Here's a brief, simplified overview of what typically happens when you contact a secure Web site, that is, one using SSL.
Let's say you are a Web user contacting your online bank.
In the following, remember that a symmetric algorithm is normally used to encrypt the data itself, while an asymmetric algorithm
is used only to send the secret key for the symmetric algorithm.
In the following, we refer to "your browser" and "the bank's server". Of course we mean the SSL software in each.
- You enter the URL of the bank's login page.
- Your browser sends a list of symmetric algorithms it can support to the bank's server, and requests the bank's certificate.
- Their server replies saying which symmetric algorithm to use, and sends the requested certificate. It also sends a random
number to be used in generating the secret key.
- Your browser checks the hierarchy of CAs shown in the bank's certificate against the CA certificates you've got installed.
If there is no match, the browser flags a warning.
- If there is any match, the browser checks the bank's certificate against the CA that issued it, typically making the following
checks and flagging a warning if any fail:
- Checks the CA's digital signature in the bank's certificate.
Remember this signature is the encrypted hash of the bank's certificate - encrypted using the CA's private key. Your browser
gets the CA's public key from the CA's certificate, and uses it to decrypt the signature, thus getting back the hash. Your
browser then itself hashes the bank's certificate, and checks the two hashes match.
- Checks the start and expiry dates in the certificate to confirm the certificate is current.
- Checks the URL in the certificate is exactly the same as the URL DNS name of the machine that sent the Web page.
- Checks in the CA's certificate revocation list (CRL), or contacts the CA's server using OCSP, to see if the certificate has
- Your browser generates a random number, encrypts it with the asymmetric algorithm using the bank's public key, and sends it
to the bank's server.
- The bank's server uses the bank's private key to decrypt the random number the browser sent.
- Your browser and the bank's server now independently calculate the secret key from the two random numbers.
- As a final check, your browser and the bank's server send each other MACs of all the above messages, and check them to ensure
no attacker has altered any of the messages.
- Your browser and the bank's server can now send each other your data confidentially, using the chosen symmetric algorithm.