The default security protocol in computer browsers is the "SSL protocol"; SSL is the abbreviation of "Secure Socket Layer", which refers to the secure socket layer. It is the network security protocol first adopted by Netscape. A security protocol implemented over Transport Communications Protocol (TCP/IP) using public key technology.
The operating environment of this tutorial: Windows 10 system, DELL G3 computer.
The default security protocol in computer browsers is SSL.
SSL (Secure Socket Layer) is the network security protocol first adopted by Netscape. It is a security protocol implemented on the Transport Communication Protocol (TCP/IP), using public key technology. SSL widely supports various types of networks and provides three basic security services, all of which use public key technology.
Introduction to security services
(1) Information confidentiality, through the use of public key and symmetric key technology to achieve information confidentiality. All traffic between the SSL client and server is encrypted using the keys and algorithms established during the SSL handshake. This prevents some users from illegal eavesdropping through the use of IP packet sniffing tools. While packet sniffing can still capture the content of the communication, it cannot decipher it.
(2) Information integrity to ensure that all SSL services achieve their goals. The information content between the server and client should be protected from corruption. SSL utilizes secret sharing and hash function sets to provide information integrity services.
(3) Two-way authentication, the process in which the client and server identify each other. Their identification numbers are encoded with a public key, and their identification numbers are exchanged during the SSL handshake. In order to verify that the certificate holder is its legitimate user (and not an imposter), SSL requires the certificate holder to digitally identify the data exchanged during the handshake. The certificate holder identifies all information data including the certificate to prove that he is the legal owner of the certificate. This prevents other users from using the certificate impersonator. The proof itself does not provide authentication, only the proof and the key work together.
(4) SSL security services should be as transparent as possible to end users. Typically, users only need to click a button or connection on the desktop to connect to an SSL host. Unlike standard HTTP connection requests, the default port for a typical network host that supports SSL to accept SSL connections is 443, not 80.
SSL is designed to use TCP to provide a reliable end-to-end security The service is not a single protocol, but a two-layer protocol. The lower layer is the SSL record layer, which is used to encapsulate different upper-layer protocols. The other layer is the encapsulated protocol, the SSL handshake protocol, which allows the server and client to transmit applications. Before sending data, the encryption algorithm and encryption key are negotiated. The client proposes all the encryption algorithms it can support, and the server selects the algorithm that best suits it.
The record protocol provides basic security services for different higher-layer protocols. It is characterized by the Hypertext Transfer Protocol (HTTP) that provides transport services for web client/server interactions and can run on top of SSL. Three higher-level protocols are defined as part of SSL: the handshake protocol, the modified ciphertext protocol, and the alert protocol.
The two important concepts in SSL are SSL session and SSL connection. The specifications are as follows:
(1) Connection: A connection is a transmission that provides an appropriate type of service. For SSL, such a connection is point-to-point. Relationship. Connections are short-lived and each connection is associated with a session.
(2) Session: The SSL session is the association between the client and the server. The session is created through the handshake protocol. A session defines a collection of cryptographic security parameters that can be shared by multiple connections. Sessions can be used to avoid expensive negotiation of new security parameters for each connection.
Multiple secure connections may exist between any pair of interacting entities. Theoretically, there may be multiple simultaneous sessions among interactive entities. In fact, each session has a set of states. Once a session is established, there is current operational state for reading and writing (i.e., receiving and sending). Additionally, during the handshake protocol, pending read and write states are created. Once the handshake protocol is successful, the pending state becomes the current state.
For more related knowledge, please visit the
FAQThe above is the detailed content of What security protocols exist by default in computer browsers. For more information, please follow other related articles on the PHP Chinese website!