SSL/TLS handshake Protocol

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

hello and this is sunny welcome back today my topic is SSL TLS handshake protocol and how it works Secure Sockets Layer SSL and is newer version transport layer security TLS are cryptographic protocols that provide security on the internet up to today in 2018 SSL version 3.0 is the rushing most of web servers and browsers support TLS version 1.1 and version 1.2 are more secure versions the handshake protocol is basically used between a web client and web server to establish trust and they negotiate what a secret key should be used to encrypt and decrypt the conversation with the protocol in place an eva strauber can only see the connection endpoints but it cannot read or modify any of the actual data thus it can protect the users personal data and ensure a safe transaction many people are asking on what a layer of OSI model does the protocol operate some people say it is on the application layer because is just HTTP over Secure Sockets Layer and some people say it is a presentation layer because encryption and decryption operate on this layer but some argue is a session layer because the protocol provides point-to-point session security it is indeed a gray area and each argument is valid the OSI model is not a science and is only a guideline the handshake protocol is involved with the top three layers OSI model and if we use tcp/ip model we can simply say the protocol belongs to the application layer here is the process how a client and a server uses a handshake protocol to negotiate how to securely exchange data step one the client sends client hello message that leases information such as SSL TLS TLS version and the cryptographic algorithms and a data compression methods supported by the client step 2 server responds with server hello message that contains cryptographic algorithms choosing by the server from the list provided by the client the session ID the server also says is a digital certificate and it is a public key step 3 the client will contact the server's CA and verifies the server's digital certificate thus confirming the authenticity of the web server step 3 is basically establishing trust on the web server once the client trusts the web server it will take step 4 client key exchange with this step the client sensor was shared secret key to be used in the following conversation the secret key is encrypted with the server's public key step 5 the client sends a finished message which is encrypted with a sacred key indicating the client part with Hank ship is complete step 6 the server responds to the client with a finished message which is encrypted with the secret key indicating the server part of a handshake is complete once this handshake is done the server and client can now exchange messages that are semantically encrypted with the shared secret key I hope this video is helpful thank you very much and see you next time [Music]

Info

Channel: Sunny Classroom

Views: 342,189

Rating: 4.8390889 out of 5

Keywords: networking, cybersecurity, security+, networking +, cyber threats, cyber defense, IoT, Wi-Fi security, SSL/TLS handshake protocol, Transport layer security, secure sockets layer, private key, public key

Id: sEkw8ZcxtFk

Channel Id: undefined

Length: 5min 4sec (304 seconds)

Published: Sun Feb 11 2018