P1: IML/FFX P2: IML/FFX QC: IML/FFX T1: IML
WL040C-21 WL040/Bidgolio-Vol I WL040-Sample.cls August 13, 2003 17:16 Char Count= 0
268 SECURESOCKETSLAYER(SSL)Figure 8: SSL connection process.to ensure message integrity. The third requirement, au-
thentication, is provided by the handshake protocol in its
requirement of at least a server’s certificate.
The record protocol processes a message by first
breaking the message into fragments of equal fixed
size, padding the last fragment as needed. The next
step is optional compression of each fragment. Once
the compression is completed, a MAC is computed for
each fragment and appended to the fragment. The result
is then encrypted using the key and algorithm agreed
upon by the client and server. An SSL record header
is appended. Then this segment is passed to the TCP
layer for processing. The received data are processed by
the receiving protocol in the reverse process: data are
decrypted, verified by means of the MAC, and decom-
pressed if necessary, the fragments are reassembled, and
the result is then passed on to the destination application.
This process is depicted in Figure 8.TLS—Transport Layer Security
TLS is an IETF attempt to specify an Internet standard
version for SSL. The current proposed standard for TLS
is defined in RFC 2246 (2002).
The proposed TLS standard is very similar to SSLv3.
The TLS record format is identical to the SSL record for-
mat. There are a few differences between SSL and TLS.
Some of these are how MAC computations are carried out,
how pseudorandom functions are used, including addi-
tional alert codes and client certificate types, and how cer-
tificateverification and finished message are carried out.
The details of these differences are discussed in Stallings
(2000).SSL and TLS Protocols: Details
The preceding sections provide an overview of how a se-
cure channel is set up and used. A better understanding ofthis process is obtained when a detailed examination of
this process is presented. It is informative to work through
each step of Figure 7 and detail how the protocols work to
set up the secure channel. The following is an adaptation
of information that may be found in specification docu-
ments for SSL (Netscape Communications, 1996, 1998).Handshake Protocol
Of the four protocol that make up SSL and TLS, the hand-
shake protocol is the most critical. This protocol is respon-
sible for setting up the connection. It uses a sequence of
messages that allows the client and server to authenti-
cate each other and agree upon encryption and MAC
algorithms and their associated keys.
The format of the handshake protocol is simple and is
depicted in Figure 9 below. The type field of the handshake
protocol indicates one of 10 messages listed in Table 1 be-
low. Length is the length of the message in bytes. Content
is the parameters associated with the message type (cf.
Table 1).
Step 1of Figure 7 is theClientHellomessage. Its pa-
rameters areversionThe version of the SSL protocol by which the
client wishes to communicate during this session. This
should be the most recent version supported by the
client.
randomA client-generated random structure. This is a
value 32 bytes long. The first four bytes are the timeFigure 9: Handshake protocol layout.