SSL encryption

The SSL protocol operates between the application layer and the TCP/IP layer. This allows it to encrypt the data stream itself, which can then be transmitted securely, using any of the application layer protocols.

SSL uses two encryption techniques:
PKCS, as used by SSL, works briefly as follows:
  1. When a certificate is created, an algorithm based on two random numbers is used to create a private key and public key for the certificate owner. The private and public keys which result are related to each other such that:
    • It is not feasible to deduce the value of the private key from the public key, nor the public key from the private key

      The private key is stored securely, and is not made known to anyone but its owner. The public key can be made freely available to any user, with no risk of compromising the security of the private key.

    • Information encrypted using the public key can be decrypted only with the private key

      Information can be encrypted by any user, and sent securely to the holder of the private key. A third party cannot use the public key to read the information.

    • Information encrypted using the private key can be decrypted only with the public key

      Only the holder of the private key can encrypt information that can be decrypted with the public key. A third party cannot pose as the sender of the information.

Parent topic: Support for security protocols
Related concepts
Support for security protocols
SSL authentication
Certificate authorities
Cipher suites
The SSL handshake

dfht501.html | Timestamp icon Last updated: Thursday, 27 June 2019