SlideShare a Scribd company logo

Ssl https

Download as PPT, PDF
A
Andrada Boldis

SSL (Secure Sockets Layer) and its successor TLS (Transport Layer Security) are cryptographic protocols that secure internet connections between clients and servers. SSL was originally developed by Netscape in the 1990s to provide HTTPS secure connections for web browsing. It uses public/private key encryption and digital certificates to authenticate servers and establish encrypted connections to securely transmit data over TCP/IP networks like the internet. TLS improved upon SSL by addressing security vulnerabilities and supporting newer encryption algorithms. HTTP (Hypertext Transfer Protocol) is the underlying protocol used to request and transmit web pages and other files over the internet. Combining HTTP with SSL/TLS results in HTTPS, the secure version of HTTP used for encrypted web browsing and transactions.

Internet
1 of 23
Downloaded 19 times
1
2
Most read
3
4
Most read
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
Most read
23
Ssl https
Presentation plan  What is HTTP?
Presentation plan  What is SSL?
What is SSL?  Secure Sockets Layer (SSL) is a computer networking protocol for securing connections between network application clients and servers over an insecure network, such as the internet, due to numerous protocol and implementation flaws and vulnerabilities  SSL was originally specified in the 1990s as a proprietary protocol that allowed Netscape browser clients using the Hypertext Transfer Protocol (HTTP) to communicate securely with Netscape web servers. SSL eventually came to be used to secure authentication and encryption for communication at the network transport layer. Netscape Communications was a computer services company best known for its Web browser, Navigator. Navigator was one of the two most popular Web browsers in the 1990s.
Presentation plan  What is SSL?  How does SSL work?
How does SSL work?  SSL runs above the transport layer and the network layer, which are responsible for the transport of data between processes and the routing of network traffic over a network between client and server, respectively, and below application layer protocols such as HTTP and the SMTP (Simple Mail Transport Protocol).  The "sockets" part of the term refers to the sockets method of passing data between a client and a server program in a network, or between processes in the same computer.
How does SSL work? SSL uses a combination of public key and symmetric key encryption to secure a connection between two machines, typically a web or mail server and a client system, communicating over the internet or another TCP/IP network.
How does SSL work? The SSL protocol includes two subprotocols: the record protocol the "handshake" protocol.
The record protocol • The record protocol defines how communicating hosts exchange data using SSL, including specifications for how data is to be prepared for transmission and how it is to be verified or decrypted on receipt.
The handshake protocol •The handshake protocol defines how a client and server establish an SSL connection, including the negotiation of which cryptographic systems each host is willing (or unwilling) to use for communication, as well as the exchange of cryptographic material, such as public keys and session keys for encryption or authentication of transmitted data.
How does SSL work?  Once the server has been authenticated, the client and server establish cipher settings and a shared key to encrypt the information they exchange during the remainder of the session. This provides data confidentiality and integrity.
How does SSL work?  This whole process is invisible to the user. For example, if a webpage requires an SSL connection, the URL will change from HTTP to HTTPS, and a padlock icon will appear in the browser once the server has been authenticated.
How does SSL work? •The handshake also allows the client to authenticate itself to the server. In this case, after server authentication is complete, the client must present its certificate to the server to authenticate the client's identity before the encrypted SSL session can be established.
Presentation plan  What is HTTP?  What is SSL?  How does SSL work?  What is TSL?
What is TSL?  After the IETF officially took over the SSL protocol to standardize it through an open process, version 3.1 of SSL was released as TLS 1.0.
What is SSL?  SSL was deprecated for use on the internet by the Internet Engineering Task Force (IETF) in 2015 and has been replaced by the Transport Layer Security (TLS) protocol. While TLS and SSL are not interoperable, TLS is backwards-compatible with SSL 3.0.
What is TSL?  Many attacks against SSL have focused on SSL implementation issues, but the POODLE (Padding Oracle On Downgraded Legacy Encryption) vulnerability is a known flaw in the SSL 3.0 protocol itself, exploiting the way in which it ignores padding bytes when running in cipher block chaining mode.  This flaw allows an attacker to decrypt sensitive information, such as authentication cookies. TLS 1.0 is not vulnerable to this attack because it specifies that all padding bytes must have the same value and must be verified.
What is TSL?  Other key differences between SSL and TLS that make TLS a more secure and efficient protocol are:  message authentication,  key material generation,  cipher suites, TLS supporting newer and more secure algorithms.  TLS 1.2 is the most recent version, but publication of the next version is expected to be approved in 2017; the update is likely to be called either TLS 1.3 or TLS 2.0.
Presentation plan  What is SSL?  How does SSL work?  What is TSL?  What is HTTP?
What is HTTP?  HTTP (Hypertext Transfer Protocol) is the set of rules for transferring files (text, graphic images, sound, video, and other multimedia files) on the World Wide Web. As soon as a Web user opens their Web browser, the user is indirectly making use of HTTP. HTTP is an application protocol that runs on top of the TCP/IP suite of protocols (the foundation protocols for the Internet).  HTTP concepts include the idea that files can contain references to other files whose selection will elicit additional transfer requests. Any Web server machine contains, in addition to the Web page files it can serve, an HTTP daemon, a program that is designed to wait for HTTP requests and handle them when they arrive.
What is HTTP?  The Web browser is an HTTP client, sending requests to server machines. When the browser user enters file requests by either "opening" a Web file (typing in a Uniform Resource Locator or URL) or clicking on a hypertext link, the browser builds an HTTP request and sends it to the Internet Protocol address (IP address) indicated by the URL.  The HTTP daemon in the destination server machine receives the request and sends back the requested file or files associated with the request. (A Web page often consists of more than one file.)
What is HTTPS? HTTP + SSL/TSL = HTTPS (Hypertext Transfer Protocol Secure)
Thank you for your attention

More Related Content

PPTX
SSL TLS Protocol
Devang Badrakiya
 
PPT
Secure Socket Layer (SSL)
amanchaurasia
 
PPTX
kerberos
sameer farooq
 
PDF
SSL intro
Three Lee
 
PPT
Https
Bala Bhaskar Karakavalasa
 
PDF
Basics of ssl
n|u - The Open Security Community
 
PPTX
Secure Socket Layer
Pina Parmar
 
PPTX
Kerberos
Rahul Pundir
 
SSL TLS Protocol
Devang Badrakiya
 
Secure Socket Layer (SSL)
amanchaurasia
 
kerberos
sameer farooq
 
SSL intro
Three Lee
 
Https
Bala Bhaskar Karakavalasa
 
Basics of ssl
n|u - The Open Security Community
 
Secure Socket Layer
Pina Parmar
 
Kerberos
Rahul Pundir
 

What's hot (20)

PPT
Secure Socket Layer
Naveen Kumar
 
PDF
SSL/TLS Handshake
Arpit Agarwal
 
PPTX
Ssl in a nutshell
Frank Kelly
 
PDF
Kerberos
Sparkbit
 
PDF
SSH
Zach Dennis
 
PPTX
TLS - Transport Layer Security
ByronKimani
 
PPTX
SSL/TLS
Sirish Kumar
 
PDF
Email security presentation
SubhradeepMaji
 
PPTX
Transport Layer Security (TLS)
Arun Shukla
 
PPTX
Secure SHell
Çağrı Çakır
 
PPTX
Secure Socket Layer (SSL)
Samip jain
 
PPTX
secure socket layer
Amar Shah
 
PPSX
Secure socket layer
Nishant Pahad
 
PPTX
HTTPS
maroti164
 
PPTX
HTTP vs HTTPS Difference
Real Estate
 
PPT
Pretty good privacy
Pushkar Dutt
 
PPTX
SSL
Badrul Alam bulon
 
PPTX
Transport layer security (tls)
Kalpesh Kalekar
 
PPTX
TLS v1.3
Siddhartha Rao
 
PPTX
Kerberos explained
Dotan Patrich
 
Secure Socket Layer
Naveen Kumar
 
SSL/TLS Handshake
Arpit Agarwal
 
Ssl in a nutshell
Frank Kelly
 
Kerberos
Sparkbit
 
SSH
Zach Dennis
 
TLS - Transport Layer Security
ByronKimani
 
SSL/TLS
Sirish Kumar
 
Email security presentation
SubhradeepMaji
 
Transport Layer Security (TLS)
Arun Shukla
 
Secure SHell
Çağrı Çakır
 
Secure Socket Layer (SSL)
Samip jain
 
secure socket layer
Amar Shah
 
Secure socket layer
Nishant Pahad
 
HTTPS
maroti164
 
HTTP vs HTTPS Difference
Real Estate
 
Pretty good privacy
Pushkar Dutt
 
SSL
Badrul Alam bulon
 
Transport layer security (tls)
Kalpesh Kalekar
 
TLS v1.3
Siddhartha Rao
 
Kerberos explained
Dotan Patrich
 
Ad

Similar to Ssl https (20)

DOCX
Explain how SSL protocol is used to ensure the confidentiality and int.docx
todd401
 
PPTX
Http Vs Https .
simplyharshad
 
DOCX
Best Web Protocols Course in excellence technology
bhumika4694
 
PDF
BAIT1103 Chapter 4
limsh
 
PDF
Differences to Know Between SSL & TLS certificate .pdf
Host It Smart
 
PPTX
Ssl and tls
Rana assad ali
 
PPTX
Sequere socket Layer
Raghavendra Rao
 
PDF
Http vs https
Gulbir Chaudhary
 
PDF
Comparative Analysis of Open-SSL Vulnerabilities & Heartbleed Exploit Detection
CSCJournals
 
PPTX
Understanding-Web-Communication-HTTP-vs-HTTPS.pptx
devilkiller2311
 
PDF
Secure Sockets Layer(SSL)Certificate
CheapSSLUSA
 
DOCX
application layer
BishalWosti1
 
PPTX
Module2 PPrwgerbetytbteynyunyunythyhtyT.pptx
ThanushB1
 
PPTX
internet protocol
rajshreemuthiah
 
PDF
Geek Guide: Apache Web Servers and SSL Authentication
RapidSSLOnline.com
 
PPTX
Tcp and udp ports
sujanakumari1
 
DOCX
What is TLS/SSL?
Shehzad Imran
 
PPTX
HTTPS
R.K. University
 
PPTX
ION Sri Lanka - TLS for Network Operators
Deploy360 Programme (Internet Society)
 
PPTX
HTTP.pptx...............................
Halabja university - Kurdistan -Iraq
 
Explain how SSL protocol is used to ensure the confidentiality and int.docx
todd401
 
Http Vs Https .
simplyharshad
 
Best Web Protocols Course in excellence technology
bhumika4694
 
BAIT1103 Chapter 4
limsh
 
Differences to Know Between SSL & TLS certificate .pdf
Host It Smart
 
Ssl and tls
Rana assad ali
 
Sequere socket Layer
Raghavendra Rao
 
Http vs https
Gulbir Chaudhary
 
Comparative Analysis of Open-SSL Vulnerabilities & Heartbleed Exploit Detection
CSCJournals
 
Understanding-Web-Communication-HTTP-vs-HTTPS.pptx
devilkiller2311
 
Secure Sockets Layer(SSL)Certificate
CheapSSLUSA
 
application layer
BishalWosti1
 
Module2 PPrwgerbetytbteynyunyunythyhtyT.pptx
ThanushB1
 
internet protocol
rajshreemuthiah
 
Geek Guide: Apache Web Servers and SSL Authentication
RapidSSLOnline.com
 
Tcp and udp ports
sujanakumari1
 
What is TLS/SSL?
Shehzad Imran
 
HTTPS
R.K. University
 
ION Sri Lanka - TLS for Network Operators
Deploy360 Programme (Internet Society)
 
HTTP.pptx...............................
Halabja university - Kurdistan -Iraq
 
Ad

Recently uploaded (20)

PDF
Automated vs Manual WooCommerce to Shopify Migration_ Pros & Cons.pdf
CartCoders
 
PPTX
innovation process that make everything different.pptx
SoumyadipPaul18
 
PPTX
Power Point - Lesson 3_2.pptx grad school presentation
JoyPPD
 
PDF
Sims 4 Historia para lo sims 4 para jugar
lolpopy34
 
PDF
Slides PDF The World Game (s) Eco Economic Epochs.pdf
Steven McGee
 
PPT
isotopes_sddsadsaadasdasdasdasdsa1213.ppt
Kenneth James Alamillo
 
PDF
How to Ensure Data Integrity During Shopify Migration_ Best Practices for Sec...
CartCoders
 
PDF
Vigrab.top – Online Tool for Downloading and Converting Social Media Videos a...
Vigrab Top
 
PDF
Unit-1 introduction to cyber security discuss about how to secure a system
shivangisharma636228
 
PPT
Design_with_Watersergyerge45hrbgre4top (1).ppt
DiogoRibeiro730590
 
PDF
Tenda Login Guide: Access Your Router in 5 Easy Steps
tendawifi16
 
PDF
Cloud-Scale Log Monitoring _ Datadog.pdf
MuhammadDhomanhuriMa
 
PPTX
June-4-Sermon-Powerpoint.pptx USE THIS FOR YOUR MOTIVATION
KuyaRogie
 
PDF
RPKI Status Update, presented by Makito Lay at IDNOG 10
APNIC
 
PPTX
introduction about ICD -10 & ICD-11 ppt.pptx
naveenithkrishnan
 
PPTX
PptxGenJS_Demo_Chart_20250317130215833.pptx
itruongva
 
PPTX
Job_Card_System_Styled_lorem_ipsum_.pptx
Jeffkigen
 
PDF
Introduction to the IoT system, how the IoT system works
TinBinh
 
DOCX
Unit-3 cyber security network security of internet system
shivangisharma636228
 
PDF
APNIC Update, presented at PHNOG 2025 by Shane Hermoso
APNIC
 
Automated vs Manual WooCommerce to Shopify Migration_ Pros & Cons.pdf
CartCoders
 
innovation process that make everything different.pptx
SoumyadipPaul18
 
Power Point - Lesson 3_2.pptx grad school presentation
JoyPPD
 
Sims 4 Historia para lo sims 4 para jugar
lolpopy34
 
Slides PDF The World Game (s) Eco Economic Epochs.pdf
Steven McGee
 
isotopes_sddsadsaadasdasdasdasdsa1213.ppt
Kenneth James Alamillo
 
How to Ensure Data Integrity During Shopify Migration_ Best Practices for Sec...
CartCoders
 
Vigrab.top – Online Tool for Downloading and Converting Social Media Videos a...
Vigrab Top
 
Unit-1 introduction to cyber security discuss about how to secure a system
shivangisharma636228
 
Design_with_Watersergyerge45hrbgre4top (1).ppt
DiogoRibeiro730590
 
Tenda Login Guide: Access Your Router in 5 Easy Steps
tendawifi16
 
Cloud-Scale Log Monitoring _ Datadog.pdf
MuhammadDhomanhuriMa
 
June-4-Sermon-Powerpoint.pptx USE THIS FOR YOUR MOTIVATION
KuyaRogie
 
RPKI Status Update, presented by Makito Lay at IDNOG 10
APNIC
 
introduction about ICD -10 & ICD-11 ppt.pptx
naveenithkrishnan
 
PptxGenJS_Demo_Chart_20250317130215833.pptx
itruongva
 
Job_Card_System_Styled_lorem_ipsum_.pptx
Jeffkigen
 
Introduction to the IoT system, how the IoT system works
TinBinh
 
Unit-3 cyber security network security of internet system
shivangisharma636228
 
APNIC Update, presented at PHNOG 2025 by Shane Hermoso
APNIC
 

Ssl https

  • 4. What is SSL?  Secure Sockets Layer (SSL) is a computer networking protocol for securing connections between network application clients and servers over an insecure network, such as the internet, due to numerous protocol and implementation flaws and vulnerabilities  SSL was originally specified in the 1990s as a proprietary protocol that allowed Netscape browser clients using the Hypertext Transfer Protocol (HTTP) to communicate securely with Netscape web servers. SSL eventually came to be used to secure authentication and encryption for communication at the network transport layer. Netscape Communications was a computer services company best known for its Web browser, Navigator. Navigator was one of the two most popular Web browsers in the 1990s.
  • 5. Presentation plan  What is SSL?  How does SSL work?
  • 6. How does SSL work?  SSL runs above the transport layer and the network layer, which are responsible for the transport of data between processes and the routing of network traffic over a network between client and server, respectively, and below application layer protocols such as HTTP and the SMTP (Simple Mail Transport Protocol).  The "sockets" part of the term refers to the sockets method of passing data between a client and a server program in a network, or between processes in the same computer.
  • 7. How does SSL work? SSL uses a combination of public key and symmetric key encryption to secure a connection between two machines, typically a web or mail server and a client system, communicating over the internet or another TCP/IP network.
  • 8. How does SSL work? The SSL protocol includes two subprotocols: the record protocol the "handshake" protocol.
  • 9. The record protocol • The record protocol defines how communicating hosts exchange data using SSL, including specifications for how data is to be prepared for transmission and how it is to be verified or decrypted on receipt.
  • 10. The handshake protocol •The handshake protocol defines how a client and server establish an SSL connection, including the negotiation of which cryptographic systems each host is willing (or unwilling) to use for communication, as well as the exchange of cryptographic material, such as public keys and session keys for encryption or authentication of transmitted data.
  • 11. How does SSL work?  Once the server has been authenticated, the client and server establish cipher settings and a shared key to encrypt the information they exchange during the remainder of the session. This provides data confidentiality and integrity.
  • 12. How does SSL work?  This whole process is invisible to the user. For example, if a webpage requires an SSL connection, the URL will change from HTTP to HTTPS, and a padlock icon will appear in the browser once the server has been authenticated.
  • 13. How does SSL work? •The handshake also allows the client to authenticate itself to the server. In this case, after server authentication is complete, the client must present its certificate to the server to authenticate the client's identity before the encrypted SSL session can be established.
  • 14. Presentation plan  What is HTTP?  What is SSL?  How does SSL work?  What is TSL?
  • 15. What is TSL?  After the IETF officially took over the SSL protocol to standardize it through an open process, version 3.1 of SSL was released as TLS 1.0.
  • 16. What is SSL?  SSL was deprecated for use on the internet by the Internet Engineering Task Force (IETF) in 2015 and has been replaced by the Transport Layer Security (TLS) protocol. While TLS and SSL are not interoperable, TLS is backwards-compatible with SSL 3.0.
  • 17. What is TSL?  Many attacks against SSL have focused on SSL implementation issues, but the POODLE (Padding Oracle On Downgraded Legacy Encryption) vulnerability is a known flaw in the SSL 3.0 protocol itself, exploiting the way in which it ignores padding bytes when running in cipher block chaining mode.  This flaw allows an attacker to decrypt sensitive information, such as authentication cookies. TLS 1.0 is not vulnerable to this attack because it specifies that all padding bytes must have the same value and must be verified.
  • 18. What is TSL?  Other key differences between SSL and TLS that make TLS a more secure and efficient protocol are:  message authentication,  key material generation,  cipher suites, TLS supporting newer and more secure algorithms.  TLS 1.2 is the most recent version, but publication of the next version is expected to be approved in 2017; the update is likely to be called either TLS 1.3 or TLS 2.0.
  • 19. Presentation plan  What is SSL?  How does SSL work?  What is TSL?  What is HTTP?
  • 20. What is HTTP?  HTTP (Hypertext Transfer Protocol) is the set of rules for transferring files (text, graphic images, sound, video, and other multimedia files) on the World Wide Web. As soon as a Web user opens their Web browser, the user is indirectly making use of HTTP. HTTP is an application protocol that runs on top of the TCP/IP suite of protocols (the foundation protocols for the Internet).  HTTP concepts include the idea that files can contain references to other files whose selection will elicit additional transfer requests. Any Web server machine contains, in addition to the Web page files it can serve, an HTTP daemon, a program that is designed to wait for HTTP requests and handle them when they arrive.
  • 21. What is HTTP?  The Web browser is an HTTP client, sending requests to server machines. When the browser user enters file requests by either "opening" a Web file (typing in a Uniform Resource Locator or URL) or clicking on a hypertext link, the browser builds an HTTP request and sends it to the Internet Protocol address (IP address) indicated by the URL.  The HTTP daemon in the destination server machine receives the request and sends back the requested file or files associated with the request. (A Web page often consists of more than one file.)
  • 22. What is HTTPS? HTTP + SSL/TSL = HTTPS (Hypertext Transfer Protocol Secure)
  • 23. Thank you for your attention