Submit Search
Upload
Understanding transport-layer_security__ssl
•
1 like
•
371 views
Mainak Goswami
Follow
Useful document and tutorial on SSL, encryption, TLS, cryptography, JEE security
Read less
Read more
Technology
Education
Report
Share
Report
Share
1 of 4
Download now
Download to read offline
Recommended
Transport Layer Security (TLS)
Transport Layer Security (TLS)
Arun Shukla
SSL TSL;& SET
SSL TSL;& SET
Ramesh Ogania
Details about the SSL Certificate
Details about the SSL Certificate
CheapSSLUSA
Web Security and SSL - Secure Socket Layer
Web Security and SSL - Secure Socket Layer
Akhil Nadh PC
web security
web security
Chirag Patel
Web Security
Web Security
Ram Dutt Shukla
Web Security
Web Security
Dr.Florence Dayana
Email Security : PGP & SMIME
Email Security : PGP & SMIME
Rohit Soni
Recommended
Transport Layer Security (TLS)
Transport Layer Security (TLS)
Arun Shukla
SSL TSL;& SET
SSL TSL;& SET
Ramesh Ogania
Details about the SSL Certificate
Details about the SSL Certificate
CheapSSLUSA
Web Security and SSL - Secure Socket Layer
Web Security and SSL - Secure Socket Layer
Akhil Nadh PC
web security
web security
Chirag Patel
Web Security
Web Security
Ram Dutt Shukla
Web Security
Web Security
Dr.Florence Dayana
Email Security : PGP & SMIME
Email Security : PGP & SMIME
Rohit Soni
SSL Secure socket layer
SSL Secure socket layer
Ahmed Elnaggar
How to design a digital signature in odoo
How to design a digital signature in odoo
PlanetOdoo
Cryptography
Cryptography
TanviGogri
Seminar ppt on digital signature
Seminar ppt on digital signature
jolly9293
Digital Signature
Digital Signature
Jonathon Dosh
HTTP VS. HTTPS: WHICH IS BETTER??
HTTP VS. HTTPS: WHICH IS BETTER??
SEONetsolITSolutions
Digital signature
Digital signature
CHESStest{perfect Kadhu}
Information and network security 43 digital signatures
Information and network security 43 digital signatures
Vaibhav Khanna
Digital certificates in e commerce
Digital certificates in e commerce
mahesh tawade
SSl and certificates
SSl and certificates
Netri Chowdhary
Digital signature Brief Introduction
Digital signature Brief Introduction
Ganesh Kothe
Digital signatures and e-Commerce
Digital signatures and e-Commerce
Naveen Jakhar, I.T.S
Otp api specifications
Otp api specifications
RouteMob
E business--dig sig
E business--dig sig
ravik09783
Presentation on digital signatures & digital certificates
Presentation on digital signatures & digital certificates
Vivaka Nand
PPT ON WEB SECURITY BY MONODIP SINGHA ROY
PPT ON WEB SECURITY BY MONODIP SINGHA ROY
Monodip Singha Roy
Introduction of an SSL Certificate
Introduction of an SSL Certificate
CheapSSLUSA
Digital Signature
Digital Signature
saurav5884
Digital certificate & signature
Digital certificate & signature
Netri Chowdhary
Digital Certificate
Digital Certificate
Sumant Diwakar
WEB SECURITY CRYPTOGRAPHY PPTeriu8t erhiut.ppt
WEB SECURITY CRYPTOGRAPHY PPTeriu8t erhiut.ppt
SonukumarRawat
The last picks
The last picks
Nafiur Rahman Tuhin
More Related Content
What's hot
SSL Secure socket layer
SSL Secure socket layer
Ahmed Elnaggar
How to design a digital signature in odoo
How to design a digital signature in odoo
PlanetOdoo
Cryptography
Cryptography
TanviGogri
Seminar ppt on digital signature
Seminar ppt on digital signature
jolly9293
Digital Signature
Digital Signature
Jonathon Dosh
HTTP VS. HTTPS: WHICH IS BETTER??
HTTP VS. HTTPS: WHICH IS BETTER??
SEONetsolITSolutions
Digital signature
Digital signature
CHESStest{perfect Kadhu}
Information and network security 43 digital signatures
Information and network security 43 digital signatures
Vaibhav Khanna
Digital certificates in e commerce
Digital certificates in e commerce
mahesh tawade
SSl and certificates
SSl and certificates
Netri Chowdhary
Digital signature Brief Introduction
Digital signature Brief Introduction
Ganesh Kothe
Digital signatures and e-Commerce
Digital signatures and e-Commerce
Naveen Jakhar, I.T.S
Otp api specifications
Otp api specifications
RouteMob
E business--dig sig
E business--dig sig
ravik09783
Presentation on digital signatures & digital certificates
Presentation on digital signatures & digital certificates
Vivaka Nand
PPT ON WEB SECURITY BY MONODIP SINGHA ROY
PPT ON WEB SECURITY BY MONODIP SINGHA ROY
Monodip Singha Roy
Introduction of an SSL Certificate
Introduction of an SSL Certificate
CheapSSLUSA
Digital Signature
Digital Signature
saurav5884
Digital certificate & signature
Digital certificate & signature
Netri Chowdhary
Digital Certificate
Digital Certificate
Sumant Diwakar
What's hot
(20)
SSL Secure socket layer
SSL Secure socket layer
How to design a digital signature in odoo
How to design a digital signature in odoo
Cryptography
Cryptography
Seminar ppt on digital signature
Seminar ppt on digital signature
Digital Signature
Digital Signature
HTTP VS. HTTPS: WHICH IS BETTER??
HTTP VS. HTTPS: WHICH IS BETTER??
Digital signature
Digital signature
Information and network security 43 digital signatures
Information and network security 43 digital signatures
Digital certificates in e commerce
Digital certificates in e commerce
SSl and certificates
SSl and certificates
Digital signature Brief Introduction
Digital signature Brief Introduction
Digital signatures and e-Commerce
Digital signatures and e-Commerce
Otp api specifications
Otp api specifications
E business--dig sig
E business--dig sig
Presentation on digital signatures & digital certificates
Presentation on digital signatures & digital certificates
PPT ON WEB SECURITY BY MONODIP SINGHA ROY
PPT ON WEB SECURITY BY MONODIP SINGHA ROY
Introduction of an SSL Certificate
Introduction of an SSL Certificate
Digital Signature
Digital Signature
Digital certificate & signature
Digital certificate & signature
Digital Certificate
Digital Certificate
Similar to Understanding transport-layer_security__ssl
WEB SECURITY CRYPTOGRAPHY PPTeriu8t erhiut.ppt
WEB SECURITY CRYPTOGRAPHY PPTeriu8t erhiut.ppt
SonukumarRawat
The last picks
The last picks
Nafiur Rahman Tuhin
Ssl
Ssl
Anandraj Kulkarni
ch17.ppt
ch17.ppt
SomuPatil8
Demonstration of secure socket layer(synopsis)
Demonstration of secure socket layer(synopsis)
Mumbai Academisc
Secure payment systems
Secure payment systems
Abdulaziz Mohd
OWASP London 16 Jan-2017 - Identities Exposed by David Johansson
OWASP London 16 Jan-2017 - Identities Exposed by David Johansson
David Johansson
SSL/TLS
SSL/TLS
Sirish Kumar
Certificate pinning in android applications
Certificate pinning in android applications
Arash Ramez
SSL
SSL
Badrul Alam bulon
presentation2-151203145018-lva1-app6891.pdf
presentation2-151203145018-lva1-app6891.pdf
GumanSingh10
Describe- in your own words- the mechanism for establishing a HTTPS co.docx
Describe- in your own words- the mechanism for establishing a HTTPS co.docx
earleanp
Unit 5
Unit 5
KRAMANJANEYULU1
Chapter 2 System Security.pptx
Chapter 2 System Security.pptx
RushikeshChikane2
SSL-image
SSL-image
Rajat Toshniwal
Lecture17
Lecture17
Châu Thanh Chương
CRYPTOGRAPHY AND NETWORK SECURITY- Transport-level Security
CRYPTOGRAPHY AND NETWORK SECURITY- Transport-level Security
Jyothishmathi Institute of Technology and Science Karimnagar
ssl
ssl
sjyuva
E-Business security
E-Business security
Surendhranatha Reddy
InfoSecurity Europe 2015 - Identities Exposed by David Johansson
InfoSecurity Europe 2015 - Identities Exposed by David Johansson
David Johansson
Similar to Understanding transport-layer_security__ssl
(20)
WEB SECURITY CRYPTOGRAPHY PPTeriu8t erhiut.ppt
WEB SECURITY CRYPTOGRAPHY PPTeriu8t erhiut.ppt
The last picks
The last picks
Ssl
Ssl
ch17.ppt
ch17.ppt
Demonstration of secure socket layer(synopsis)
Demonstration of secure socket layer(synopsis)
Secure payment systems
Secure payment systems
OWASP London 16 Jan-2017 - Identities Exposed by David Johansson
OWASP London 16 Jan-2017 - Identities Exposed by David Johansson
SSL/TLS
SSL/TLS
Certificate pinning in android applications
Certificate pinning in android applications
SSL
SSL
presentation2-151203145018-lva1-app6891.pdf
presentation2-151203145018-lva1-app6891.pdf
Describe- in your own words- the mechanism for establishing a HTTPS co.docx
Describe- in your own words- the mechanism for establishing a HTTPS co.docx
Unit 5
Unit 5
Chapter 2 System Security.pptx
Chapter 2 System Security.pptx
SSL-image
SSL-image
Lecture17
Lecture17
CRYPTOGRAPHY AND NETWORK SECURITY- Transport-level Security
CRYPTOGRAPHY AND NETWORK SECURITY- Transport-level Security
ssl
ssl
E-Business security
E-Business security
InfoSecurity Europe 2015 - Identities Exposed by David Johansson
InfoSecurity Europe 2015 - Identities Exposed by David Johansson
Recently uploaded
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
panagenda
Data governance with Unity Catalog Presentation
Data governance with Unity Catalog Presentation
Knoldus Inc.
Testing tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examples
Kari Kakkonen
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
LoriGlavin3
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdf
LoriGlavin3
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
ThousandEyes
Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...
Farhan Tariq
A Framework for Development in the AI Age
A Framework for Development in the AI Age
Cprime
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
Pixlogix Infotech
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
Inflectra
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
Wes McKinney
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
LoriGlavin3
Top 10 Hubspot Development Companies in 2024
Top 10 Hubspot Development Companies in 2024
TopCSSGallery
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptx
LoriGlavin3
2024 April Patch Tuesday
2024 April Patch Tuesday
Ivanti
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
LoriGlavin3
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
LoriGlavin3
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
Pim van der Noll
Connecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdf
Neo4j
Recently uploaded
(20)
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Data governance with Unity Catalog Presentation
Data governance with Unity Catalog Presentation
Testing tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examples
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdf
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...
A Framework for Development in the AI Age
A Framework for Development in the AI Age
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Top 10 Hubspot Development Companies in 2024
Top 10 Hubspot Development Companies in 2024
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptx
2024 April Patch Tuesday
2024 April Patch Tuesday
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
Connecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdf
Understanding transport-layer_security__ssl
1.
Secured website example http://idiotechie.com/understanding-transport-layer-security-secure-socket-layer/
May 12, 2013 Understanding Transport Layer Security / Secure Socket Layer IdioTechie Transport Layer Security (TLS) 1.0 / Secure Sockets Layer (SSL) 3.0, is the mechanism to provide private, secured and reliable communication over the internet. It is the most widely used protocols that provides secure HTTPS for internet communications between the client (web browsers) and web servers. It ensures that the transport of sensitive data are safe from cyber crimes which steals valuable client information. TLS/SSL enables server authentication, client authentication, data encryption, and data integrity over internet. Earlier most of the payment based web applications were involved in secured communication to prevent hacking and keep the critical payment information safe. The disadvantage of SSL is the performance hit. Since the data passed over the secured layer has to be encrypted by the server it uses more server resources than the unencrypted communication. However in recent days with faster internet most of the authentication based web applications prefer secured HTTPS. E.g. Google, Facebook, Twitter etc. and HTTPS is not limited to e-commerce or banking websites only. What is the difference between TLS and SSL? There are subtle differences between TLS and SSL. TLS is the successor to the SSL but TLS 1.2 cannot be interchangeable with SSL 3.0. TLS uses Hashing for Message Authentication Code (HMAC) algorithm over the SSL Message Authentication Code (MAC) algorithm. HMAC is more secured than the standard SSL MAC algorithm. How to recognize a secured website? Most of the browsers helps the visitors to identify if any website is secured by showing the ‘https’ in the address bar and also the certificate authority which has validated the website. Before we explore on how SSL works let’s try to understand more about some of the key terminologies. Encryption – In cryptography terminology encryption is a process of encoding information which is sent from one computer to another in such a way that unauthorized persons cannot get access to the original data. Identification – Identification is a process through which one system confirms the identity of another person / entity/ computer system. Authentication – Authentication is a process to verify the credentials of the principal or the system. The JEE platform requires that all the application servers provide support for authentication mechanisms likes HTTP basic authentication, SSL mutual authentication, form based login. Authorization – It is a process by which the principal is either granted access or disallowed to protected resources. Only the trusted principal can be granted secure access. Why do we need encryption? © http://idiotechie.com
2.
Unencrypted Message Example Encrypted
Message 1. SSL Handshake 2. SSL Handshake If we do not use encryption then the critical credit card information can be stolen by the unauthorised persons who might hijack the session between the client and server communication. When we use encryption the credit card information are encrypted and it is passed through a secured HTTPS connection which prevents any hackers from unauthorized access of the data. How does this Encryption process works between the client and server? There are several steps before the actual encrypted message is sent. The first process starts with SSL Handshake or establishing a secured connection between the client and the server. This process requires total of nine handshake messages to be communicated between server and client. One the handshake is completed then encrypted messages are communicated between client and server. One way SSL authentication Step 1: Client and server agrees on the medium of encryption Step 2: Server sends a certificate message to the client Server sends Hello message to the client. Server sends a Certificate message to the client which consists of the server’s certificate including the server’s public key. Before the client computer requests to start encryption the server concludes its part of the negotiation with ServerHelloDone message. Step 3: Client computer requests to start encryption Client then sends the session key information which is encrypted with server’s public key in the Client Key Exchange message. Both client and server calculates the master secret code and in future this code is used to encrypt the messages between the client and server.Client sends Change Cipher Spec message to activate the negotiated SSL encryption options which was agreed during the Hello message communication for all future messages it will send. And then the client requests finish which finally will request the server to start the encryption. © http://idiotechie.com
3.
3 SSL Handshake 4
SSL Handshake 1. SSL Handshake 2 Mutual SSL Handshake Step 4: Server confirms to start the encryption Server sends Change Cipher Spec message to activate the previously negotiated options for all future messages it will send. Server then sends the Finished message to the client and requests it to check the newly activated options. When the finished message is delivered it is sent in encrypted mode. This completes all the handshake process. Step 5: The messages are encrypted Now the client and servers communicates securely through encrypted messages only. Two way SSL communication (Mutual SSL Authentication) Step 1: Client and server agrees on the medium of encryption Step 2: Server sends a certificate message to the client • Server sends Hello message to the client. • Server sends a Certificate message to the client which consists of the server’s certificate including the server’s public key. • Server requests client’s certificate in Certificate Request message, so that the connection can be mutually authenticated. • Before the client computer requests to start encryption the server concludes its part of the negotiation with Server Hello Done message. Step 3: Client computer requests to start encryption • Client responds to the server with Certificate message, which contains the client’s certificate. • Client then sends the session key information which is encrypted with server’s public key in the Client Key Exchange message. • Client sends a Certificate Verify message to let the server know it owns the sent certificate. Both client and server calculates the master secret code and in future this code is used to encrypt the messages between the client and server. • Client sends Change Cipher Spec message to activate the negotiated SSL encryption options which was agreed during the Hello message communication for all future messages it will send. • And then the client requests finish which finally will request the server to start the encryption. Step 4: Server confirms to start the encryption © http://idiotechie.com
4.
3 Mutual SSL
Handshake 4 SSL Handshake Step 4: Server confirms to start the encryption Server sends Change Cipher Spec message to activate the previously negotiated options for all future messages it will send. Server then sends the Finished message to the client and requests it to check the newly activated options. When the finished message is delivered it is sent in encrypted mode. This completes all the handshake process. Step 5: The messages are encrypted Now the client and servers communicates securely through encrypted messages only. In our next series we will discuss more into the code level details and security implementation in web servers. Please keep watching this space. © http://idiotechie.com
Download now