Cryptography Reference
In-Depth Information
It is important to recognise that the secure channel enabled by SSL only operates
between two specific applications, such as a client web browser and a web server. If
the 'real' destination of data sent by the client web browser is a back-end database
beyond the web server, then the transfer between the web server and the back-end
database may require separate protection.
12.1.3
Cryptography used in SSL
SSL is designed for use in open environments, where it is unreasonable to expect
communicating entities to have agreed or exchanged security-related information
such as cryptographic keys. Such security-related information is often referred to
as a
security association
. For example, in the case of a user wishing to make a
purchase from an online store, there is no reason to suppose that the user has
ever purchased anything from this store before. Indeed, the user may have only
discovered the store just minutes before deciding to make a transaction. Thus an
SSL session must have the capability of being established between 'strangers'.
As we know from Section 5.1.1, this is exactly the type of situation where
public-key cryptography is most effective. However, given that the amount of
data that we may want to exchange over the secure channel is unspecified, and
thus may be large, it follows from our discussion in Section 5.5.2 that this
situation lends itself naturally to hybrid encryption. Indeed, this is precisely
how SSL works. In fact SSL uses a wide range of cryptographic primitives. For
example:
1. public-key cryptography is used to enable symmetric key establishment;
2. digital signatures are used to sign certificates and facilitate entity authentication;
3. symmetric encryption is used to provide confidentiality;
4. MACs are used to provide data origin authentication and facilitate entity
authentication.
5. hash functions are used as components of MACs and digital signatures, and for
key derivation.
SSL also accommodates the fact that different entities involved in an SSL
session may have different preferences for specific cryptographic algorithms
and key lengths. Thus SSL supports a range of different algorithms, which
include:
• many well-known block ciphers, such as AES, normally in CBC mode;
• HMAC, implemented using a choice of well-known hash functions such as
SHA-256;
• digital signature algorithms such as RSA and DSA.
One of the first tasks to be performed at the start of an SSL session is for the two
communicating entities to agree on which collection of these algorithms they will
use to secure the session. The collection of different algorithms that they agree
upon is often referred to as a
cipher suite
.
