so only with the key can you check the MAC). This is specified in RFC 2104).
Protection against several known attacks (including man in the middle attacks), like those involving a downgrade of the protocol to previous (less secure) versions, or weaker cipher suites.
The message that ends the handshake ("Finished") sends a hash of all the exchanged data seen by both parties.
The pseudo random function splits the input data in 2 halves and processes them with different hashing algorithms (MD5 and SHA), then XORs them together. This way it protects itself in the event that one of these algorithms is found vulnerable.
Applications
SSL runs on layers beneath application protocols such as HTTP, FTP, SMTP and NNTP and above the TCP or UDP transport protocol, which form part of the TCP/IP protocol suite. While it can add security to any protocol that uses reliable connections (such as TCP), it is most commonly used with HTTP to form HTTPS. HTTPS is used to secure World Wide Web pages for applications such as electronic commerce. It uses public key certificates to verify the identity of endpoints.
An increasing number of client and server products support SSL natively, but many still lack support. As an alternative, users may wish to use standalone SSL products like Stunnel. Wrappers such as Stunnel rely on being able to obtain an SSL connection immediately, by simply connecting to a separate port reserved for the purpose. For example, by default the TCP port for HTTPS is 443, to distinguish it from HTTP on port 80. However, in 1997 the Internet Engineering Task Force recommended that application protocols always start unsecured and instead offer a way to upgrade to TLS - which a pure wrapper like Stunnel cannot cope with.
SSL can also be used to tunnel an entire network stack to create a VPN, as is the case with OpenVPN.
This article is licensed under the GNU Free Documentation License (GFDL). It uses material from the Wikipedia article Transport Layer Security. More on Wikipedia.
|
Print this page
Email this page
Post a comment
