CS406: Information Security

In this section, you will review implementations to secure communication.

Secure Socket Layer

Secure socket layer (SSL) is a protocol that is used by most websites to obtain confidential information from the user. It uses a combination of asymmetric and symmetric encryption methods to secure links. A sever sends a public asymmetric key to the client. The client uses the received key to encrypt a symmetric session key. The client then returns the ciphertext back to the server which uses the corresponding private key to decrypt the asymmetric encryption and gain the symmetric session key. The client and server can then both use the symmetric key for communications for the rest of the session. One of the most popular examples of SSL is its use in HTTPS, secure HTTP. The video, How SSL works tutorial – with HTTPS example (11:08), provides a tutorial on setting up SSL to provide a secure web connection.