Secure Socket Layer - SSL Certificates

Domain Hosting image
Web Hosting
Dedicated server
ssl certificate
Web Design image
Email

256-bit encryption ssl certificate just for $19.95/yr - Click Here

The SSL provides end to end secure data transmission between the web server and the web client. It is sandwiched between the TCP/IP and the application layer. Unlike TCP/IP that offers only reliable packet transfer, SSL ensures secure packet transfer. The SSL layer is preceded by the TCP/IP and the data link layer. This means that, applications that use the SSL will automatically avail the services of the TCP/IP and the data link layer. Since the SSL resides above the TCP/IP layer, it can ensure secure communication between numerous application level protocols on the Internet. SSL secures only web sessions and not e mail or file transfer sessions. This is one of the reasons why confidential information like credit card numbers is not exchanged via email. In case of SSL, though the packet can be viewed while in transit, the viewer cannot decipher the contents since it is encrypted. The SSL ensures secure data transfer but is not responsible for security of data residing in the web client or server.

The SSL performs two functions it authenticates the web sites and ensures secure data transmission between the web server and the client. It achieves this either by using symmetric encryption or asymmetric encryption. In symmetric encryption, a key called the private key is used both for encrypting and decrypting data. The key used for encrypting is called the public key and the one used to decrypt is called the private key. For symmetric encryption to work, the sender and receiver should share the secret key. This is possible only when the sender and receiver know each other. Another problem with symmetric encryption is that it cannot cater to a large number of participants.

In asymmetric encryption, two separate keys are used to encrypt and decrypt data. The public key is shared with the other person and the private key is known only to the person who decrypts the data. So, the private key will remain a secret while the public key will be known to both the parties. Asymmetric encryption authenticates the client/server by providing a secure private key to be shared between strangers and giving secure digital signatures. For example, when a customer wants to buy a book from an online book store, the customer will like the transaction to be secure and confidential. A secure connection is initiated by the client by sending a "hello client" message by the client's browser. It consists of a suite of secure protocols that the browser supports and the browser generates a random challenge string. This random challenge string is used at the closing of the initialization and check whether a secure connection is established. The set of protocols contains the key exchange algorithm that is used for agreeing to a private session key, private key encryption protocol that is used to ensure the confidentiality of the transaction and hashing algorithms for maintaining data integrity.

Prior to establishing a secure connection, the SSL authenticates the server. The server will respond with a "server hello" message to the client hello message that it received earlier. This is an indication that the server supports the protocol requested by the client and generates a random connection identifier. This random connection identifier will be used to find out if a secure connection has been established or not.

It is essential that the merchant's digital certificate is endorsed by a CA whom the client trusts. Subsequently, the client compares the digital signature on the server's certificate with the public key of the CA which is stored in the browser of the CA. The endorsed merchants' certificates are signed using the CAs private key. The endorsement is verified by the browser which compares the digital signatures with the CA's public key.

After the completion of the authentication process, the browser generates a secret key that will be shared by the client and the server. This secret key shall be used for generating key for symmetric encryption and data integrity. From here on, there is no need for asymmetric encryption. RC2, RC4 and other symmetric encryption algorithms are sufficient for the messages sent. Two sets of symmetric key pairs are generated by the client and the server for securing incoming and outgoing messages.



Domain Name Search

www.


Domain Name Registration

Home
FAQ
My Account
Domain Names
Importance of a domain name
How does a web domain name work?
Domain name syntax
Choosing a domain name
Domain Transfer
Domain Parking
IP Address
Marketing Tools
TCP
UDP
UDP Vs TCP
SSL Certificates
DNS
DNS Server
How DNS server works?

Web Hosting

 Web Server
Web Server Software
Microsoft Internet Information Server
Web hosting ISP
Apache Web Server
Shared web hosting
Virtual web hosting
Cheap Web Design
Dedicated web hosting
Web hosting colocation
Managed web hosting

Web Design

 HTML
DHTML
XML
JAVASCRIPT
VBSCRIPT
PHOTOSHOP
FRONTPAGE
CGI
PERL
ASP
SERVLET
JSP
SQL

E Commerce

 Principles of E-Commerce
E-Banking
Electronic Payment System
E-Security
Credit Cards
Smart Cards

Email

 The Mailbox
POP Server
SMTP Server
IMAP Protocol
Home | Web Hosting | Web Design | Sitemap
Copyright (C) 2007. Web Domain design hosting. All rights reserved.