Through several articles, I would like present the cryptographic mechanisms, types of keys, certificate, types of algorithms …etc:


The principles of SSL

The securization of transactions via SSL is based on the exchanges of keys between client and server. The transaction securized via SSL is done by the following model:

  • First, the client connects to the server secured by SSL and asks it the authentication. The client sends also the list of supported cryptosystems, sorted by the descending order according to the length of keys.
  • Then, the server sends a certificate to the client, containing its public key (server side) signed by a certification authority (CA) or its self-signed public key. This certificate contains the name of the most complex client’s compatible cryptosystem from the previous list: the length of the encryption key (40 bits or 128 bits) will be that of the common cryptosystem with the largest key size.
  • The client creates random secret key, encrypts this key using the public key of server, then sends the result (session key) to server.
  • So, the server is capable of decrypting the client’s session key with its private key (server key). Thus, the 2 entities have a common key known only by these 2 parts. The rest of the transactions can be done using this session key, ensuring the integrity and confidentiality of the data exchanged.

Best regards,