authentication;cipher preferences;cipher;encryption">

Question 134. What is SSL?

The SSL (Secure Socket Layer) Handshake Protocol [Hic95] was developed by Netscape Communications Corporation to provide security and privacy over the Internet. The protocol supports server and client authentication. The SSL protocol is application independent, allowing protocols like HTTP (see Question 133), FTP (File Transfer Protocol), and Telnet to be layered on top of it transparently. The SSL protocol is able to negotiate encryption keys as well as authenticate the server before data is exchanged by the higher-level application. The SSL protocol maintains the security and integrity of the transmission channel by using encryption, authentication and message authentication codes.

The SSL Handshake Protocol consists of two phases, server authentication and client authentication, with the second phase being optional. In the first phase, the server, in response to a client's request, sends its certificate and its cipher preferences. The client then generates a master key, which it encrypts with the server's public key, and transmits the encrypted master key to the server. The server recovers the master key and authenticates itself to the client by returning a message encrypted with the master key. Subsequent data is encrypted with keys derived from this master key. In the optional second phase, the server sends a challenge to the client. The client authenticates itself to the server by returning the client's digital signature on the challenge, as well as its public-key certificate.

A variety of cryptographic algorithms are supported by SSL. During the "handshaking" process, the RSA public-key cryptosystem (see Question 8) is used. After the exchange of keys, a number of ciphers are used. These include RC2 (see Question 75), RC4 (see Question 87), IDEA (see Question 77), DES (see Question 64), and triple-DES (see Question 72). The MD5 message-digest algorithm (see Question 99) is also used. The public-key certificates follow the X.509 syntax (see Question 165).

The SSL protocol has been submitted as an Internet Draft. Questions can be addressed to <standards@netscape.com>.