Secure Sockets Layer (SSL)

Secure Sockets Layer (SSL)

Secure Sockets Layer (SSL) is a computer networking procedure for safeguarding connections between network application clients and servers over a vulnerable network, like the internet.  Because of several procedures and execution defects and weaknesses, SSL was disapproved for use on the internet by the Internet Engineering Task Force (IETF) in 2015 and has since been replaced by the Transport Layer Security (TLS) protocol.  TLS and SSL can not operate together directly, but TLS is backwards-compatible with SSL 3.0.

SSL was originally described in the 1990s as a proprietary protocol that allowed Netscape browser clients using the Hypertext Transfer Protocol (HTTP) to connect safely with Netscape web servers.  SSL eventually evolved to become a secure authentication and encryption procedure for communication at the network transport layer.

SSL utilises a blend of public key and symmetric key encryption to safeguard a connection between two machines, like a web or mail server and a client system, which are linked together by the internet, or by another similar TCP/IP network.  SSL offers a mechanism for encrypting and authenticating data transmitted between processes that have been executed on both a client and server.

SSL runs above the transport layer and the network layer, which are responsible for the sending of data between processes and the routing of network traffic over a network between client and server, respectively. It also runs below application layer protocols, such as HTTP, and Simple Mail Transfer Protocol (SMTP).  The ‘sockets’ part of the term refers to the sockets method of sending data between a client and a server program: either in a network or between processes in the same computer.

The TLS protocol evolved from SSL and has officially superseded it, although the terms SSL or SSL/TLS are still commonly used to denote any procedure utilised to safeguard web/internet traffic.  SSL/TLS is the most widely installed security protocol used today. According to Google, it is being utilised to keep more than 50% of the pages loaded by the Chrome browser safe.  In addition to supporting the transmission of web pages, SSL has been applied to applications like email, file transfer, instant messaging, and voice over IP (VOIP).

How SSL Works

The handshake protocol describes how a client and server launch an SSL connection, including the process of determining which cryptographic systems each host is willing to use for communication, as well as the exchange of cryptographic material, like public and session keys, which are used for encryption and authentication of the data in question.

The record protocol describes how communicating hosts exchange data using SSL, including conditions for how data is to be arranged for transmission, and how it is to be confirmed or decrypted upon delivery.

At the start of the handshake process, a server presents its digital certificate in order to validate itself to the client. Server certificates use the X.509 certificate setup, as defined by the Public Key Cryptography Standards.  The validation process uses public-key encryption to validate the digital certificate and to confirm that a server is indeed the server it claims to be.

Once the server has been validated, the client and server create cipher settings and a shared key to encrypt the information they swap during the rest of the session. This provides both data confidentiality and integrity, neither of which is visible to the user. For example, if a webpage needs an SSL connection, the URL will change from HTTP to HTTPS, and a padlock icon will be displayed in the browser once the server has been validated.

The handshake also lets the client authenticate itself to the server.  Once the server authentication has been completed, the next step is for the client to show its certificate to the server in order to validate the client’s identity before establishing an encrypted SSL session.

Further Readings:

• Transport Layer Security