It stands for Secure Socket Layer/Transport layer Security. It is encryption based internet security protocol which works on transport layer of OSI model. It was first developed by Netscape in 1995. After that some modification was made by IETF (Internet Engineering Task Force) and renamed as TLS. So SSL is direct predecessor of TLS, and both are logically same except some insignificant modification.
It prevents man in the middle (MITM) attack. The intruders can intercept data and can damage data integrity without awareness of senders and recipents. A web server with SSL protocol behave like HTTPS.
How does SSL/TLS work?
SSL/TLS protocol need activation between client-server. Symmetric key encryption is going for data integrity. But asymmetric key encryption technique is required for exchanging symmetric key between client-server. Without asymmetric key technique, symmetric key can be vulnerable.
SSL handshake has multiple steps. Without handshaking TCP/UDP connection won’t be established. The picture below is trying to explain the abstract required steps.
Credits:
https://www.youtube.com/watch?v=0yw-z6f7Mb4&t=1051s
0 comments:
Post a Comment