Data Protection and Security

VIII

Standards and Protocols

VIII.IV

Secure Socket Layer (SSL)

Today, maybe the most widely used security protocol is SSL that becomes the standard way of implementing security for web transactions. Although it was initially designed for web, any client-server application can use SSL to build an encrypted tunnel for confidential exchange of messages. For doing this, in the SSL handshake protocol, both parties agree on a secret key to be used for subsequent communication. Since the security provided by key exchange without authentication is limited, SSL handshake protocol supports both server and client authentication.

The way SSL implements authentication is by using public-key cryptography. Figure 2 shows the operation of SSL handshake when client authentication is implemented. Note that today in most SSL servers, only server authentication is implemented. We will return to this issue later.

Figure 2. The handshake in SSL protocol

The basic operation of SSL handshake with client authentication is as follows:

After negotiation of some protocol parameters (supported SSL version, encryption algorithms etc.) in the hello messages, the server sends to the client its certificate. Before the server’s hello is done, the server also asks to the client his certificate. Now the client finishes the handshake protocol on his side by sending three messages to the server:

(1) his certificate

(2) a master key encrypted with the server’s public key obtained from the server’s certificate.

(3) all prior communication signed by the client’s private key which can be verified using the client certificate.

Upon receipt of these messages, the server decrypts the master key with its private key and verifies the certificate and signature to authenticate the identity of the client. In other words, the server does one public-key decryption operation and two or more signature verification operations (one to verify the signature and at least one to verify the certificate).

SSL handshake is completed when the client and server exchanges “Finished” messages to verify that the key exchange and authentication processes were successful. Now, both client and server can use the master key to generate the session keys, which are symmetric keys used to encrypt and decrypt information exchanged during the SSL session and to verify its integrity.