Dear Guest, Please Register to Download Free Seminar Reports and PPT of each topic. The Download link will be visible only after the registration.Please search the topic before posting.

Please click the Facebook Like Button if you are satisfied

 Subscribe To Get Latest Seminar Reports and PPT

Receive all seminar updates via Facebook. Just Click the Like Button Below

?

Custom Search

SSL and TLS

Huge Collection of Computer Science Seminar Topics, Reports and PPT.

SSL and TLS

Postby Prasanth » Tue Jul 01, 2014 6:58 am

Secure Socket Layer (SSL) denotes the predominant security protocol of the Internet for World Wide Web (WWW) services relating to electronic commerce or home banking.
The majority of web servers and browsers support SSL as the de-facto standard for secure client-server communication. The Secure Socket Layer protocol builds up point-to-point connections that allow private and unimpaired message exchange between strongly authenticated parties.

In the ISO/OSI reference model [ISO7498], SSL resides in the session layer between the transport layer (4) and the application layer (7); with respect to the Internet family of protocols this corresponds to the range between TCP/IP and application protocols such as HTTP, FTP, Telnet, etc. SSL provides no intrinsic synchronization mechanism; it relies on the data link layer below.

The SSL protocol allows mutual authentication between a client and server and the establishment of an authenticated and encrypted connection. SSL runs above TCP/IP and below HTTP, LDAP, IMAP, NNTP, and other high-level network protocols.

In general :

SSL – Secure Socket Layer

• It provides a secure transport connection between applications (e.g., a web server and a browser),
• SSL was developed by Netscape,
– V2 1994 netscape
– V3 1996 netscape
• SSL version 3.0 has been implemented in many web browsers (e.g., Netscape Navigator and MS Internet Explorer) and web servers and widely used on the Internet.
• A protocol widely used on the Web
– Operates between the application and transport layers.

Evolution of SSL ?

Netscape developed the first specification of SSL in 1994, but only publicly released and deployed the next version, SSLv2, in the same year [SSL2]. With respect to public key cryptography, it relies mainly on RSA encryption (RSA cryptosystem) and X.509- compliant certificates. Block ciphers, such as DES, Triple DES (3DES), and RC4, along
with hash functions like MD5 and SHA, complement the suite of algorithms. SSLv3 followed in 1995, adding cryptographic methods such as Diffie-Hellman key agreement
(DH), support for the FORTEZZA key token, and the Digital Signature Standard (DSS) scheme [SSL3].

The most recent draft of the SSL 3.0 specification was published in November of 1996 by Netscape. The intent was to be a “security protocol that provides communications privacy over the Internet. The protocol allows client/server applications to communicate in a way that is designed to prevent eavesdropping, tampering, or message forgery.” The goals included cryptographic security, interoperability, extensibility, and relative efficiency.

Interoperability was a goal so that applications could be written to the standard and expected to work with any other applications written to the standard. Interoperability, it was noted, does not imply that two programs will always be able to connect. One might not have the correct algorithm support or credentials necessary for the connection to the other.

Extensibility was descried as providing “a framework into which new public key and bulk encryption methods can be incorporated as necessary.” It was noted that this should prevent the need to implement a new security protocol entirely should a weakness be found in one of the current encryption methods.
Cryptography, obviously, causes a higher CPU load than sending the data unencrypted. Still, they made some effort to minimize the network traffic and allow for session caching.
You do not have the required permissions to download the files attached to this post. You must LOGIN or REGISTER to download these files.
User avatar
Prasanth
Site Admin
 
Posts: 475
Joined: Sat May 28, 2011 6:29 pm


Return to Computer Science Seminar Topics