SSL principle and application (1) SSL protocol architecture

SSL (Secure Sockets Layer, Secure Sockets Layer) is a security protocol that provides security and data integrity for network traffic. Developed by Netscape to secure data transmission over the Internet, data encryption (encryption) technology is used to make sure that information is not intercepted and tapped on the network.

SSL is currently supported by almost all browsers, but the supported versions are different. As you can see from figure 8-1, IE supports SSL 2.0 and SSL 3.0 two versions at the same time.

Figure 8-1 IE supported version of SSL

As a matter of fact, readers already understand how SSL works and review the communication principles of public-key cryptography that I mentioned earlier in my blog, and SSL uses a public-key encryption system. The SSL-based data communication process can now be conceived entirely. As I said before, SSL is a protocol, and this section focuses on how the protocol itself and how it works can provide secure communication between the various protocols.

The SSL protocol is located between the network layer and the application layer of the TCP/IP protocol model, and uses TCP to provide a reliable end-to-end security service, which enables communication between client/server applications not to be hacked, and always authenticates the server and optionally authenticates the customer. The SSL protocol has completed encryption algorithms, communication key negotiation, and server authentication prior to the application layer communication, after which the data transmitted by the application layer protocol is encrypted.

The SSL protocol architecture is shown in Figure 8-2.

Figure 8-2 SSL Protocol architecture

As you can see from the architecture diagram, the SSL protocol can be divided into two tiers:

Q SSL Recording protocol (SSL record Protocol): Built on a reliable transport protocol (such as TCP), provides support for the basic functions of data encapsulation, compression, and encryption for high-level protocols.

Q SSL Handshake Protocol (SSL handshake Protocol): Based on the SSL recording protocol, used to authenticate, negotiate encryption algorithms, and exchange encryption keys before the actual data transmission begins. The SSL protocol is actually a protocol family of SSL Handshake Protocol, SSL Modification ciphertext Protocol, SSL warning Protocol and SSL recording Protocol. The following are described separately.

SSL Logging Protocol

The SSL logging protocol provides two kinds of services for SSL connections: Confidentiality and message integrity.

In the SSL protocol, all the transmitted data is encapsulated in the record. Records are made up of record headers and record data (not 0 lengths). All SSL communication uses the SSL recording layer, which records the handshake protocol, the alarm protocol, and modifies the ciphertext protocol at the upper level of the Protocol encapsulation. The SSL recording protocol includes the rules for recording headers and recording data formats.

The SSL logging protocol defines the format for transferring data, which is on top of some reliable transport protocols (such as TCP) and is used for encapsulation of various higher-level protocols. Mainly completes the grouping and the combination, the compression and the compression, as well as the message authentication and the encryption and so on.

The main operational process of the SSL logging protocol is shown in Figure 8-3.

Figure 8-3 The operation process of the SSL recording protocol

The five operations in the diagram are described briefly as follows:

1 each upper application data is divided into 214 bytes or smaller blocks of data. The record contains the type, version number, length, and data fields.

2 compression is optional, and is lossless compression, compressed content can not increase the length of more than 1024 bytes.

3 Compute the message authentication Mac on the compressed data.

4 encryption of compressed data and Mac.

5 increase the SSL record.