Skip to main content

SSL Protocol

    This is a simple informational posting. Since I am reading Java security, I thought I'd share some information about SSL with readers of this blog.

    SSL or Secure Sockets Layer is a layer above regular TCP/IP sockets which is used to encrypt and decrypt all data exchanged between the sockets. SSL is used for several reasons;
    - To ensure that the client and server know exactly who they are talking with.
    - To ensure the integrity of data that is exchanged.
    - To ensure that an eavesdropper cannot access the data while it is transmitted.

    Before the data exchange can actually begin, the client and server must establish an SSL connection using the following steps.
    1. The client send the server it's SSL version number, and cipher settings.
    2. The server send the client it's SSL version number, cipher settings, and it's public key certificate.
    3. The client authenticates the server using the certificate. After successful authentication the client generates a premaster secret, encrypts it with the servers public key and send it to the server.
    4. The server decrypts the premaster secret and generates a master secret.
    5. Both client and server generate session keys from the master secret. These will be used henceforth to encrypt and decrypt data that is exchanged.
    6. The client sends a message to the server saying that all future data will be encrypted with the session key, and also indicates that the client portion of the handshake is complete.
    7. The server sends a message to the client saying that all future data will be encrypted with the session key and also indicates that it's portion of the handshake is complete.
    8. The actual data exchange can now begin.

    In the above steps I have assumed that the server does not need to authenticate the client. If it does, then the client will also have to give it's certificate to the server using which the server will authenticate the client.

    Hope this posting was useful to either refresh your memory on SSL or to get a fundamental understanding if you did not already know what SSL was.


Popular posts from this blog

My HSQLDB schema inspection story

This is a simple story of my need to inspect the schema of an HSQLDB database for a participar FOREIGN KEY, and the interesting things I had to do to actually inspect it. I am using an HSQLDB 1.8 database in one of my web applications. The application has been developed using the Play framework , which by default uses JPA and Hibernate . A few days back, I wanted to inspect the schema which Hibernate had created for one of my model objects. I started the HSQLDB database on my local machine, and then started the database manager with the following command java -cp ./hsqldb- org.hsqldb.util.DatabaseManagerSwing When I tried the view the schema of my table, it showed me the columns and column types on that table, but it did not show me columns were FOREIGN KEYs. Image 1: Table schema as shown by HSQLDB's database manager I decided to search on StackOverflow and find out how I could view the full schema of the table in question. I got a few hints, and they all pointed to

Fuctional Programming Principles in Scala - Getting Started

Sometime back I registered for the Functional Programming Principles in Scala , on Coursera. I have been meaning to learn Scala from a while, but have been putting it on the back burner because of other commitments. But  when I saw this course being offered by Martin Odersky, on Coursera , I just had to enroll in it. This course is a 7 week course. I will blog my learning experience and notes here for the next seven weeks (well actually six, since the course started on Sept 18th). The first step was to install the required tools: JDK - Since this is my work machine, I already have a couple of JDK's installed SBT - SBT is the Scala Build Tool. Even though I have not looked into it in detail, it seems like a replacement for Maven. I am sure we will use it for several things, however upto now I only know about two uses for it - to submit assignments (which must be a feature added by the course team), and to start the Scala console. Installed sbt from here , and added the path

Five Reasons Why Your Product Needs an Awesome User Guide

Photo Credit: Peter Merholz ( Creative Commons 2.0 SA License ) A user guide is essentially a book-length document containing instructions for installing, using or troubleshooting a hardware or software product. A user guide can be very brief - for example, only 10 or 20 pages or it can be a full-length book of 200 pages or more. -- As engineers, we give a lot of importance to product design, architecture, code quality, and UX. However, when it comes to the user manual, we often only manage to pay lip service. This is not good. A usable manual is as important as usable software because it is the first line of help for the user and the first line of customer service for the organization. Any organization that prides itself on great customer service must have an awesome user manual for the product. In the spirit of listicles - here are at least five reasons why you should have an awesome user manual! Enhance User Satisfaction In my fourteen years as a