Do you ever see that little lock symbol in the address bar of your browser and wonder exactly what it’s doing? How does this “SSL” protect your data? I’m going to tell you a little story that will help understanding Secure Sockets Layer encryption a little easier.
Let’s say you have something you want to send the server over the internet that you don’t want prying eyes to have – a credit card number for example. If you just send it in plain text, anyone sitting out there with a packet sniffer monitoring traffic can find it, read it, and buy that new 50” LED TV they’ve been wanting… compliments of you! That’s where SSL comes in to play.
SSL requires a few things to work. First – there’s the box. This box will serve as the vessel to transport your secure data back and forth. But sending stuff in a box won’t make any difference if it’s not locked! To fix that, both the server and yourself generate two keys that can either unlock or lock the box: a private key and a public key. In order to get the ball rolling, you and the server trade public keys. The trick here? The public key is only used to lock the box, so we aren’t concerned with the bad guys getting it. The only way to unlock the box is with our private keys, which never touch the network.
An SSL Transmission in Pictures
Once you and the server have each other’s public key, the transfer can begin! Don’t forget, even if the bad guy gets your public key, it’s fine! That only allows them to lock the box.
1. The server places a message in the box requesting your credit card, locks it with your public key, and sends you the box.
2. You unlock the box using your private key, and read the message. You then put your credit card information inside the box, lock it using the server’s public key, and send it back.
3. The bad guy received a copy of the box! Oh no! But wait…it’s locked with SSL encryption. He can’t get in because he doesn’t have a key to unlock the box. He can only lock it again with the public key.
4. The server receives the box which has been locked with it’s own public key. It can now use it’s private key to unlock the box and get your credit card data securely.
This is the idea behind SSL in a nutshell. There are many other features that are used to ensure the data you send is safe. These include randomizing the transmission of packets so that if some of your data is obtained, the thief has no way of knowing in which order it belongs. Most encrypted connections also have a very small window before a timeout is issued to prevent them from jumping in line with data of their own. An example of this would be entering a password. If a thief intercepts the password packet entirely, takes the time to hack it, and then sends it to the server themselves, it’s too late! The server has already closed the request.
Privacy is a very serious concern in this technological age. With an SSL certificate from GlowHost you can be sure that your account is providing the utmost security for your visitors, especially those that need to send sensitive information.
While this article is a narrow focus compared to SSL in general, this hopefully gave you an idea of exactly how SSL works.
Questions? Comments? Be sure to post below and let us know what you think!