The goal of this project is to research and present the security protocol "Secure Sockets Layer" or as it is more commonly referred to, "SSL." SSL is one of the main encryption techniques used by the internet industry to help ensure the secure transfer of information across the internet. It is one of the main encryption techniques currently under review by Internet Engineering Task Force. SSL is comprised of a strict protocol that initiates a secure "session" between two computing devices. The session is established above the transport level (on the OSI model) and encrypts from the session up. Therefore any data between the application and the SSL session is encrypted from the SSL session on. The SSL protocol, in addition to directly communicating with the other computing device, also makes use of existing encryption practices such as certificates, keys, digital signatures, RSA and has functions when necessary. This project will research and present the protocol necessary for establishing a session. It will also present how certificates, keys, digital signatures, RSA and has functions are used in the protocol. The project will end with an analysis of the effectiveness of how SSL answers internet security problem risks.
Available by permission of the author. Reproduction or retransmission of this material in any form is prohibited without expressed written permission of the author.
Klinefelter, Julie, "How Secure Transactions are Achieved on the Internet using SSL: An Honors Presentation of Internet Security Practices and Protocols" (1997). Honors Theses. 583.