Welcome again on the second part of SSL Overview :)
You know the Secure Sockets Layer (SSL) protocol uses a combination of public-key and symmetric-key encryption. Now, Symmetric-key encryption is much faster than public-key encryption; however, public-key encryption provides you better authentication techniques. SSL session always starts with an exchange of messages called the SSL handshake. More interesting part is that the handshake allows the server to authenticate itself to the client by using public-key techniques, and similarly allows the client and the server to cooperate in the making of symmetric keys used for rapid encryption, decryption during the session that follows. Optionally, this handshake also allows the client to authenticate itself to the server. So here are the steps:
You know the Secure Sockets Layer (SSL) protocol uses a combination of public-key and symmetric-key encryption. Now, Symmetric-key encryption is much faster than public-key encryption; however, public-key encryption provides you better authentication techniques. SSL session always starts with an exchange of messages called the SSL handshake. More interesting part is that the handshake allows the server to authenticate itself to the client by using public-key techniques, and similarly allows the client and the server to cooperate in the making of symmetric keys used for rapid encryption, decryption during the session that follows. Optionally, this handshake also allows the client to authenticate itself to the server. So here are the steps:
Step 1: Firstly, The client sends the server the client’s SSL version number, cipher settings, some randomly generated data, and other information the server needs to communicate with the client using SSL.