|
ABSTRACT:
This paper allows you to gain a better understanding of what is actually occurring when you use SSL, which much more likely than not, is not really SSL at all but is, rather, Transport Layer Security (TLS).
The TLS Record Protocol provides connection security with two basic properties:
The connection is private. This privacy, or confidentiality, is provided using symmetric cryptography. Messages are encrypted and decrypted using the same key, with either a block or stream cipher. The keys used by the chosen cipher are generated uniquely for each connection, and are based on a secret established by the TLS Handshake
Protocol.
The connection is reliable. Each message exchange includes an
integrity check using a keyed MAC, or, Message Authentication Code. This is a secure digest of some data protected by a secret. Forging the MAC is infeasible without knowledge of the MAC secret, which is also unique per connection and based on a secret established by the TLS Handshake Protocol.
|
| |
 |
| |
AUTHOR:
David Garneau
|
My Research History
Free Newsletters
