Monday, December 17, 2018

SSL Certificate And Encryption

SSL certificate establishes an encrypted link in an online communication between the server and the browser. To create an SSL connection, SSL certificate is mandatory. SSL certificate is issued either to companies operating online or to legally accountable individuals. To be able to activate SSL certificate, a business owner needs to provide details about the identity of his website and the business, such as domain name, the name of the business, physical address (including the name of the city & country) etc. Once the certificate is uploaded, two cryptographic keys are created; these are a Private Key and a Public key. These keys are used to encrypt and decrypt data, thus provide security to data that is being transferred over the web.

Encryption Technology

Encryption is a process of converting data to make it unintelligible to all unauthorized parties except the one who is an intended recipient. In this way, data integrity and data privacy can be maintained which has become essential for e-commerce. In simple words, we can say that encryption technology is used to convert data into a non-readable form and secure it from unauthorized parties and is received by the intended recipient in intelligible form. Main responsibilities performed by encryption technology are:
  • To put data(file) into code
  • Changing data into an unreadable form (unintelligible) using secret code
  • To prevent accurate interpretation of data by the third party




What SSL Certificate Encrypted Security Provides?

Authenticity:

This can be explained in two parts. The first part is server authentication and another is client authentication. Let’s discuss them one by one in detail.

• Server authentication: Server along with data transfers public key, which is used by the client to encrypt data used to compute the secret key. The server can decrypt data and generate a secret key only if it has a valid private key.

• Client authentication: In this, the server uses the public key, provided in the client’s certificate, to decrypt data sent by the client. If the exchange of message is complete by using a secret key to encrypt, it confirms the authentication.

If in any case authentication step fails or is not complete, the session is terminated between the browser and the server.

Confidentiality:
  • To ensure message privacy, SSL uses a combination of symmetric and asymmetric encryption. For every session, a unique set of encryption algorithm and a shared secret key is used, ensuring the privacy of the message even in case of interception.

No comments:

Post a Comment