0
7.4kviews
List the functions of the different protocols of SSL. Explain the handshake protocol.
1 Answer
-2
454views
  • The internet and web has become widely popular today. However, it is vulnerable to serious attacks.
  • For this purpose, various security approaches are possible. These approaches are mainly dependent on which network layer they operate on
  • The SSL (Secure Socket Layer) is a whole new layer of protocol which operates above the Internet TCP protocol and below high-level application protocols
  • The architecture of SSL is shown below:

enter image description here

  • The above figure is also called as SSL protocol stack.
  • The SSL record protocol provides basic security service to various higher level protocols. (e.g. the HTTP protocol which facilitates the transfer server for Web client/server interaction operates in top of SSL )
  • SSL record protocol takes an application data to be transmitted $\rightarrow$ fragments into blocks $\rightarrow$ compresses them $\rightarrow$ Add MAC+Encryption $\rightarrow$ Attach SSL header $\rightarrow$ Send to TCP layer.
  • SSL Change Cipher Spec Protocol: It is a single message which consists of a single byte with value 1. The sole purpose of this message is to cause the pending state to be copied into the current state, which updates the cipher suite to be used on this connection.
  • SSL Alert protocol: It conveys SSL-related alerts to peer entity. Each message is of 2 bytes each. The alerts are grouped into two levels: warning or fatal.
  • HTTPS: HTTP over SSL is a moder
  • SSL handshake protocol: It is one the most complex protocols of SSL.
  • It allows client and server to:
    • Authenticate each other
    • To negotiate encryption & MAC algorithm.
    • To negotiate cryptographic keys to be used.
  • The Handshake Protocol is used before any application data is transmitted.
  • The handshake protocol is made up of a series of messages exchanged between both parties (server & client) which is of the format

enter image description here

Please log in to add an answer.