Updated June 19, 2023
Introduction to SSL Protocols
SSL stands for Secure Socket Layer protocol, an Internet protocol that is used for securely exchanging information between a web browser and a web server, it provides two basic services authentication and confidentiality. SSL protocol is located between the application layer and the transport layer. There are three subprotocols Handshake Protocol, Record Protocol, and Alert Protocol. These three SSL protocols constitute the overall working of the Secure Socket Layer.
List of SSL protocols
There are three protocols that consist of the working of SSL.
- Handshake Protocol
- Record Protocol
- Alert Protocol
1. Handshake Protocol
It is the first subprotocol of SSL, which the client and server use to communicate using an SSL-enabled connection. Handshake Protocol consists of a series of messages between the client and server, where each message has three fields.
- Type: This field is of 1 byte and defines one of the 10 possible types of messages.
- Length: This field is of 3 bytes and defines the message length in bytes.
- Content: This field is of 1 or more bytes and defines parameters associated with the message. Parameters are based on the types of messages.
Types of messages:
- Hello request: It does not contain any parameter.
- Certificate: It contains a chain of X.509V3 certificates.
- Certificate request: It contains the type and authority.
- Certificate verify: It contains a signature.
- Client hello: It contains version, random number, Session ID, compression method, and cipher suite.
- Server hello: It contains version, random number, session ID, compression method, and cipher suite.
- Server-key exchange: It contains parameters and signatures.
- Server hello done: It does not contain any parameter.
- Client key exchange: It contains parameters and signatures.
- Finished: It contains a hash value.
Phases of Handshake Protocol:
- Establish security capabilities.
- Server authentication and key exchange.
- Client authentication and key exchange.
- Finish.
2. Record Protocol
Record protocol of SSL comes into the picture after the successful Handshake is completed between both client and server. In other words, we can say that when clients and servers have successfully authenticated each other and have decided on what algorithms to use for exchanging securely, then we can enter into the record protocol of SSL.
How does SSL record protocol work?
- Fragmentation: In this phase, the original application message is fragmented into small blocks to reduce the size of the block. Size of blocks must be less than or equal to 2^14 bytes.
- Compression: While compression, we need to ensure that there is no loss of original data.
- Add MAC: In this Phase, MAC (Message Authentication Code) is calculated using the secret key established in SSL Handshake Protocol.
- Encryption: In this step, the SSL Handshake Protocol establishes a symmetric key, which is used to encrypt the output of the previous step. Note that the encryption process should not increase the block size by more than 1024 bytes.
- Append header: In this phase, the header is added to the encrypted block. The header contains various fields the content type, which specifies the protocol used for processing, major version, which specifies a major version of SSL protocol, a minor version, which specifies the minor version of SSL protocol; and compressed length, which specifies the length of the original plain text block in bytes.
- Transmission: At the receiver’s side, the receiver removes the header of each block, decrypts and verifies the block. After verification, the receiver decompresses the block into the original message and reassembles it into the original application message.
Record protocol provides two services:
- Confidentiality: Record Protocol achieves this service by using the secret key defined by the handshake protocol.
- Integrity: Defines the shared secret key, which is used to ensure the integrity of the message.
3. Alert Protocol
When an error arises on the client or server side, the detecting party sends an alert message to the other party. Both the client and server immediately close the SSL connection if the error is fatal. They terminate the transmission from both sides. Additionally, both parties destroy the session identifiers, secrets, and keys associated with this connection before terminating it. If the error is not so severe, connect will not be terminated; the parties handle the error and continue the process. The alert message consists of 2 bytes, where the first bytes define the error type. If the value of the error is 1, it is a warning; if the value of the error is 2, it is fatal. The second byte defines the actual error.
Fatal alerts:
- Unexpected message: It is raised when inappropriate messages are received.
- Bad record MAC: It is raised when a message is received with an incorrect MAC.
- Handshake failure is raised when the sender cannot negotiate an acceptable set of security parameters from options.
- Decompression Failure is raised when the decompression function cannot be completed.
Non-fatal alerts:
- Certificate expired: It raised when the certificate expired.
- Certificate revoked: It raised when signer of the certificate invoked it.
- Certificate unknown: It raised when an unspecified error occurred while processing the certificate.
- Bad certificate: It raised when a certificate is corrupted.
- Unsupported certificate: It raised when Certificate types do not support.
- Close notify: This alert notifies that the sender will not send any more messages in this connection.
Conclusion
In this article, we have explored the use of SSL protocols to enhance the security of communications over computer networks, along with their key features.
Recommended Articles
This is a guide to SSL Protocols. Here we discuss the introduction to SSL protocols and the list of protocols with detailed explanations. You may also have a look at the following articles to learn more –