2. Secure Socket Layer (SSL)
Secure Socket Layer (SSL) provides
security to the data that is transferred
between web browser and server.
SSL encrypts the link between a web server
and a browser which ensures that all data
passed between them remain private and free
from attack.
10. Phase I of Handshake Protocol
After Phase I, the client and server know the
following:
The version of SSL
The algorithms for key exchange, message
authentication, and encryption
The compression method
The two random numbers for key
generation
11.
12. Phase II of Handshake Protocol
After Phase II,
The server is authenticated to the client.
The client knows the public key of the
server if required.
13.
14. Phase III of Handshake Protocol
After Phase III,
The client is authenticated for the server.
Both the client and the server know the
pre-master secret.
15.
16. Phase IV of Handshake Protocol
After Phase IV, the client and server are
ready to exchange data.
17. SSL Record Protocol
SSL Record provides two services to SSL
connection.
Confidentiality
Message Integrity
Fragmentation
Compression
Message Authentication and Integrity
Protection
Encryption
20. Change-cipher spec protocol
Change-cipher protocol consists of a single
message which is 1 byte in length and can
have only one value.
This protocol’s purpose is to cause the
pending state to be copied into the current
state.
21. Evaluation of SSL
SSL 1.0
was never released to the public.
SSL 2.0
was released in 1995.
SSL 3.0
was released in 1996.
SSLv4.0 or TSLv1.0
was released in 1999.
TLSv1.1
was released in 1999.
22. Transport Layer Security
Transport Layer Security (TLS) was designed
to provide security at the transport layer.
TSL was derived from a security protocol called
Secure Socket Layer(SSL).
TSL is the successor to the Secure Socket Layer
(SSL).
TSL is a protocol that ensures privacy between
communicating applications and their users on
the internet.