Secure Socket Layer Protocol Dr. John P. Abraham Professor, UTRGV
SSL Can secure transmission over TCP Provides privacy (encryption) and authentication (certificates) HTTPS, secure and secure financial transactions are examples SSL version 3 is obsolete and is being replaced with the TLS (Transport Layer Security)
Web based SSL Browsers are enabled with SSL as such no other configuration is necessary at the user site. At the server side a certificate needs to be installed for each application. Certificate authority such as verisign can provide it. An administrator can create a certificate Certificates are issued with an expiration time The server should allow secure connections
Connection speed SSL transmissions are slower because of private public key encryptions. Encryption decryption can be hardware based – use ssl accelerators (PCI cards)
SSL sublayers Record Layer – formats messages – provides a header and hash ChangeCipherSpec Protocol- signals beginning of secure communication Alert Protocol – transmits any errors that occurred. Handshake protocol – clientHello, serverHello, ServerKeyExchange, ServerHelloDone, ClientKeyExchange, ChangeCipherSpec, Finished, ChangeCipherSpec, Finished.