Page 53 - CITS - Computer Software Application -TT
P. 53
COMPUTER SOFTWARE APPLICATION - CITS
• SHA-3 (Secure Hash Algorithm 3): The latest member of the SHA family, SHA-3 was designed to provide a
new level of security and resistance to various attacks.
• Blake2: A high-speed cryptographic hash function that’s an improvement over SHA-3 in terms of speed and
security.
• Whirlpool: A cryptographic hash function that produces a 512-bit hash value. It’s used in various security
applications and is known for its strong security properties.
• RIPEMD (RACE Integrity Primitives Evaluation Message Digest): RIPEMD comes in several versions,
including RIPEMD-160. It was designed as an alternative to MD5 and SHA-1.
• HMAC (Hash-based Message Authentication Code): While not a hash function itself, HMAC uses a
cryptographic hash function (like SHA-256) along with a secret key to create a message authentication code.
It’s used to verify the integrity and authenticity of messages.
SSL Protocol
SSL (Secure Sockets Layer) protocol
The SSL (Secure Sockets Layer) protocol is a cryptographic protocol designed to provide secure communication
over a computer network, typically the internet. It ensures that the data transmitted between a client (such as a
web browser) and a server is encrypted and protected from eavesdropping, tampering, and forgery.
SSL was developed by Netscape Communications in the 1990s, and its successor is TLS (Transport Layer
Security). TLS continues to be used widely today for securing online transactions, sensitive data transmission,
and various forms of communication.
The SSL/TLS protocol operates by establishing a secure communication channel between the client and server
using a combination of encryption, authentication, and data integrity mechanisms.
Secure Socket Layer Protocols:
• SSL record protocol
• Handshake protocol
• Change-cipher spec protocol
• Alert protocol
SSL record protocol
The SSL Record Protocol is responsible for dividing the application data into manageable chunks, adding
encryption and integrity protection, and then transmitting these chunks as records over the network. It ensures
confidentiality, integrity, and authenticity of the data being exchanged between the client and server. The protocol
uses cryptographic algorithms to achieve these goals.
Certainly, the SSL Record Protocol provides two fundamental services to the SSL/TLS connection:
1 Confidentiality: The SSL Record Protocol ensures the confidentiality of data by encrypting the application
data before transmission. This means that any data sent between the client and server is scrambled using
encryption algorithms, making it unreadable to anyone who intercepts the communication without the appropriate
decryption key. This service prevents eavesdropping and unauthorized access to sensitive information.
2 Integrity and Authenticity: The SSL Record Protocol also ensures the integrity and authenticity of the data
being transmitted. It achieves this by adding a cryptographic hash (HMAC) to the data before encryption. This
hash allows the recipient to verify that the data hasn’t been tampered with during transmission. Additionally,
SSL/TLS uses digital certificates to authenticate the identities of the communicating parties, ensuring that you
are indeed connecting to the intended server and not a malicious imposter.
Handshake Protocol
The Handshake Protocol is instrumental in establishing secure sessions between a client and a server. It allows
both parties to mutually authenticate each other through a series of message exchanges. The protocol progresses
through four distinct phases:
40
CITS : IT&ITES - Computer Software Application - Lesson 01-17