Secure Sockets Layer (SSL)

-

Secure Sockets Layer (SSL): How It Works


What Happens When a Browser Encounters SSL

> A browser attempts to connect to a website secured with SSL.

> The browser requests that the web server identify itself.

> The server sends the browser a copy of its SSL Certificate.

> The browser checks whether it trusts the SSL Certificate. If so, it sends a    message to the server.

> The server sends back a digitally signed acknowledgement to start an SSL encrypted session.

> Encrypted data is shared between the browser and the server.


Encryption Protects Data During Transmission


Web servers and web browsers rely on the Secure Sockets Layer (SSL) protocol to help users protect their data during transfer by create a uniquely encrypted channel for private communications over the public Internet. Each SSL Certificate consists of a key pair as well as verified identification information. When a web browser (or client) points to a secured website, the server shares the public key with the client to establish an encryption method and a unique session key. The client confirms that it recognizes and trusts the issuer of the SSL Certificate. This process is known as the "SSL handshake" and it begins a secure session that protects message privacy and message integrity.

Strong encryption, at 128 bits, can calculate 288 times as many combinations as 40-bit encryption. That's over a trillion times stronger. At current computing speeds, a hacker with the time, tools, and motivation to attack using brute force would require a trillion years to break into a session protected by an SGC-enabled certificate. To enable strong encryption for the most site visitors, choose an SSL Certificate that enables 128-bit minimum encryption for 99.9 percent of website visitors.


Credentials Establish Identity Online


Credentials for establishing identity are common: a driver’s license, a passport, a company badge. SSL Certificates are credentials for the online world, uniquely issued to a specific domain and web server and authenticated by the SSL Certificate provider. When a browser connects to a server, the server sends the identification information to the browser.


To view a websites’ credentials:


Click the closed padlock in a browser window

Click the trust mark (such as a Norton Secured Seal)

Look in the green address bar triggered by an Extended Validation (EV) SSL

Authentication Generates Trust in Credentials


Trust of a credential depends on confidence in the credential issuer, because the issuer vouches for the credential’s authenticity. Certificate Authorities use a variety of authentication methods to verify information provided by organizations. Symantec, the leading Certificate Authority, is well known and trusted by browser vendors because of our rigorous authentication methods and highly reliable infrastructure. Browsers extend that trust to SSL Certificates issued by Symantec.


Extend Protection beyond HTTPS


Symantec SSL Certificates offer more services to protect your site and grow your online business. Our combination of SSL, vulnerability assessment and daily website malware scanning helps you provide site visitors with a safer online experience and extend security beyond https to your public-facing web pages.

Comments

Post a Comment

Popular posts from this blog

Cyber India: A Country Full of Contradictions

-
Image
The Economy of India is the ninth largest in the world by  nominal GDP  and the  fourth largest  by  purchasing power parity  (PPP). The country is a part of the  G-20 major economies , Goldman Sachs predicts that "from 2007 to 2020, India’s GDP per capita in US$ terms will quadruple", and that the Indian economy will surpass the United States (in US$) by 2043, this are only forecast but give us an idea of the “India Power”. In a scenario characterized by good auspices some shadows stain the incredible growth that has: Corruption, it has been one of the pervasive problems affecting India. Social disparities limit homogeneous growth of the entire class. This is a critical problem facing India's economy is the sharp and growing regional variations among India's different states and territories in terms of poverty, availability of infrastructure and socio-economic development Obviously we in the West have a complete...
Read more

AntiCloud Trojan Reverse Engineering Analysis

-
Image
Introduction In this paper we are going to talk about the Anticloud Trojan, also know as the  TrojanDropper:Win32/Bohu.A and  B  variant. This malware originated in China and was designed to target the Cloud-Based Technology of major Chinese AntiVirus Vendors. For this reason, Bohu has also been called  AntiCloud Trojan . This is the first malware to specifically target cloud based technologies and will likely set a trend. As more corporations and governments move applications and services into the cloud, it will become an increasingly important target for malware developers. We can expect sophisticated malware that attacks clients and embeds itself into cloud-based apps, potentially without the user being able to determine that the cloud-based service is compromised. This trojan presents some interesting features, such as: Hash Check Evasion. Packet Interception via NDIS Filter. Cloud-Servers Access Lock via SPI network filter in order to...
Read more

Cracking Democracy – Hacking Electronic Voting Machines

-
Image
Communications around the world are gradually going digital. I was born in 1984. I would expect, if I entered ( clik here for awesome topics ) a typical office workplace that year, to find various filing cabinets, stacks of paper letters, memos and invoices, and typewriters. Even the state-of-the-art electronic typewriters of that day, such as the ones manufactured by Smith Corona with monochromatic CRT monitors, were designed to print to paper. Maybe the office had a budget for an expensive fax machine. That as well needed paper. In 2011, most of the documents that go through a typical office are digital. Every desk has a PC, typically connected to an office LAN or WAN. A typical worker has many e-mails a day to attend to, on their PC and on their smartphone. Many workplaces still have corporate intranets for further exchange of information. Most workplaces discourage paper printing when it can be avoided. A few sheets of 8.5 by 11 are more costly to the company than severa...
Read more