Cryptography Reference
In-Depth Information
protocol and at the lower Internet Layer using the
Internet Protocol Security
(IPsec) suite.
12.1.1
SSL background
SSL is a general communication security protocol for protecting data while it is
being transferred between different locations. Although it has many applications,
most users encounter SSL when securing a web connection between a client
machine and a web server, for example, when making a purchase from an online
store. SSL requires a reliable underlying transport protocol, hence its suitability
for applications on the Internet running over the
Transmission Control Protocol
(TCP). Unlike many other applications of cryptography, the deployment of SSL
is often made apparent to a user. When securing web sessions, an SSL connection
may be indicated by:
• a dialogue box inviting the user to engage in a 'secure connection';
• the appearance of an icon, such as a padlock, on the web browser;
• the replacement of
http
by
https
in the web address displayed by the
browser.
These indications provide a degree of assurance to the user that information
exchanged during the session is 'secure', in contrast to traffic that is exchanged
outside of an SSL-protected session.
SSL was developed by Netscape in the mid-1990s for use with their
Navigator
browser. It subsequently became the responsibility of the
Internet Engineering
Task Force
(IETF), who develop standards for the Internet. In 1996, the IETF
published a version known as
Transport Layer Security
(TLS). Subsequent versions
of TLS have since been released. For simplicity, unless otherwise specified, we will
choose to treat SSL and TLS as the same protocol and refer to this protocol
as SSL.
12.1.2
SSL security requirements
SSL is designed to establish a 'secure channel' between two entities. To this end,
the main security requirements are fairly standard, although SSL is designed to be
highly configurable and all these 'requirements' are in fact optional:
Confidentiality
. Data transferred over the secure channel should only be
accessible to the entities at either end of the channel, and not by any attacker
who monitors the channel.
Data origin authentication
. Data transferred over the secure channel should be
integrity-protected against an attacker who can conduct active attacks on the
channel, including falsification of the origin of the data.
Entity authentication
. In order to set up the secure channel, it should be possible
to establish the identity of each communicating entity.
