Security Basics mailing list archives
RE: SSL workings
From: "dave kleiman" <dave () isecureu com>
Date: Tue, 2 Dec 2003 19:23:05 -0500
Tryst, It is kind of like dating: 1. You see some hot server you want to hang with. 2. You go up to meet the server, talk to it, and shake its hand (SSL handshake): "Ok lets talk, can you Diffie?" "Yes I can." "Can you RC4 128?" "No I cannot but I can 3DES?" "Sorry I only RC4 128". "Goodbye" (Negotiate what cipher suite to use). (ok but we will pretend she (I mean it) said yes to 3DES.) Now the server sends its certificate, you authenticate the server by validating the certificate. And now you go to the champagne room, I mean you go sit down and talk in your private language (symmetric encryption). 3. Now every time you talk you do so in your private session, until you leave: You say something it is Hashed, the "hash" (if the bar you are in happens to be in Amsterdam) is encrypted, you send the hash and encrypted data. And vice versa. And you both only accept the information if all values match. 4. Once you leave a new negotiation occurs. New keys etc.... Of course most of the time it just ends at the "Goodbye" _______________________________ Dave Kleiman, CISSP, MCSE, CIFI dave () isecureu com www.SecurityBreachResponse.com "High achievement always takes place in the framework of high expectation." Jack Kinder -----Original Message----- From: trystano () aol com [mailto:trystano () aol com] Sent: Tuesday, December 02, 2003 12:18 To: security-basics () securityfocus com Subject: SSL workings Can some please highlight exactly how SSL works. I know it encrypts data sent between a client and a server and uses authentications through use of certificates etc. But does it secure the a socket/port out of which the data is being transffered. Does SSL send data through a different port that normal unprotected data transfers? Sorry if this sounds kind of beginner like :-s Cheers Tryst --------------------------------------------------------------------------- ---------------------------------------------------------------------------- --------------------------------------------------------------------------- ----------------------------------------------------------------------------
Current thread:
- SSL workings trystano (Dec 02)
- RE: SSL workings Joey Peloquin (Dec 03)
- RE: SSL workings dave kleiman (Dec 03)
- Re: SSL workings Creed Erickson (Dec 03)
- Re: SSL workings Markus Müssig (Dec 03)
- <Possible follow-ups>
- Re: SSL workings Trystano (Dec 03)
- RE: SSL workings dave kleiman (Dec 03)
- RE: SSL workings Joey Peloquin (Dec 03)
- SSL workings Boyer, G. T. IT2 ISSM Office (Dec 03)
- RE: SSL workings Boyer, G. T. IT2 ISSM Office (Dec 03)
- CSI/FBI Survey Meritt James (Dec 04)