Secure Socket Layer (SSL) provide security to the data that is transferred between web browser and server. SSL encrypt the link between a web server and a browser which ensures that all data passed between them remain private and free from attack.
Secure Socket Layer Protocols:
- SSL record protocol
- Handshake protocol
- Change-cipher spec protocol
- Alert protocol
SSL Protocol Stack:
SSL Record Protocol:
SSL Record provide two services to SSL connection.
- Message Integerity
In SSL Record Protocol application data is divided into fragments. The fragment is compressed and then encrypted MAC (Message Authentication Code) generated by algorithms like SHA (Secure Hash Protocol) and MD5 (Message Digest) is appended. After that encryption of the data is done and in last SSL header is appended to the data.
Handshake Protocol is used to establish sessions. This protocol allow client and server to authenticate each other by sending a series of messages to each other. Handshake protocol uses four phases to complete its cycle.
- Phase-1: In Phase-1 both Client and Server send hello-packets to each other. In this IP session, cipher suite and protocol version are exchanged for security purpose.
- Phase-2: Server send his certificate and Server-key-exchange. Server end the phase-2 by sending Server-hello-end packet.
- Phase-3: In this phase Client reply to the server by sending his certificate and Client-exchange-key.
- Phase-4: In Phase-4 Change-cipher suite occurred and after this Handshake Protocol ends.
This protocol uses SSL record protocol. Unless Handshake Protocol is completed, the SSL record Output will be in pending state. After handshake protocol the Pending state is converted into Current state.
Change-cipher protocol consists of single message which is 1 byte in length and can have only one value. This protocol purpose is to cause the pending state to be copied into current state.
This protocol is used to convey SSL-related alerts to the peer entity. Each message in this protocol contain 2 bytes.
Level is further classified into two parts:
This Alert have no impact on the connection between sender and receiver.
- Fatal Error:
This Alert breaks the connection between sender and receiver.
Silent Features of Secure Socket Layer:
- Advantage of this approach is that the service can be tailored to the specific needs of the given application.
- Secure Socket Layer was originated by Netscape.
- SSL is designed to make use of TCP to provide reliable end-to-end secure service.
- This is two-layered protocol.
Attention reader! Don’t stop learning now. Get hold of all the important CS Theory concepts for SDE interviews with the CS Theory Course at a student-friendly price and become industry ready.
- Difference between Secure Socket Layer (SSL) and Secure Electronic Transaction (SET)
- Difference between Secure Socket Layer (SSL) and Transport Layer Security (TLS)
- Difference between layer-2 and layer-3 switches
- Cisco Discovery Protocol (CDP) and Link Layer Discovery Protocol (LLDP) in Data Link Layer
- Is SSL enough for Cloud Security?
- Difference between IPSec and SSL
- Difference between Kerberos and SSL
- SSL Full Form
- Difference between SSH and SSL
- Secure Electronic Transaction (SET) Protocol
- Difference between File Transfer Protocol (FTP) and Secure File Transfer Protocol (SFTP)
- Introduction to SSH(Secure Shell) Keys
- Create your own secure Home Network using Pi-hole and Docker
- Trust Based Energy-Efficient and Secure Routing Protocols for IoT
- Why HTTP is not Secure ?
- Socket Programming in Java
- Explicitly assigning port number to client in Socket
- Socket Programming in Python
- Socket Programming with Multi-threading in Python
- Socket in Computer Network
If you like GeeksforGeeks and would like to contribute, you can also write an article using contribute.geeksforgeeks.org or mail your article to firstname.lastname@example.org. See your article appearing on the GeeksforGeeks main page and help other Geeks.
Please Improve this article if you find anything incorrect by clicking on the "Improve Article" button below.