secure socket layer (TCP/IP) (SSL)
The Secure Socket Layer(SSL) is a protocol for authentication and encryption of Internet connections. The SSL protocol can be used in conjunction with the Simple Mail Transfer Protocol( SMTP), e-mail, Telnet, the FTP protocol and Hypertext Transfer Protocol( HTTP), or HTTPS, and is based on TCP/ IP. The SSL protocol exchanges data at the transport layer. As soon as both communication partners are in contact via an SSL connection, the connection can neither be intercepted nor can the data transmission be manipulated.
The SSL protocol was developed by Netscape and provides complex 128-bit encryption of data transmitted on the Internet. The SSL method encrypts with public keys that are confirmed by a third party according to X.509. The security is guaranteed by the fact that the key for decryption must be individually defined once again and is stored only at the user - it is not transmitted on the Internet.
The developers of the SSL protocol have created the protocol in two levels: One level is responsible for the encryption of data. It allows various symmetric algorithms, including the Data Encryption Standard( DES), Triple-DES or Rivest Cipher 4( RC4), and requires that both communication partners have a common, secret cipher key that is generated for each connection. The authenticity of the data is also verified by a checksum check such as the Secure Hash Algorithm( SHA) or Message Digest No. 5( MD5). At the second level, Transport Layer Security( TLS) uses handshaking to exchange private keys. The servers and clients of a communication connection authenticate themselves, negotiate an encryption algorithm and send each other the encoded session keys.
Secure Socket Layer (SSL) is described in RFC 2246 and has been equivalent to the TLS protocol since version 3.1. Both protocols are risky because data encrypted with asymmetric encryption can be decrypted with the master key.