SSL (Secure Sockets Layer) is an acronym that is a Netscape web protocol designed to transmit securely private documents over the Internet. To encrypt data, SSL uses a two-key cryptographic system: a public one, known by anyone, and a private, secret, known only by the recipient of the message. Several updates of this protocol have been offered, today the latest version being SSL 3.0, becoming the standard. Version 3.0 is supported by most Web servers and is still used by many people.
TLS (Transport Layer Security) – is the successor to the SSL protocol. Even though there are some differences between TLS and SSL, the protocols are very similar. The objective of the TLS protocol is to stop intercepting the “false message”, providing a complete cryptographic security packet between confidential server-side information. Two significant advantages of the TLS protocol are independence and transparency.
The primary purpose of the SSL/TLS protocol is to provide privacy and reliability between two applications that communicate with each other. SSL/TLS encrypts sensitive user data when sent to a web server along an unsafe network. The SSL/TLS protocol consists of two layers. The first layer, called the Handshake protocol, also contains three other sub-protocols: Handshake, Change Cipher Spec, and Alert. The Record protocol defines the second layer.
A. Handshake protocol
a. Handshake – This sub-protocol is used to exchange initial information between the client and the server. The information exchanged between the client and the server consists of the session ID, peer certification, the cipher specifications, the compression algorithm used, and the confidential information that is used to generate a key
b. Change Cipher Spec – Used to share encrypted information between the client and the server. It sends information to the other side of the SSL / TLS session about how to send a new set of cryptographic keys.
c. Alert – There are alert messages that indicate a session status change or error status. There is a wide variety of alerts that notify the client or web server involved in the SSL / TLS session about the way and the operating conditions. Alerts are usually sent when the connection is closed, a message is not received, or another message can’t be decrypted.
Handshake Layer:
The Handshake protocol uses the x509 authentication process certificate, a certificate that provides “evidence” of the identity of the party holding the certificate as well as the appropriate private key.
Encryption:
The SSL / TLS protocol uses two distinct types of cryptographic keys:
1. Symmetric key – the same key is used for both encryption and decryption of the message. If the two parties want to exchange encrypted messages safely, they must have a copy of the same symmetric key. This key time is used for encrypting large amounts of data since encryption and decryption is much faster than the asymmetric key.
2. Asymmetric key (or public key) – this key is obtained through a more complex mathematical process. One of the keys is made public by the CA authority in the digital certificate assigned to the owner, and the other key is private and is not disclosed to anyone. These keys work together to form a key, and if a key (public) is used to encrypt data, the other key (private) is used to decrypt it and vice versa.
B) Record layer
At this level, the record protocol receives and encrypts all the data from the application layer and prepares it for sending to the next layer, the transport layer. The data is processed, and then fragmented in dimensions close to the encryption algorithm, they are assigned a unique MAC address and then encrypted (or decrypted) using the information that was negotiated during the Handshake protocol.