How does the SSL protocol work?

by | Feb 27, 2017 | CCNA, CCNP, CompTIA, Encryption, Malware Prevention, Online Banking Security

If we want to transfer sensitive data over the unsecured Internet, we need to encrypt it. Many of us might have heard the terms SSL and TLS. What is SSL, actually? How does it work? Let’s understand that in detail.

What is SSL?

SSL or Secure Sockets Layer is a standard security technology for establishing a secure connection between a server and a client, for example, a web server and a browser or a mail server and a mail client (e.g., Outlook). Sometimes, a user shares sensitive information like credit card numbers, social security numbers, etc, over the Internet. Usually, data between a web server and a client is transferred in raw format if we do not encrypt it. Attackers can exploit that to intercept the connection or steal sensitive data. To prevent that, we use SSL so that the data is transmitted between the server and the clients in an encrypted format.

How does SSL work?

Usually, all browsers have the capability of connecting with a secured web server using the SSL protocol. The web server and the client need an SSL certificate to establish a secure connection.

SSL certificate contains a public key, which is used to establish a secure connection between a server and a client. The corresponding private key is kept secret. One has to get an SSL certificate for a server from the CA or Certificate Authority and then install it on the server.

After installing that, when a browser wants to communicate with the web server, it establishes a secure connection using a process called SSL Handshake.

Mainly, three keys are used at this time: a public and private key pair and a session key. Usually, it takes lots of processing power to encrypt and decrypt all the data transmitted between the server and the client using public-key encryption and it does not maintain Perfect Forward Secrecy also (What is Perfect Forward Secrecy?). So, a symmetric session key is used to encrypt the actual sensitive data.

So, to summarize, here is how a secure connection gets established between a server and a client using SSL:

  • The web browser requests the web server for a copy of the SSL certificate containing the public key of the web server.
  • The server sends a copy of its SSL certificate to the client. This SSL Certificate contains the server’s public key.
  • The client then verifies the authenticity of the certificate with a list of trusted CAs.
  • After the authenticity of the SSL certificate is verified, the client and the server negotiate a symmetric key using some secure key exchange algorithm, like the Diffie-Hellman Key Exchange algorithm (What is the Diffie-Hellman Key Exchange algorithm and how does it work?).
  • The secured communication starts. All data transferred between the server and the client are now encrypted with the symmetric session key.

So, this is how SSL works. You can get more information on SSL and TLS here :

 

Facebooktwitterredditpinterestlinkedinmail

Calculate the pseudoinverse of a matrix using Python

What is the pseudoinverse of a matrix? We know that if A is a square matrix with full rank, then A-1 is said to be the inverse of A if the following condition holds: $latex AA^{-1}=A^{-1}A=I $ The pseudoinverse or the Moore-Penrose inverse of a matrix is a...

Cholesky decomposition using Python

What is Cholesky decomposition? A square matrix A is said to have Cholesky decomposition if it can be written as a product of a lower triangular matrix and its conjugate transpose. $latex A=LL^{*} $ If all the entries of A are real numbers, then the conjugate...

Tensor Hadamard Product using Python

In one of our previous articles, we already discussed what the Hadamard product in linear algebra is. We discussed that if A and B are two matrices of size mxn, then the Hadamard product of A and B is another mxn matrix C such that: $latex H_{i,j}=A_{i,j} \times...

Perform tensor addition and subtraction using Python

We can use numpy nd-array to create a tensor in Python. We can use the following Python code to perform tensor addition and subtraction. import numpy A = numpy.random.randint(low=1, high=10, size=(3, 3, 3)) B = numpy.random.randint(low=1, high=10, size=(3, 3, 3)) C =...

How to create a tensor using Python?

What is a tensor? A tensor is a generalization of vectors and matrices. It is easily understood as a multidimensional array. For example, in machine learning, we can organize data in an m-way array and refer it as a data tensor. Data related to images, sounds, movies,...

How to combine NumPy arrays using horizontal stack?

We can use the hstack() function from the numpy module to combine two or more NumPy arrays horizontally. For example, we can use the following Python code to combine three NumPy arrays horizontally. import numpy A = numpy.array([[1, 2, 3], [4, 5, 6], [7, 8, 9]]) B =...

How to combine NumPy arrays using vertical stack?

Let’s say we have two or more NumPy arrays. We can combine these NumPy arrays vertically using the vstack() function from the numpy module. For example, we can use the following Python code to combine three NumPy arrays vertically. import numpy A = numpy.array([[1, 2,...

Singular Value Decomposition (SVD) using Python

What is Singular Value Decomposition (SVD)? Let A be an mxn rectangular matrix. Using Singular Value Decomposition (SVD), we can decompose the matrix A in the following way: $latex A_{m \times n}=U_{m \times m}S_{m \times n}V_{n \times n}^T $ Here, U is an mxm matrix....

Eigen decomposition of a square matrix using Python

Let A be a square matrix. Let’s say A has k eigenvalues λ1, λ2, ... λk. And the corresponding eigenvectors are X1, X2, ... Xk. $latex X_1=\begin{bmatrix} x_{11} \\ x_{21} \\ x_{31} \\ ... \\ x_{k1} \end{bmatrix} \\ X_2=\begin{bmatrix} x_{12} \\ x_{22} \\ x_{32} \\ ......

How to calculate eigenvalues and eigenvectors using Python?

In our previous article, we discussed what eigen values and eigenvectors of a square matrix are and how we can calculate the eigenvalues and eigenvectors of a square matrix mathematically. We discussed that if A is a square matrix, then $latex (A- \lambda I) \vec{u}=0...

Amrita Mitra

Author

Ms. Amrita Mitra is an author, who has authored the books “Cryptography And Public Key Infrastructure“, “Web Application Vulnerabilities And Prevention“, “A Guide To Cyber Security” and “Phishing: Detection, Analysis And Prevention“. She is also the founder of Asigosec Technologies, the company that owns The Security Buddy.

0 Comments

Submit a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Not a premium member yet?

Please follow the link below to buy The Security Buddy Premium Membership.

Featured Posts

Translate »