Skip to main content

SSL Protocol

    This is a simple informational posting. Since I am reading Java security, I thought I'd share some information about SSL with readers of this blog.

    SSL or Secure Sockets Layer is a layer above regular TCP/IP sockets which is used to encrypt and decrypt all data exchanged between the sockets. SSL is used for several reasons;
    - To ensure that the client and server know exactly who they are talking with.
    - To ensure the integrity of data that is exchanged.
    - To ensure that an eavesdropper cannot access the data while it is transmitted.

    Before the data exchange can actually begin, the client and server must establish an SSL connection using the following steps.
    1. The client send the server it's SSL version number, and cipher settings.
    2. The server send the client it's SSL version number, cipher settings, and it's public key certificate.
    3. The client authenticates the server using the certificate. After successful authentication the client generates a premaster secret, encrypts it with the servers public key and send it to the server.
    4. The server decrypts the premaster secret and generates a master secret.
    5. Both client and server generate session keys from the master secret. These will be used henceforth to encrypt and decrypt data that is exchanged.
    6. The client sends a message to the server saying that all future data will be encrypted with the session key, and also indicates that the client portion of the handshake is complete.
    7. The server sends a message to the client saying that all future data will be encrypted with the session key and also indicates that it's portion of the handshake is complete.
    8. The actual data exchange can now begin.

    In the above steps I have assumed that the server does not need to authenticate the client. If it does, then the client will also have to give it's certificate to the server using which the server will authenticate the client.

    Hope this posting was useful to either refresh your memory on SSL or to get a fundamental understanding if you did not already know what SSL was.

Comments

Post a Comment

Popular posts from this blog

Testing Groovy domain classes

If you are trying to test Grails domain class constraints by putting your unit test cases in the 'test/unit' directory, then your tests will fail because the domain objects will not have the 'valdate' method. This can be resolved in two ways: Place the test cases inside test/integration (which will slow things down) Use the method 'mockForConstraintsTests(Trail)' to create mock method in your domain class and continue writing your test cases in 'test/unit' What follows is some example code around this finding. I am working on a Groovy on Grails project for a website to help programmers keep up and refresh their skills. I started with some domain classes and then moved on to write some unit tests. When we create a Grails project using grails create-app , it creates several directories, one of which is a directory called 'test' for holding unit tests. This directory contains two directories, 'unit', and 'integration' for unit and ...
11 comments
Read more

Running your own one person company

Recently there was a post on PuneTech on mom's re-entering the IT work force after a break. Two of the biggest concerns mentioned were : Coping with vast advances (changes) in the IT landscape Balancing work and family responsibilities Since I have been running a one person company for a good amount of time, I suggested that as an option. In this post I will discuss various aspects of running a one person company. Advantages: You have full control of your time. You can choose to spend as much or as little time as you would like. There is also a good chance that you will be able to decide when you want to spend that time. You get to work on something that you enjoy doing. Tremendous work satisfaction. You have the option of working from home. Disadvantages: It can take a little while for the work to get set, so you may not be able to see revenues for some time. It takes a huge amount of discipline to work without a boss, and without deadlines. You will not get the benefits (insuranc...
10 comments
Read more

My first impressions of Python for the second time

I had worked a bit in Python many years back. Since then I have forgotten almost everything I learned back then. I think the phrase "Out of sight out of mind" applies perfectly to my mind. Since the last few days, I have started relearning Python, and this time I am recording my impressions of Python after having come to it from a Java background. Indentation: Python uses indentation to specify blocks of code, instead of curly braces. I like this, because we anyways indent code to increase readability, so why not achieve two tasks together. Code looks much cleaner without the curly braces. However there may be a little downside. Everyone in the team will have to set up their IDE's in the same way. Things might fall apart if some people use tabs and others use spaces for indentation. Access modifiers: Python does not have public, private, and protected keywords. Everything is public. However, private members can be specified with a leading single underscore. If we use do...
6 comments
Read more