Ssl connection in interarchy7/25/2023 ![]() ![]() Registration Authority: A subordinate CA that issues a certificate on the behalf of root CA for specific uses. ![]() The public key infrastructure (PKI) is a set of roles, policies, and procedures needed to create, manage, distribute, use, store, and revoke digital certificates and manage public key encryption.Ĭertificate Authority: The authority that authenticates the identity of individuals, computers and other entities. There are certain infrastructures involved in achieving SSL communication in real life, which are called Public Key Infrastructure. Thus, SSL fundamentally works using asymmetric cryptography and symmetric cryptography. The actual SSL data transfer uses symmetric cryptography because it is easy and takes less CUP consumption compared with the asymmetric cryptography. This is done using the same session key at both ends and so, it is a symmetric cryptography. The client and the server now use a shared session key to encrypt and decrypt actual data and transfer it. The public key and the private key will not be used any more after this. Thus, at the end of the SSL handshake, both the client and the server have a valid session key which they will use to encrypt or decrypt actual data. The server decrypts the session key with its private key and sends the acknowledgement to the client encrypted with the session key. If the server has requested client authentication (mostly in server to server communication), then the client sends his own certificate to the server. The client creates a session key, encrypts it with the server's public key and sends it to the server. If the authentication succeeds, then proceed to step 4. Then the client refuses the SSL connection and throws an exception. The client verifies the server's SSL certificate from CA (Certificate Authority) and authenticates the server. This includes the server's SSL version number, cipher settings, session-specific data, an SSL certificate with a public key and other information that the client needs to communicate with the server over SSL. The server responds with a "server hello" message. This includes the client's SSL version number, cipher settings, session-specific data and other information that the server needs to communicate with the client using SSL. The client sends a "client hello" message. The following figure illustrates the steps involved in the SSL handshake: The SSL handshake is an asymmetric cryptography which allows the browser to verify the web server, get the public key and establish a secure connection before the beginning of the actual data transfer. The communication over SSL always begins with the SSL handshake. The SSL handshake and the actual data transfer. ![]() The following figure illustrates the steps of SSL communication:Īs you can see in the above figure, SSL communication between the browser and the web server (or any other two systems) is mainly divided into two steps: SSL protocol uses asymmetric and symmetric cryptography to transfer data securely. The most widely used symmetric algorithms are AES-128, AES-192 and AES-256. SSL uses symmetric cryptography using the session key after the initial handshake is done. Both sender and receiver should have this key, which is only known to them. In the symmetric cryptography, there is only one key which encrypts and decrypts the data. Most commonly used asymmetric key encryption algorithms include EIGamal, RSA, DSA, Elliptic curve techniques and PKCS. SSL uses asymmetric cryptography to initiate the communication which is known as SSL handshake. The receiver decrypts it using the related private key. In the asymmetric cryptography, the sender encrypt data with the receiver's public key and send it to the receiver. These keys are used to encrypts or decrypts the data. Public and private keys are mathematical related and were created using cryptographic algorithms which are based on mathematical problems termed one-way functions. The other key in the key pair is kept secret and is called Private Key. In a key pair, one key is shared with anyone who is interested in a communication. SSL fundamentally works with the following concepts:Īsymmetric cryptography (also known as Asymmetric Encryption or Public Key Cryptography) uses a mathematically-related key pair to encrypt and decrypt data. As you learned in the previous chapter, https uses SSL protocol to secure the communication by transferring encrypted data.īefore going deeper, learn how SSL works. ![]()
0 Comments
Leave a Reply. |