Secure Sockets Layer
Protocol Secure Socket Layer (SSL ) and Transport Layer Security -Layer Security Transport-( TLS), its successor, are cryptographic protocols that provide secure communications over a network commonly Internet.
Description:
SSL provides authentication and privacy of information between extremes on using cryptography Internet. Usually, only the server is authenticated (ie its identity is ensured) while the client remains unauthenticated; mutual authentication requires deployment of public key infrastructure (PKI) for customers. The protocols enable applications to client-server communicate in a way designed to prevent eavesdropping ( eavesdroping ), falsification of the sender's identity ( phishing ) and maintain the integrity of the message.
SSL involves a series of basic steps:
- negotiate between the parties algorithm to be used in communication
- exchange public keys and digital certificate-based authentication
- Traffic encryption based on symmetric encryption
During the first phase, the client and server negotiate which cryptographic algorithms will be used. Current implementations provide the following options:
- For public key cryptography: RSA, Diffie-Helman , DSA (Digital Signature Algorithm) or Fortezza ;
- For symmetric encryption: RC2 RC4, IDEA (International Data Encryption Algorithm), (Data Encryption Standard), DES or Triple Des AES (Advanced Encryption Standard);
- With hash functions: MD5o SHA family
SSL provides confidentiality and authentication in Internet transactions, being mainly used in those transactions that are exchanged sensitive data such as credit card numbers or passwords for access to private systems. SSL is one of the basic ways to implement solutions PKI (Public Key Infrastructure).
Secure Socket Layer protocol is a general character designed in 1994 by the company Netscape Communcations Corporation, and is based on the application joint symmetric cryptography, asymmetric cryptography (public key), digital certificates and digital signatures to achieve a secure channel or medium of communication over the Internet. Symmetric cryptographic systems, main engine of encryption of data transferred in communication, takes advantage of the speed of operation, while the asymmetric systems are used for the secure exchange of symmetric keys, thereby achieving the problem of Confidentiality in data transmission. SSL
implements a negotiation protocol to establish a comunicaión socked safe level (more hostname port), transparently to users and applications that use it.
is currently the standard for secure communication in the major web browsers (HTTP protocol), such as Netscape Navigator and Internet Explorer, and is expected to soon be brought out versions for other protocols, Application layer (mail, FTP, etc. .).
The secure Web server's identity (and sometimes client user) is achieved by the corresponding digital certificate, which is checked for validity before starting the exchange of sensitive data (authentication) while security integrity of exchanged data is provided by Digital Signature using hash functions and checking summaries of all data sent and received.
From the point of view of its implementation in the OSI reference model and TCP / IP, SSL is introduced as a kind of level or additional layer, located between application layer and transport layer, replacing the sockets of the system operating, which makes it independent of the application that uses it, and is generally implemented in the port 443. (NOTE: Ports are the interfaces that exist between the aplicacoines and the protocol stack TCP / IP operating system).
Introduction 
0 comments:
Post a Comment