Skip to main content

SSL Protocol

    This is a simple informational posting. Since I am reading Java security, I thought I'd share some information about SSL with readers of this blog.

    SSL or Secure Sockets Layer is a layer above regular TCP/IP sockets which is used to encrypt and decrypt all data exchanged between the sockets. SSL is used for several reasons;
    - To ensure that the client and server know exactly who they are talking with.
    - To ensure the integrity of data that is exchanged.
    - To ensure that an eavesdropper cannot access the data while it is transmitted.

    Before the data exchange can actually begin, the client and server must establish an SSL connection using the following steps.
    1. The client send the server it's SSL version number, and cipher settings.
    2. The server send the client it's SSL version number, cipher settings, and it's public key certificate.
    3. The client authenticates the server using the certificate. After successful authentication the client generates a premaster secret, encrypts it with the servers public key and send it to the server.
    4. The server decrypts the premaster secret and generates a master secret.
    5. Both client and server generate session keys from the master secret. These will be used henceforth to encrypt and decrypt data that is exchanged.
    6. The client sends a message to the server saying that all future data will be encrypted with the session key, and also indicates that the client portion of the handshake is complete.
    7. The server sends a message to the client saying that all future data will be encrypted with the session key and also indicates that it's portion of the handshake is complete.
    8. The actual data exchange can now begin.

    In the above steps I have assumed that the server does not need to authenticate the client. If it does, then the client will also have to give it's certificate to the server using which the server will authenticate the client.

    Hope this posting was useful to either refresh your memory on SSL or to get a fundamental understanding if you did not already know what SSL was.

Comments

Post a Comment

Popular posts from this blog

Commenting your code

Comments are an integral part of any program, even though they do not contribute to the logic. Appropriate comments add to the maintainability of a software. I have heard developers complain about not remembering the logic of some code they wrote a few months back. Can you imagine how difficult it can be to understand programs written by others, when we sometimes find it hard to understand our own code. It is a nightmare to maintain programs that are not appropriately commented. Java classes should contain comments at various levels. There are two types of comments; implementation comments and documentation comments. Implementation comments usually explain design desicisions, or a particularly intricate peice of code. If you find the need to make a lot of implementation comments, then it may signal overly complex code. Documentation comments usually describe the API of a program, they are meant for developers who are going to use your classes. All classes, methods and variables ...
Post a Comment
Read more

Inheritance vs. composition depending on how much is same and how much differs

I am reading the excellent Django book right now. In the 4th chapter on Django templates , there is an example of includes and inheritance in Django templates. Without going into details about Django templates, the include is very similar to composition where we can include the text of another template for evaluation. Inheritance in Django templates works in a way similar to object inheritance. Django templates can specify certain blocks which can be redefined in subtemplates. The subtemplates use the rest of the parent template as is. Now we have all learned that inheritance is used when we have a is-a relationship between classes, and composition is used when we have a contains-a relationship. This is absolutely right, but while reading about Django templates, I just realized another pattern in these relationships. This is really simple and perhaps many of you may have already have had this insight... We use inheritance when we want to allow reuse of the bulk of one object in other ...
3 comments
Read more

Planning a User Guide - Part 3/5 - Co-ordinate the Team

Photo by  Helloquence  on  Unsplash This is the third post in a series of five posts on how to plan a user guide. In the first post , I wrote about how to conduct an audience analysis and the second post discussed how to define the overall scope of the manual. Once the overall scope of the user guide is defined, the next step is to coordinate the team that will work on creating the manual. A typical team will consist of the following roles. Many of these roles will be fulfilled by freelancers since they are one-off or intermittent work engagements. At the end of the article, I have provided a list of websites where you can find good freelancers. Creative Artist You'll need to work with a creative artist to design the cover page and any other images for the user guide. Most small to mid-sized companies don't have a dedicated creative artist on their rolls. But that's not a problem. There are several freelancing websites where you can work with great creative ...
Post a Comment
Read more