Secure Internet Connections: SSL, PGP, PPTP, and IPsec

Classified in Computers

Written at on English with a size of 2.93 KB.

Secure Sockets Layer (SSL)

Secure Sockets Layer (SSL) is most often used to encrypt information on the Internet. It is a protocol that encrypts database (DB) connections by selecting an encryption method and generating the necessary keys for the entire session.

How SSL Works

  1. The browser requests a page from a secure server. The request is identified by the HTTPS protocol.
  2. They agree on algorithms that ensure confidentiality, integrity, and authenticity.
  3. The server sends the browser its standard X509 certificate containing its public key. If the application requires it, it in turn requests the client's certificate.
  4. The browser sends the server a master key from which it generates the session key to encrypt data to be exchanged.
  5. Finally, it checks the authenticity of the indicated parties, and if the channel has been established with certainty, data transfers begin.

Advantages of SSL

  • It enjoys great popularity and is widely spread on the Internet, as well as being supported by most current browsers.
  • Ensures secure DB connections.
  • The user need not perform any special operation to activate the protocol.

Operation: Secure Electronic Transaction (SET)

  • When you want to make a purchase from merchant B, a request is generated to decide the means of payment. Then B generates a process ID for the purchase and sends it to A along with its public key and a payment gateway to be used (C) in the transaction.
  • The buyer sends two pieces of information to B. The first is the order, which is encrypted with the public key of B, so that only B can read the order.
  • The second piece of information is the mode of payment, which is encrypted with the public key of payment gateway C. Thus, although the information is received initially by B, only C can read the bank data.
  • The bank, however, cannot see the order placed. From here, the payment gateway C consults with the sender and receiver banks of the broadcast for authorization. If all requirements are met, the transaction occurs.

Pretty Good Privacy (PGP)

Pretty Good Privacy (PGP) is a free encryption method for any kind of information but has spread mainly due to its ability to encrypt email messages based on a digital signature model, so as to ensure the authorization of the sender.

Point-to-Point Tunneling Protocol (PPTP)

Point-to-Point Tunneling Protocol (PPTP) stands for tunneling protocol point to point. It aims to maintain a point-to-point encryption that protects communication from outside.

IPsec

Adds IPsec authentication and encryption to packet transmission.

Karma: -30%
Visits: 0

Entradas relacionadas:

Tags:
IPsec Encryption SSL PPTP PGP HTTPS