Scribd
Upload
5 views

CSS12 SSL and TSL ppt

The document explains Secure Sockets Layer (SSL) and Transport Layer Security (TLS) as cryptographic protocols that secure online communication through encryption, authentication, and data integrity. It highlights the differences between SSL and TLS, emphasizing that TLS is the more secure and modern version. Additionally, it covers various types of authentication, use cases for SSL/TLS, and the handshake process involved in establishing a secure connection.

Uploaded by

Johndion A. Ruloma
Copyright
© © All Rights Reserved
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
5 views

CSS12 SSL and TSL ppt

The document explains Secure Sockets Layer (SSL) and Transport Layer Security (TLS) as cryptographic protocols that secure online communication through encryption, authentication, and data integrity. It highlights the differences between SSL and TLS, emphasizing that TLS is the more secure and modern version. Additionally, it covers various types of authentication, use cases for SSL/TLS, and the handshake process involved in establishing a secure connection.

Uploaded by

Johndion A. Ruloma
Copyright
© © All Rights Reserved
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
You are on page 1/ 21

SSL and TSL

Network Security
UNLOCKED DIFFICULT TERMS

1. AUTHENTICATION – CREDENTIAL VERIFIED


2. ENCRYPTION - The process of converting plaintext (readable data) into
ciphertext (unreadable format) to prevent unauthorized access.
3. CRYPTOGRAPHY - securing information and communication through the
use of mathematical techniques and algorithms to encrypt (secure) and
decrypt (retrieve) data.
4. ALGORITHMS - a step-by-step, logical sequence of instructions or rules
designed to perform a specific task or solve a problem.
ACTIVITY!
LET’S ANALYZE AND
INTERPRET
Do all URLs starts with HTTP?
OBJECTIVES:

1.Define Secure Sockets Layer (SSL) and Transport Layer Security


(TLS).
2.Explain the importance of SSL and TLS in securing online
communication.
3.Differentiate between SSL and TLS.
4.Demonstrate the ability to identify websites that use SSL/TLS
encryption.
SSL/TLS

SSL (Secure Sockets Layer) and TLS


(Transport Layer Security) are
cryptographic protocols designed to provide
secure communication over a computer
network. TLS is the modern successor to SSL,
offering enhanced security and performance.
Key Features of SSL/TLS in a
Network

1.Encryption:
SSL/TLS encrypts the data transmitted
between devices, preventing unauthorized
access or eavesdropping. This is particularly
important for protecting sensitive information
like passwords, financial details, and personal
data.
Key Features of SSL/TLS in a
Network

1.Authentication:
It ensures the authenticity of the
communicating parties, typically through
digital certificates. For example, when
accessing a website, the server provides an
SSL/TLS certificate to prove its identity.
Types of Authentication

1. Single-Factor Authentication (SFA):


1.Uses one type of credential (e.g., password).
2.Example: Logging into an email account with just a username and
password.
2. Two-Factor Authentication (2FA):
1.Combines two forms of authentication for increased security.
2.Example: Password + one-time code sent to a mobile device.
Types of Authentication

3. Multi-Factor Authentication (MFA):


1.Uses three or more authentication methods for enhanced security.
2.Example: Password + biometric scan + physical security token.
4. Passwordless Authentication:
3.Eliminates the need for passwords, relying on other factors like
biometrics, email links, or security keys.
Key Features of SSL/TLS in a
Network

Integrity:
SSL/TLS guarantees that the data
exchanged between devices is not
altered during transit. It uses
cryptographic hashes to detect
tampering.
Use Cases in a Network of SSL/TLS

• Web Browsing: HTTPS uses SSL/TLS to secure communication


between a browser and a web server.
• Email: Protocols like SMTP, IMAP, and POP3 can use SSL/TLS for
secure email transmission.
• VPNs: Some VPNs rely on SSL/TLS for secure connections.
• Remote Access: Ensures secure access to remote desktops or
servers.
• File Transfer: Secures file transfers over protocols like FTPS or
SFTP.
How SSL/TLS Works?
1.Handshake Process:
The SSL/TLS handshake occurs
when a client (e.g., a browser)
connects to a server:
Handshake Process…

The SSL/TLS handshake occurs when a client (e.g., a


browser) connects to a server:
1.The client requests a secure connection.
2.The server sends its SSL/TLS certificate.
3.The client validates the certificate and generates a session
key.
4.The session key is shared securely using asymmetric
encryption.
5.The client and server then use the session key for symmetric
encryption of data.
Encryption Algorithms:

SSL/TLS uses a combination of encryption


algorithms:
• Symmetric Encryption: For encrypting data
during the session (e.g., AES).
• Asymmetric Encryption: For securely exchanging
session keys (e.g., RSA, ECDSA).
• Hashing: To ensure data integrity (e.g., SHA-256).
TLS vs SSL
Feature SSL TLS
Older and less More secure
Security
secure and up-to-date
Slower due to Faster and
Performance
older protocols optimized
SSL 2.0, SSL 3.0 TLS 1.0, 1.1,
Versions
(deprecated) 1.2, 1.3
Industry
Usage Mostly obsolete
Benefits of SSL/TLS in a
Network
• Confidentiality: Ensures sensitive data is accessible
only to authorized parties.
• Trust: Builds user trust, especially on websites with
HTTPS.
• Compliance: Meets security standards like GDPR, PCI
DSS, and HIPAA.
• Security: Protects against threats like man-in-the-middle
(MITM) attacks and data tampering.
What does a URL without HTTP
signify?

Any website link starting with HTTPS (hypertext


transfer protocol secure) is the secure
connection to any server whereas website link
starting with HTTP (hypertext transfer protocol)
is not a secure connection to any server.
QUIZ Tayo!

1. SSL and TLS are cryptographic protocols designed to provide secure


communication over a computer network. (True / False)
2. TLS 1.3 is an older version of SSL that has been deprecated due to
security vulnerabilities. (True / False)
3. If a website uses HTTPS, it means that SSL/TLS is encrypting the data
being transmitted between the server and the client. (True / False)
4. A company experiencing a MITM (Man-in-the-Middle) attack should
consider upgrading from SSL 3.0 to TLS 1.2 or later for better security.
(True / False)
Answer Key:

1.True (SSL and TLS are used for secure


communication.)
2.False (TLS 1.3 is the latest version, and SSL has been
deprecated.)
3.True (HTTPS indicates encryption via SSL/TLS.)
4.True (TLS 1.2 or later provides stronger security than
SSL 3.0.)

You might also like