Connected: An Internet Encyclopedia
SSL/TLS Protocol Overview

Up: Connected: An Internet Encyclopedia
Up: Topics
Up: Functions
Up: Security
Prev: Trusted Ports
Next: SSH Protocol Overview

SSL/TLS Protocol Overview

SSL/TLS Protocol Overview SSL Version 3, documented in an IETF draft, provides one of the most commonly available security mechanisms on the Internet. SSL stands for Secure Sockets Layer, though IETF has renamed it TLS (Transport Layer Security). TLS is documented in RFC 2246 and identifies itself in the protocol version field as SSL 3.1.

Developed by Netscape, SSL is used extensively by web browsers to provide secure connections for transferring credit cards numbers and other sensitive data. An SSL-protected HTTP transfer uses port 443 (instead of HTTP's normal port 80), and is identified with a special URL method - https. Thus, https://www.verisign.com/ would cause an SSL-enabled browser to open a secure SSL session to port 443 at www.verisign.com.

SSL, like most modern security protocols, is based on cryptography. When an SSL session is established, the server begins by announcing a public key to the client. No encryption is in use initially, so both parties (and any eavesdropper) can read this key, but the client can now transmit information to the server in a way that no one else could decode. The client generates 46 bytes of random data, forms them into a single very large number according to PKCS#1, encrypts them with the server's public key, and sends the result to the server. Only the server, with its private key, can decode the information to determine the 46 original bytes. This shared secret is now used to generate a set of conventional RC4 cipher keys to encrypt the rest of the session.

X.509 certificates are used to authenticate the server, and the client can be authenticated as well, by presenting a certificate of its own, then computing a hash of all the SSL messages that have been exchanged up to a certain point, encrypting the result with its private key, and sending this to the server. The server, which can compute the same hash value, having seen all the messages as well, can decrypt using the client's public key, which is part of the certificate, and verify that the two results are the same. Thus the client is authenticated.


Next: SSH Protocol Overview

Connected: An Internet Encyclopedia
SSL/TLS Protocol Overview