Introduction to SSL Protocols
SSL stands for Secure Socket Layer protocol, is an Internet protocol used for exchanging the information over a web browser and web server in a secure manner, provides two basic services like authentication and confidentiality. SSL protocol is located between the application layer and transport layer. There are three subprotocol Handshake Protocol, Record Protocol and Alert Protocol. These three SSL protocols constitute the overall working of Secure Socket Layer.
List of SSL protocols
There are three protocols which consist of the working of SSL.
- Handshake Protocol
- Record Protocol
- Alert Protocol
1. Handshake Protocol
It is the first subprotocol of SSL which is used by the client and server to communicate using SSL enabled connection. Handshake Protocol consists of a series of messages between client and server, where each message has three fields.
- Type: This field is of 1 byte defines one of the 10 possible types of messages.
- Length: This field is of 3 bytes defines the message length in bytes.
- Content: This field is of 1 or more bytes defines parameters associated with the message. Parameters are based on the types of messages.
Types of messages:
- Hello request: It does not contain any parameter.
- Certificate: It contains a chain of X.509V3 certificate.
- Certificate request: It contains type and authority.
- Certificate verify: It contains a signature.
- Client hello: It contains version, random number, Session ID, compression method, cipher suite.
- Server hello: It contains version, random number, session ID, compression method, cipher suite.
- Server-key exchange: It contains parameters and signature.
- Server hello done: It does not contain any parameter.
- Client key exchange: It contains parameters and signature.
- Finished: It contains a hash value.
Phases of Handshake Protocol:
- Establish security capabilities.
- Server authentication and key exchange.
- Client authentication and key exchange.
2. Record Protocol
Record protocol of SSL comes into the picture after the successful Handshake is completed between both client and server. In other words, we can say that when clients and servers have successfully authenticated each other and have decided to what algorithms to use for exchange securely, then we can enter into the record protocol of SSL.
How does SSL record protocol work?
- Fragmentation: In this phase, the original application message is fragmented into small blocks to reduce the size of the block. Size of blocks must be less than or equal to 2^14 bytes.
- Compression: In this phase, fragments blocks are compressed. While compression we need to ensure that there is no loss of original data.
- Add MAC: In this Phase, MAC (Message Authentication Code) is calculated using the secret key which is established in SSL Handshake Protocol.
- Encryption: In this step, the output of the previous step is encrypted using a symmetric key which established in SSL Handshake Protocol. Note that the encryption process should not increase the block size by more than 1024 bytes.
- Append header: In this phase, the header is added to the encrypted block. The header contains various fields the content type which specifies the protocol used for processing, major version which specifies a major version of SSL protocol, minor version which specifies the minor version of SSL protocol, and compressed length which specifies the length of original plain text block in bytes.
- Transmission: After heading, the message is transferred to the transport layer. At the receiver side, the header of each block is removed, then the block is decrypted and verified. After verification, the block is decompressed into the original message and then reassemble it into the original application message.
Record protocol provides two services:
- Confidentiality: Record Protocol achieve this service by using the secret key defined by the handshake protocol.
- Integrity: Defines the shared secret key which is used for assuring the integrity of the message.
3. Alert Protocol
When an error arises at the client or server side, the detecting party sends an alert message to the other party. If the error is fatal, both the parties immediately close the SSL connection i.e. transmission from both client and server side is terminated. Both parties also destroy the session identifiers, secrets, and keys associated with this connection before it is terminated. If the error is not so severe, connect will not be terminated, the parties handle the error and continue the process. The alert message is consisting of 2 bytes, where first bytes define the error type. If the value of error is 1 means it is warning and id the value of error is 2 then it is fatal. The second byte defines the actual error.
- Unexpected message: It raised when inappropriate messages are received.
- Bad record MAC: It raised when message received with incorrect MAC.
- Handshake failure: It raised when the sender is unable to negotiate an acceptable set of security parameters from options.
- Decompression Failure: It raised when decompression function cannot be completed.
- Illegal parameters: It raised when the field in Handshake message is out of range.
- Certificate expired: It raised when certificate expired.
- Certificate revoked: It raised when signer of certificate invoked it.
- Certificate unknown: It raised when an unspecified error occurred while processing certificate.
- Bad certificate: It raised when a certificate is corrupted.
- Unsupported certificate: It raised when Certificate types do not support.
- Close notify: This alert notifies that sender will not send any more messages in this connection.
- No certificate: It raised when appropriate certificate is not available.
In this article we have seen what are SSL Protocols which are used to provide security to communications over a computer networks along with their features.
This is a guide to SSL Protocols. Here we discuss the introduction to SSL protocols, the list of protocols with detail explanation. You may also have a look at the following articles to learn more –