SSL (Secure Socket Layer) was first released in 1999. It was deprecated since Java 8u31 and renamed to TLS (Transaction Layer Security) due to its deficiency in handling padding attacks, it checks only the padding length but not the value.
TLS has two subprotocols: Handshake and Record Protocol.
The Handshake process establishes the common cryptographic parameters such as the encryption protocol and cipher to be used by both the server and the client.
The Record Protocol defines the rule for breaking down the data into blocks (packets), encrypt and decrypt them.
During handshaking, the client sends to the server the protocol and ciphers it supports. The server then chooses the protocol and the cipher to be used. The server has a list of supported ciphers and chooses the first one in priority supported by the client. If there is no cipher in common, the handshake fails. The protocol and cipher are suggested by client but chosen by the server.
An SSL/TLS connection succeeds only if the client trusts the server. After the protocol and cipher are chosen, the server sends the client its certificate. The client will trust the server only if it can trace the certificate to a root certificate, which is known as chain validation.
Then, the server and the client exchange their public keys and generate the session key or master key. If the ending messages of the handshaking are successfully encrypted and decrypted by both sides, the handshaking is complete.
Since Java 8u151, the Java Cryptography extension, JCE, is bundled in the JDK. Java JCE is a framework for encryption, key generation, key agreement and message authentication code (MAC).
From Java 8 onward, the default encryption protocol version is TLSv1.2 which is backward compatible.
-----------------------------------------------------------------------------------------------------------------
Watch the blessing and loving online channel: SupremeMasterTV live
If you have ever asked yourself these questions, this is the book for you. What is the meaning of life? Why do people suffer? What is in control of my life? Why is life the way it is? How can I stop suffering and be happy? How can I have a successful life? How can I have a life I like to have? How can I be the person I like to be? How can I be wiser and smarter? How can I have good and harmonious relations with others? Why do people meditate to achieve enlightenment? What is the true meaning of spiritual practice? Why all beings are one? Read the book for free here.
No comments:
Post a Comment