Secure Socket Layer (SSL)

Introduction

  • It was developed by Netscape to provide secured protocol to exchange the data(on the basis of client-server architecture).
  • The SSL protocol is designed to provide security and compression services to the data, which is generated from the application layer.
  • SSL can receive the data from any application in application layer and the protocol is generally HTTP.
  • The data received from applications are first compressed, then encrypted on the both end (client and server).
The different steps to understand the encryption process are:

1. Fragmentation
SSL divides the data into the blocks of 214  = 16384

2. Compression
Each fragment of the data can be compressed by using any lossless compression (the original data is constructed accurately from the compressed data) method.

3. Message Integrity and Confidentiality
The SSL first creates the MAC (Media Access Address) to maintain the integrity of the data. Then the original data and MAC are encrypted by using symmetric key cryptography methods to maintain the confidentiality.

4. Framing
The header is added to the encrypted data and passed to reliable transport layer protocol.

Session and Connection

  • The TCP is connection oriented protocol and IP is connectionless protocol.
  • To transform the IP into the IPSec, the developer needs two levels of connectivity, session and connection. A session between two system can last for a long time And connection can be established and terminated several times during session.

Socket programming

  • Sockets are the endpoints of the internet communication.
  • Client and server can establish the connections and communicate with each other through the sockets.
  • A server runs on a specific machine (computer) and it has socket (which is associated with IP address and port number). To establish connection, the server waits and listens for client to make a connection request.
  • On the client side, the client has information of host name of the machine on which the server is running and the port number on which the server is listening. The client sends a request to establish the connection and binds a local port number, which can be used during this connection.
  • On the server side, the server accepts the request with the help of  a new socket to establish the connection. Hence, a new socket is required to listen to the original socket for connection request and meet the requirements of the connected client.
  • On the client side, if the connection is accepted, then a socket is successfully created and the client can use this socket to communicate with the server.
The steps to establish the socket on client side are:
1. Create a socket by using the socket () function.
2. Connect the socket to the address of the server using connect function ().
3. Send and receive the data by using read () and write () function.
4. Close the connection by using close () function.

The steps to establish a socket server side are:
1. Create a socket using by using socket () function.
2. Bind the socket to the address by using the bind () function.
3. Listen for the connection by listen () function.
4. Accept the connection with the accept () function, this call is accepted when the client connects with the server.
5. Close the connection by close () function.

socket api working