Pages

Sunday, September 4, 2011

Concept behind SSL


Concept behind SSl:


          The SSL protocol uses a third party, the so called Certificate Authority (CA), to identify one/both end of the transactions. This is how does it work in general.

1. Your browser requests a secure page (usually such pages start with https://).

2. The web server on the other end gets that request and sends its public key and its certificate.
The browser check that the certificate is valid. This happens on three aspects.
    a) Was issued by a trusted party (usually a trusted root CA)
    b) That the certificate is still up-to-date (yes, the certificates have an expiration date)
    c) Is the certificate issued to the site you are contacted.

3.The browser then uses the public key, to encrypt a random symmetric encryption key and sends it to
the server. It then sends the encrypted URL required and other encrypted http data (here could be your credit card number)

4.The web server decrypts the symmetric encryption key using its private key, uses the symmetric key
to decrypt the URL and http data.

5.The web server sends back the requested html document and http data encrypted with the symmetric
key.

6.The browser decrypt the http data and html document using the symmetric key and displays the information

               The encryption using this method (private key/public key pair) ensures that the data encrypted by one key can only be decrypted by the other key. The important portion in a key pair is to keep one key secret (the private key) and to distribute the other key (the public key) to everybody. This ensures that anybody can send you an encrypted message and that you, and only you, will be able to decrypt. After all you are the only one to have the other key pair. In the opposite , you can certify that a message is only coming from you, because you have encrypted it with you private key, and only the associated public key will decrypt it correctly. In this case the message is not secure you have just signed it. Remember that everybody has the public key.

   The lock showing in the browser and the “https:” before the URL let you know this page will be transmitted securely. The below image shows the "https" before the url and the "padlock" symbol in the status bar.






Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)