Secure Socket Layer (SSL) Secure Socket Layer, or SSL, is a web technology designed to provide secure transmission of data across the Internet. It consists of a Certificate, which is purchased from a Certificate Authority, CA, and an encrypted protocol layer, which utilizes the RSA public key cryptography, to transmit data back and forth. It was created by the Netscape Corporation. -- From the SSL Draft v3.0 Published in 1996 by the Netscape Corporation The primary goal of the SSL Protocol is to provide privacy and reliability between two communicating applications. The protocol is composed of two layers. At the lowest level, layered on top of some reliable transport protocol (e.g., TCP [TCP]), is the SSL Record Protocol. The SSL Record Protocol is used for encapsulation of various higher-level protocols. One such encapsulated protocol, the SSL Handshake Protocol, allows the server and client to authenticate each other and to negotiate an encryption algorithm and cryptographic keys before the application protocol transmits or receives its first byte of data. One advantage of SSL is that it is application protocol independent. A higher-level protocol can layer on top of the SSL Protocol transparently. The SSL protocol provides connection security that has three basic properties: The connection is private. Encryption is used after an initial handshake to define a secret key. Symmetric cryptography is used for data encryption (e.g., DES[DES], RC4[RC4], etc.) The peer's identity can be authenticated using asymmetric, or public key, cryptography (e.g., RSA[RSA], DSS[DSS], etc.). The connection is reliable. Message transport includes a message integrity check using a keyed MAC. Secure hash functions (e.g., SHA, MD5, etc.) are used for MAC computations. A simplified outline of an SSL connection is: 1. The browser asks to start a secure session with the server, usually on port 443. 2. The server returns the site’s certificate. 3. The browser checks the certificate information for validity. 4. The browser creates a session key, which is encrypted with the server’s public key, which is then sent to the server. 5. The server decrypts this information using its private key. 6. Both browser and server are now using the same session key. Certificates provide the means to tell the browser that you are connected to a trusted site. It is a way for the server to know that you are who you say you are and prevents unauthorized interception of data. Note the data stream itself it capable of being captured; however the data in that stream is encrypted. Since it authenticates on both sites of a transaction, it prevents a malicious site to re-direct you to an unauthorized site where your data could be compromised. There are two levels of encryption: 40-bit and 128-bit. With 40-bit encryption, there are billions of possible keys to decipher the coded information, and only one of them works. Someone intercepting the information would have to find the right key - a nearly impossible task. With 128-bit encryption, there are 300 billion trillion times as many keys as with 40-bit encryption. It is virtually impossible for an unauthorized party to find the right key, even if they are equipped with the best computers. Note that security features do not prevent you from viewing nonencrypted web sites or place any limitations on your use of the World Wide Web, email, or newsgroups. Secure Socket Layers provide data security, not site security. A web site that hosts an SSLenabled website could be vulnerable to Denial of Service, or other security breaches, but can still provide this layer of protection. There are many things that administrators don’t do, or do improperly that will compromise data that can’t be helped by SSL. The first is e-mail. After a user fills out a form that is behind a SSL, a system might decode the data once on the server, at this point it is no longer safe, then the script emails the information to the form’s owner. The data is now sent as insecure text. The second type of mistake is regarding data storage. The owner of a site uses a log-to-file method to store all information in case e-mail is lost or for audit purposes. With this, data is stored as a text file and is readable by administrators in the company, or if the data is not secured on a file level, it will be readable by everyone that has access to that computer. Another is a backup. Where are the backups stored, who has physical access to them.