What is SSL?

In brief SSL stands for Secure Socket Layer. A Netscape creation formed to secure transactions between web servers and browsers. Protocol uses a Certificate Authority (CA) also known as the third party. Function is for identification one end or both ends of each transaction. Ok, so in brief first your browser will look for a secure page. When you see the “s” at the end of a URL this is your precise clue that this site is secure. An easy check is to type a certain URL as http: website name” and then type it in as https://”same website name”.  When looking to purchase anything from a website make sure atleast upon checkout you can verify a https://.  Moving forward after your browser asks for a secure page “https://” the web server sends its public key with a certificate at which time your browser will perform checks to make certain the certificate has been clearly issued by a trusted party (certificate authority). Browser will also make certain the certificate is in good order valid and there is a relation to the site. Next step is your browser uses the public key in order to encrypt a random symmetric encryption key and sends it to the server with the encrypted URL required as well as other encrypted http data. Web server than decrypts this symmetric encryption key using via its private key and uses the symmetric key to decrypt the URL and http data. Now your web server sends back the requested html document and http data encrypted with the symmetric key. Finally, the browser can now decrypt the http data and html document using the symmetric key & displays all pertinent information. This may seem a bit much just understand that trusted banks, businesses and every trusted entity selling anything where you leave your personal information such as credit cards should be using SSL and now you know how to check. Remember http:// – https:// Let’s take a closer look at Private Key & Public Key Below.

Private & Public Key

We use a private & public key precisely because data can be encrypted by one key yet it can only be decrypted by the other key. Basically one key is to encrypt while the other key is to decrypt. These keys are based primarily on prime numbers and the length is in terms of bits, making it very difficult to encrypt the message without the keys. You can view this as the two keys are a couple. The “private key” is kept a secret while the “public key” speaks to everybody. Let’s now take a look at Certificates.

Certificate

Make sure to look for a certificate on the website. Usually in logo form at the bottom of the site. Now go ahead and click this certificate. Presto, you should see plenty of information regarding the site such as e-mail address, owners name, usage of this certificate, the duration it is valid and it should be clear that it is for the site you are visiting. Basically a good deal of information regarding the owner of the site. This information when validated you can absolutely trust. You must trust. Certificate also holds the public key as well as a hash to ensure the certificate has not been tampered. Let’s discuss Symmetric keys.

Symmetric key

Now we have learned that both Private & Public keys are needed to decrypt info correct? Yes! Great, ok so an algorithm using the same key to both encrypt and decrypt is a symmetric key. Symmetric algorithm is a lot faster than the Private & Public keys working as a couple better knows as “asymmetric”. You should see some “danger” here. Just like a husband needs a wife & vice-versa for security, companionship etc. The symmetric key is not very safe of course, simply because there is only one key and if it is in the wrong hands well so is your information. Listen, nothing is secure in on the Web.  Having said that, the solution is to hide mask this symmetric key in a message encrypted with an asymmetric algorithm. See why? Answer is because you never sent the Private Key! Also note that the symmetric key is completely randomized so the next time it is sent when seen it will be completely different. Let’s take a look at the Hash.

Hash

The hash is simply a number designated by a hash funtion from a message. The hash is a one way function making it impossible to receive the original message even knowing the hash. The hash greatly changes if any modification is made in the message. Simply put it is very difficult to modify a message and also keep the original hash. Let’s move forward to what a PassPhrase is.

PassPhrase

Consider a passphrase a password but a lot longer. In the past the length of passwrods were limited to a few characters about eight or so. Obviously the longer the password the harder it is to guess. We now use hashes which have no limitaion length wise on passwords when needed. Let’s now discuss Public Key Infrastructure and I will let you bask in provided knowledge. Hope you learned something. Remember to e-mail me if you need further clarification.

Public Key Infrastructure

Public Key Infrastructure (PKI) is a software managment system & database system which provides allowance to sign certificatess, revokes certificates and distributes the public key. People can check your credentials. Remember thatg no one will know your public key unless you have sent them an e-mail with your certificate including the public key. Ok, read this over a few times and it begins to make great sense.

 

NEED HELP Call our award--winning support team 24/7 at (425) 405-2812