Today, I learned about SSL.
SSL stands for Secure Sockets Layer and works at the application layer on top of HTTP.
TLS Handshake
To kick off a secure communication session, there’s first a handshake called the TLS handshake. The purpose of a TLS handshake is to securely exchange a symmetric key that the rest of the SSL session can use to encrypt and decrypt messages.
First, the client’s and server’s supported cipher-suites are exchanged. A particular cipher-suite is then chosen for the connection.
Next, the server sends the client the server’s certificate. The server’s public key is sent to the client, which the client can use to encrypt data it sends to the server. The client generates a secret called the “pre-master secret” which is encrypted using the server’s public key and sent to the server. Some computation over the pre-master secret turns into the symmetric key that will be used for encryption/decryption during the rest of the session. Note that, the pre-master secret is encrypted using the server’s public key prior to being sent over the network which implies that only the server is able to decrypt the message to get the true pre-master secret.
Why symmetric encryption instead of the public key encryption we used before?
The TLS handshake does a lot of work to find a symmetric key to use for the session. It goes through the effort because public key encryption / decryption is typically much less efficient than symmetric key encryption / decryption.
Authenticating the server
An additional but critical feature of SSL is that it allows clients to authenticate the server it is talking to. A MAC (message authentication code) is sent along with each message to ensure that data has really been sent from the server and not some middle-man attacker that is pretending to be the server.
In the previous section, we talked about a SSL certificate which contains the public key of the server. It also contains the identify of the owner of the server. An SSL certificate needs to be obtained by a “certificate authority.” The certificate authority is a third party that ensures the owner of the server is indeed who they claim to be.
There is also a version of SSL certificates that are self-signed. This is less secure since no certificate authority is verifying that you are who you say you are.