What is the SSL protocol

SSL is called Secure Sockets Layer. It is a security protocol that guarantees privacy. SSL can prevent the communication between the client and the server from being intercepted and eavesdropped. It can also verify the identities of both parties in the communication and ensure the security of data transmission on the network.

The traditional HTTP protocol does not have a corresponding security mechanism, cannot guarantee the security and privacy of data transmission, cannot verify the identity of the communicating parties, and cannot prevent the transmitted data from being tampered with. Netscape uses data encryption, identity verification and message integrity verification mechanisms to provide security guarantees for network transmission.

The SSL protocol includes several security mechanisms for identity verification, data transmission confidentiality, and message integrity confidentiality.

The authentication mechanism is to use the digital signature method to authenticate the server and the client, and the authentication of the client is optional.

The digital signature can be realized through an asymmetric key algorithm. The data encrypted by the private key can only be decrypted by the corresponding public key. Therefore, the user's identity can be judged according to whether the decryption is successful. If the decryption result is the same as the fixed message, the authentication is successful. When using digital signatures to verify identity, it is necessary to ensure that the public key of the verifier is authentic, otherwise, illegal users may pretend to be the verifier and communicate with the verifier.

The confidentiality of data transmission is to use a symmetric key algorithm to encrypt the transmitted data. It means that the sender sends the data to the other party before sending the data; after the receiver receives the data, it uses the decryption algorithm and decryption key to obtain the plaintext from the ciphertext. A third party without the decryption key cannot restore the ciphertext to plaintext, thus ensuring the confidentiality of data transmission.

The message verification code is used to verify the integrity of the message during message transmission. The MAC algorithm is an algorithm that converts the key and data of any length into fixed-length data.

1. With the participation of the key, the sender uses the MAC algorithm to calculate the MAC value of the message, and then sends the message to the receiver.

2. The receiving end uses the same key and MAC algorithm to calculate the MAC value of the message, and compare it with the received MAC value

Compare.

If the two are the same, the message has not changed. Otherwise, the message is modified during transmission and the receiving end will discard the

Message.

The above is the news sharing from the PASSHOT. I hope it can be inspired you. If you think today' s content is not too bad, you are welcome to share it with other friends. There are more latest Linux dumps, CCNA 200-301 dumps, CCNP Written dumps and CCIE Written dumps waiting for you.