SSL

• SSL is a handshake protocol between client and server for (optionally mutual) authentication and key agreement.

• Only the server needs to have an established asymmetric key pair

• After the client connects to the server,the server sends his public key certificate to the client. The client verifies this from a list of public keys he trusts.

• Afterwards the client generates a symmetric key which he sends to the server encrypted with the public key of the server. This key will be used as master key for confidentiality of subsequent data.

• Optionally, the client would be able to authenticate towards the server. The would require the client to have an established key pair.

Previous slide

Next slide

Back to first slide

View graphic version