SSL Certificate

The ultimate guide to understand the difference between SSL\TLS

June 13, 2017 | By John Britas

In computer security, there are two most popular protocols; SSL and TLS. Let’s start with SSL, which stands for Secure Socket Layer and then on the other half we will focus on TLS (Transport Layer Security).

A lot of people, though talk about this terminology often, have no idea what this technology is and the mechanics involved in this protocols. SSL/TLS compiles of cryptographic functions and algorithms which are based on a complicated network.

Having said that we’ll try and understand SSL and TLS and give you a fair understanding of this technology.

SSL and TLS

The primary reason why we need SSL and TLS is for the following reason

Privacy

In the early days when messages were exchanged between two mediums, it would be risky since an eavesdropper can find out what is going on. The risk of your sensitive data like, password, and username getting leaked was high. With the introduction of SSL/TLS, it encrypts the connection between the client and the server. This is done to ensure that no third party is able to read the data that is exchanged between the two mediums and also the data are not tampered with. Today, as you do a lot of online transaction SSL and TLS ensure that your financial dealings and communication that you send back and forth between your system and server is safe.

SSL Security

As said above that using a normal, unencrypted connection puts you in a vulnerable situation, because if a third party is able to intercept the server connection, they can see the information that is passed through and in plain text. For instance, if we are working on our website administration panel and somebody is snooping the local network, he will be able to see in plaintext the cookies we use to authenticate our website. This makes it quite handy for the attacker to use this information and login into our website panel, and once he succeeds to get in he will create havoc by leaking the data and other information.

So if we use SSL and TLS to access our website the situation would be very different. The attacker will see something that will only prove to be useless.

As said above the SSL/TLS encrypts the information passing through the client and server, and with the help of Public Key Cryptography, it enables identification between the client and server (communicating parties). This means that the server or the client, know who they are communicating with. This is critical, especially in the even when you are doing an online banking or other financial dealings, because you need to know that the person to whom the money is transferred is the same that he claims.

When you connect your website securely the server will authenticate by sending its SSL certificate to the client. The client will then check the certificate against the trusted certificate authority, and validate the server identity. Later the SSL will create a layer connection. Perfect Forward Secrecy – In order to solve and curb future security mistakes, cryptographers have come up with a signal protocol (a new security feature) called “Perfect Forward Secrecy”. This technology has the potential to encrypt everything that goes between WhatsApp to your Google or Fb messenger. This futuristic technology represents a whole new standard when it comes to security for any messaging service or website. It takes your privacy seriously.

HTTPS

Posted in SSL Certificate

Be Sociable, Share!

Leave a Comment


 


* fields are mandatory