How SSL Certificates works in real time , in depth ?

How SSL Certificates works in real time , in depth ?

sandeep negi's photo
sandeep negi
·

4 min read

What is SSL ?

  • SSL : secure socket layer , it is a protocol, that encrypt,secure and authenticate , it secure communication between client and server

  • Now it is replaces by TLS (Transport Layer Security)

How TLS Works

  1. TLS handshake : where client and server, open secure connection and share a public key.

  2. during TLS handsharke two parties generate session keys and then uses that to encrypt and decrypt all the communication after TLS handshake

  3. for each new session different session keys are created

  4. lets say you are using google.com in that case TLS ensure, that the website is actually google.com and not an impersonator.

  5. TLS also ensure , that the data is is not altered.

what is SSL Certificates ?

  • it is a file on a webserver, that contains public key as well as website owner information. and the same public key is shared to the other party and the other party will be encrypting the communication information with this public key and this information can only be decrypted by the private key Without SSL cert , a website traffic cannot be encrypted with TLS.

  • any webserver - can create their own SSL certificate and such certificates are called as self-signed certificates. but browser do not consider self signed certificate as valid.

How we verify the server ?

  • During TLS communication the server includes MAC(Message Authentication Code ) which is a digital signature confirming, that the communication originated from the actual website.

How Communication between client and server works ?

  • so in symmteric keys botht he client and the server will use the same keys for the decryption, but here is the problem how you will generate the smae keys in both the client and the server,

  • solution : create key on client and send it to server

  • now server has the key to encrypt and decrypt the trafffic and both party is happy,

  • but here is a problem lets say someone does not like your happiness and wanted to ruin that , what they will do, when client create the key and sending it to server, the person will sniff the key and then the person can bascially decrypt all the traffic or communication between both the client and the server, How to solve this problem

  • solution : the server will have public and private keys, that is assymetric keys, anything encrypted by public key can only be decrypted by private keys ,

  • so server will give its public key to client, now, client have its own key that is pre master key, it will encrypt the pre master key using the public key which is shared by server, and then send the data to server, server will be able to decrypt the traffic with its private key and hence both are happy and now for further communication pre master key can be used,

  • how this is safe, lets say client send the data with the public key encrypted, evern if someone sniff that information they will not be able to decrypt that, because it can only be decrypted by the private keys and hence that information is not valuable for them :)

  • Final Hack :

  • server sends the public key to client, what if a hacker sniff that key , and instead of that add its own public key, now client is dumb it does not know difference in keys so it will assume this is the server key and uses that for further encryptoin of pre-master key and send it over, now again hacker take the packer , decrypts it able to decrypt since it is his public key, see the symmteric key and then again encrypt it using public key of server and send it to server, server, does the same thing, decrypt it voila and then uses pre master key for further communication and hacker already have this key and that is why we need cert

  • why we need cert :

  • it verifies the authenticity of the server, organization,validaty and CA (certificate authority)

Symmetric encryption with Session Keys

  • once TLS handshake is done, both client and server using the same session keys for encryption. Session keys are only used till the session is active.

How SSL handshake works

  1. Three steps

  2. Hello : clientHello with some information from cert and then server send ServerHello with some information., both the hello contians the certificate information

  3. Server Verfication : now client verifies that the server is autentic using the certificates such as , it will check the validity of cert, organization ,public key etc , it make sure that the valid certificate authority (CA) validated the certificate

  4. Tranfer Keys : client uses , public key of server to generate pre master key and the server will be able to decrpt this key pre master key, here both symmteric and asymmetric encryotion are taking place together

SSLTLSSystem Design