SSL ( Secure socket Layer )

This protocol is used for secure communication between the web browser & web server.

SSL protocol is located between the application layer & transport layer of the TCP/IP protocol suite i.e the application layer does not forward the data directly to the transport layer but it forwards to the SSL layer & the SSL layer performs encryption.

There are three protocols which are used by SSL :

1. Handshake Protocol
2. Record Protocol

3. Alert Protocol

   1. Handshake Protocol

• This is the 1st protocol which is used between the client & the server for communications.

• The handshake protocol messages are shown below :

• Type indicated the type of message exchanged between the client & server

• Length indicates the length of the message

• Content indicates the actual message or the parameters

• The handshake protocol consists of four phases :

  i. Establish security capabilities

  ii. Server authentication 7 key exchange

  iii. Client authentication & key exchange

  iv. Finish

  Step 1: Establishing security capabilities

  

  This phase is limited by the client by sending a client Hello Message

  Step 2 : Server authentication & Key exchange

  

  In this phase the server initiated the communication :

  1. There server first sends its own digital certificates to the client
  2. If the server does not send its own digital certificates to the client in step 1
  3. The server requires for client’s digital certificate, however this request id optional.
  4. There server Hello done message indicated the client that the server portion of Hello message is complete After sending all these messages, the server waits for the client’s response.

  Step 3 : Client authenticated & key exchange

  

  This phase is initiated by the client,

  1. The client sends its own certificate to the server, if & only if the server has requested it.

  2. The client generated a symmetric key which both the parties will use during the session, It is called as master key secret & the client encrypts it with the server’s public key & then it sends to the server.

     1. This step is for client authentication for this client continues the master key secret with the random no which was agreed by the client & server earlier to generate a has & the client signs it with its own private key.

  Step 4: Finish

  

  • This phase is initiated by the client.

    • The client sends a finish message to the server & the server replies finish message to the client.