The Secure Socket Layer and how it secures your internet sessions- Be Educated-SOUTECH NigeriaEsang U. E
I’ll be teaching here on the Secure Sockets Layer because most of I believe have been hearing of SSL as a protocol but do not know how it works; don’t worry I’ve got you. What is SSL?
Secure Sockets Layer is a protocol applicable in computer networks that secures connections that exist between network application clients and servers on insecure networks such as the internet. SSL was proposed for use on the internet by the Internet Engineering Task Force (IETF) in 2015 because of the very many protocol and implementation flaws and vulnerabilities found in the other internet protocols. It has however been replaced by the TLS (Transport Layer Security) protocol. TLS and SSL are however not compatible together so therefore TLS is deployed in the SSL 3.0.
SSL was originally developed as a protocol in its proprietary state in the 1990s such that it allows the Netscape browser clients which work over the HTTP (hypertext Transfer Protocol) to communicate securely with Netscape web servers. SSL was eventually adopted for use to secure authentication and encryption in network transport layer communications.
Encryption Standard used in SSL
SSL makes use of two keys which are the public key and the symmetric key to ensure encryption when two machines when they establish a connection. These machines can typically be web or mail server and a client system communicating over the internet or some other TCP/IP network. SSL makes sure that data that is being sent between two processes working in the client and server model is encrypted and authenticated.
SSL works above the transport and network layer and is responsible for the transportation of data packets between processes and data routing of network traffic over a network between a client and server. It also works below the application layer protocols like the popular HTTP and SMTP (Simple Mail Transport Protocol).
Ever wondered what the word ‘socket’ in the term SSL refers to? It refers to the sockets method which data is transported between a client and server program in a certain network or between processes that take place on the same computer device.
Like I said, TLS protocol was developed from the SSL and has phased out the SSL protocol but in the aspect of SSL or SSL/TLS, they are still commonly used to refer to the protocol that was used to protect the internet traffic. SSL/TLS is the most widely deployed security protocol being used today and has been known secure up to about 50% of the pages that have been loaded on the Google chrome browser. SSL has been specifically implemented for applications such as email, file transfer, VoIPs, instant messaging which is an additional method to support the transmission of web pages.
How does SSL work?
The SSL protocol has majorly two sub-protocols which are;
- The Record Protocol: This protocol defines how the hosts communicating will use exchange data via the SSL which include specifications for how data is to be prepared before being transmitted. It also tells how the verification and decryption of the received data.
- The Handshake Protocol: This protocol defines how the client and server go about to establish an SSL connection. This includes the negotiation in way the cryptographic systems and each host is willing or unwilling to be engaged in the exchange of cryptographic materials. This includes the session keys and public keys for the encryption or authentication or transmitted data.
Now, during the handshake process, the initial process that takes place is that the server presents its digital certificate in order to be authenticated with the client. The server certificates use the X.509 certificate standard format which is defined by the public key cryptography standards. In order to be authenticated, the public key encryption validates the digital certificate and is used to confirm that the server is what it says it is.
Immediately the server is authenticated, the client and the server will go ahead to establish the settings of the cipher and a shared key will be used to encrypt the information that is being exchanged until the session expires. By this way, data confidentiality and integrity are assured and the whole process is invisible to the user.
Now let us look at this example, if a webpage is in need of an SSL connection, the URL will be changed from HTTP to HTTPS and you will see a padlock icon on the left pane of the browser once the server gets authenticated.
The handshake process allows the authentication to happen between the client and server. When the server authentication is complete, the client has to present its certificate to the server in order to authenticate its identity before it is encrypted for the SSL session to be established.
Version 3.1 of the SSL was released as TLS 1.0 (which was named to avoid legal issues with Netscape) after IETF officially took over the SSL protocol in order to standardize it through the open process. Attacks perpetrated against the SSL have been majorly been focused on issues in the SSL implementation. POODLE (Padding Oracle On Downgraded Legacy encryption) vulnerability is a known flaw in the SSL 3.0 protocol which is as a result of the way it ignores padded bytes when running in the cipher block chain mode. This existence of this flaw gives room for an attacker to decrypt sensitive data like the authentication cookies. TLS 1.0 has not been known to be vulnerable to attacks because it shows that all the padding bytes need to have the same value and must be authenticated.
There are some other differences between the TLS and SSL which make it a more secure and efficient protocol which is in its message authentication, generation of the key material, and the supported cipher suites where TLS supports some new and recent secure algorithms. The most recent version is the TLS 1.2 and the publication of the next version is expected before the year of this year 2017 pending approval. This update may likely be called the TLS 1.3 or the TLS 2.0.
subscribe to our CEH course at SOUTECH ventures to know more about network security and this subject topic in full. Call us today: 08034121380
Check out SOUTECH bespoke training sessions of over 20 Professional IT courses.
Order any of our IT Training Kits