Define secure socket layer (ssl), Computer Network Security

Secure Socket Layer (SSL) accepts a combination of asymmetric and symmetric (public-key) encryption to accomplish integrity, confidentiality, authentication and non-repudiation for Internet interaction. In a nutshell SSL uses public key encryption to confidentially transmit a session key which can be needed to conduct symmetric encryption. SSL allows the public key technology to negotiate a shared session key between the server and the client. The public key is stored in an X.509 certificate that generally has a digital signature from a trusted 3rd party.

  • Client requests a document from a secure https server
  • The server gives its X.509 certificate to the client with its public key stored in the certificate.
  • The client validate whether the certificate has been issued by a CA it trusts.
  • The client checks the information in the certificate with the site's public key and domain name.
  • Client gives the server what cipher suites it has available.
  • The server obtains the strongest mutually available ciphers suite and notifies the client.
  • The client creates a session key (symmetric key or private key) and encrypts it using the server's public key and sends it to the server.
  • The server accepts the encrypted session key and decrypts it using its private key.
  • The server and client use the session key to decrypt and encrypt the data they send to each other.


Posted Date: 7/27/2012 6:08:46 AM | Location : United States

Related Discussions:- Define secure socket layer (ssl), Assignment Help, Ask Question on Define secure socket layer (ssl), Get Answer, Expert's Help, Define secure socket layer (ssl) Discussions

Write discussion on Define secure socket layer (ssl)
Your posts are moderated
Related Questions
QUESTION (a) Consider the following authentication options A. Using password B. Using pin and fingerprint Which option A or B provides stronger security and why? (b

Question: a) Explain what the following intermediate systems are and how they work? i. Repeater ii. Bridge b) A service is formally specified by a set of primitives (op

Question: (a) What is the minimum length of a password that could be considered to be "strong" in the context of today's computing power? (b) The security of a PIN system,

Netfilter Firewall Netfilter is the popular name for the packet filtering system installed by default in the Linux kernel. The filtering system can be used as a very effective

QUESTION (a) Describe the two possible configurations for 3DES (b) What is the main disadvantage of 3DES? (c) Why are most modern symmetric algorithm block ciphers? (d

Risk Management Discussion Points Organizations should define level of risk it can live with Risk appetite: it defines quantity and nature of risk which organizations are wil

1.  We used the National Vulnerability Database. Select a recent vulnerability from that Database and analyse it from the following aspects: Criticality level Impact in

INTRODUCTION TO SECURITY AND PERSONNEL When implementing information security, there are several human resource issues that should be addressed. They are •    Positioning and n

QUESTION: (a) Suppose the graph below, use the Flow Decomposition method to list the cycles and paths produced. (b) Describe how Lower Bounds on Arc Flows are eliminated