Public Key: SSL
lA popular implementation of public-key encryption is the Secure Sockets Layer (SSL). Originally developed by
Netscape, SSL is an Internet security protocol used by Internet browsers and Web
servers to transmit sensitive information.
SSL has become part of an overall security
protocol known as Transport Layer
Security (TLS).
l
Look for the "s" after "http" in the address whenever you are about to enter sensitive information, such as a credit-card number, into a form on a Web site.
Look for the "s" after "http" in the address whenever you are about to enter sensitive information, such as a credit-card number, into a form on a Web site.
lIn your browser, you can tell when you are using a secure protocol, such
as TLS, in a couple of different ways.
You will notice that the "http" in the address line is replaced with "https," and you should see a small
padlock in the status bar at the bottom of the browser window.
l
The padlock symbol lets you know that you are using encryption.
The padlock symbol lets you know that you are using encryption.
lPublic-key encryption takes a lot of computing, so most systems use a
combination of public-key and symmetry.
When two computers initiate a secure session, one computer creates a symmetric key and sends it to the
other computer using public-key encryption.
The two computers can then communicate using symmetric-key encryption. Once the session is finished, each computer
discards the symmetric key used for that
session. Any additional sessions require that a new symmetric key be created, and the process is repeated.