How SSL works?
Download as PPTX, PDF0 likes106 views
The document discusses session layer purpose in OSI model and Secure Socket Layer (SSL). SSL primarily does encryption and identification to securely establish a session between two systems for encrypted communication. It involves the systems agreeing on an encryption method using keys, ciphers, hashes and versions. The server then sends its SSL certificate including public key to the client, which uses this to create a session key and send it back encrypted by the server's public key. The server decrypts this with its private key and acknowledges, and all further communication is encrypted with the session key.
How SSL works?
- 2. Session Layer Purpose Layer 5 of OSI M ● layer 5 of OSI ● Manages Session ● Handles things like authentication and authorization ● Recovering a session in case it is abruptly terminated ● In case of TCP/IP it is in Application layer
- 3. SSL ● Secure Socket Layer ● Primarily doing encryption ● Identification ● OpenSSL> s_client -connect www.google.com:443
- 4. SSL
- 5. ● Want to hide ● What? ● Two systems agree on how to encrypt (Key, Cipher, Hash, Version, Random No) example- RSA, AES, MD5 etc) ○ Key is piece of information ○ Cipher is an algorithm or defined steps ● Post agreement identification is established Encryption
- 6. SSL ● Server sends a copy of its SSL Certificate, including the server’s public key ○ Note- Public and Private Key Pair of server ● Client uses this public key of the server to create a session key and sends that back to server ○ Session key of client ● Server decrypts this using it’s own private key and then sends an acknowledgement (this is encrypted with session key) ● Henceforth all communication is encrypted using session key