SSL/TLS provides authentication when a user attempts to access a secure Web server. SSL/TLS consists of four operations:
• Handshake and cipher suite negotiations. Client and server contact each other and choose a common cipher suite. The suite includes a method for exchanging the shared secret key; a method for encrypting data; and a Message Authentication Code (MAC) specifying how application data will be hashed and signed to prove integrity.
• User identity authentication. The server always authenticates its identity to the client. However, whether the client needs to authenticate with the server depends on the application. The exact authentication method (primarily, which digital certificate format will be used) depends on the negotiated cipher suite.
• Key exchange. After choosing a cipher suite, the client and server exchange a key, or the precursors with which to create a key, that they will use for data encrypting (again, depending on the negotiated cipher suite's requirements).
• Application data exchange. The client application and the server application communicate with each other. All data is encrypted using the negotiated bulk encryption method.
Courtesy: Internet
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment