Define secure socket layer (ssl), Computer Network Security

Assignment Help:

Secure Socket Layer (SSL) accepts a combination of asymmetric and symmetric (public-key) encryption to accomplish integrity, confidentiality, authentication and non-repudiation for Internet interaction. In a nutshell SSL uses public key encryption to confidentially transmit a session key which can be needed to conduct symmetric encryption. SSL allows the public key technology to negotiate a shared session key between the server and the client. The public key is stored in an X.509 certificate that generally has a digital signature from a trusted 3rd party.

  • Client requests a document from a secure https server https://www.myapp.com.au.
  • The server gives its X.509 certificate to the client with its public key stored in the certificate.
  • The client validate whether the certificate has been issued by a CA it trusts.
  • The client checks the information in the certificate with the site's public key and domain name.
  • Client gives the server what cipher suites it has available.
  • The server obtains the strongest mutually available ciphers suite and notifies the client.
  • The client creates a session key (symmetric key or private key) and encrypts it using the server's public key and sends it to the server.
  • The server accepts the encrypted session key and decrypts it using its private key.
  • The server and client use the session key to decrypt and encrypt the data they send to each other.

 


Related Discussions:- Define secure socket layer (ssl)

Distinguish between passive and active attacks, Problem (a) Distinguis...

Problem (a) Distinguish between passive and active attacks. (b) Give two reasons why it is important to organise security awareness programs for users. (c) Describe how

Gateways, Gateways They transfer packets among network machines that h...

Gateways They transfer packets among network machines that have different protocols (e.g. between a WAN and a LAN). They access a packet formatted for one protocol and change

Classification of networks, Computer networks are defined by four factors w...

Computer networks are defined by four factors which are as given below: 1) NETWORK SIZE: According to the size of networks. 1) Local Area Network ( LAN) 2) Wide Area Ne

Hybrid cryptography systems-cryptography, Hybrid Cryptography Systems Th...

Hybrid Cryptography Systems This makes use of different cryptography systems. Except digital certificates, pure asymmetric key encryption is not used extensively. Asymmetric enc

Need for security-information security, NEED FOR SECURITY Primary missio...

NEED FOR SECURITY Primary mission of information security to ensure that the systems and contents stay the same If no threats, could focus on improving the systems, resulting in

Briefly list functions of a public key infrastructure, Question: (a) Wh...

Question: (a) What is the major problem with public key encryption when compared to symmetric key encryption? (b) Consider the following protocol for communication between t

How does tcp perform the functions, Problem: (a) Assume that a new ap...

Problem: (a) Assume that a new application layer protocol is developed for video conferencing application. Which transport layer protocol, between TCP and UDP, will you u

Project, project on ensuring data securities on cloud computing

project on ensuring data securities on cloud computing

Threat identification-risk management, Threat Identification After ident...

Threat Identification After identifying and performing a primary classification of an organization’s information assets, the analysis phase moves onto an examination of threats

Write Your Message!

Captcha
Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd