{"id":1879,"date":"2021-03-31T00:42:03","date_gmt":"2021-03-31T00:42:03","guid":{"rendered":"http:\/\/learnlearn.uk\/alevelcs\/?page_id=1879"},"modified":"2022-03-21T14:28:16","modified_gmt":"2022-03-21T14:28:16","slug":"transport-layer-security-digital-certificates-ssltls","status":"publish","type":"page","link":"https:\/\/learnlearn.uk\/alevelcs\/transport-layer-security-digital-certificates-ssltls\/","title":{"rendered":"Transport Layer Security &#038; Digital Certificates (SSL\/TLS)"},"content":{"rendered":"<div class=\"responsive-tabs\">\n<h2 class=\"tabtitle\">Intro<\/h2>\n<div class=\"tabcontent\">\n\n<h3>Secure Socket Layer \/ Transport Layer Security<\/h3>\n<p>SSL and the newer TLS are technologies that allow the secure encryption and transmission of data across the internet. Without these technologies any data sent across the internet would be susceptible to interception by third parties.<\/p>\n<p>This data could include:<\/p>\n<ul>\n<li>Personal information &#8211; home address, telephone number<\/li>\n<li>Sensitive information &#8211; medical information, criminal record information<\/li>\n<li>Financial information &#8211; banking logins\/passwords &amp; credit card information<\/li>\n<\/ul>\n<p>TLS &amp; Digital certificates work to ensure that data cannot be read \/ tampered with if intercepted and that you have protection against <a href=\"https:\/\/www.youtube.com\/watch?v=vsXMMT2CqqE\">man-in-the-middle attacks<\/a>.<\/p>\n<p>&nbsp;<\/p>\n<p>Why is it needed?<\/p>\n\n<\/div><h2 class=\"tabtitle\">Handshake Protocol<\/h2>\n<div class=\"tabcontent\">\n\n<h3>Handshake Protocol<\/h3>\n<p>The TLS Handshake is used to establish encryption and trust between the server and client. Below is the handshake used in TLS 1.2, not the newer TLS 1.3 which is a little different.<\/p>\n<h4>Step 1 &#8211; Client Hello<\/h4>\n<p>In the first step the client sends a message to the server listing the various encryption technologies that the client supports.<\/p>\n<p>This includes:<\/p>\n<ul>\n<li>The version of SLL\/TLS that the client supports<\/li>\n<li>The encryption algorithms that the client supports<\/li>\n<li>Data compression algorithms<\/li>\n<\/ul>\n<h4>Step 2 &#8211; Server Hello<\/h4>\n<p>The server responds with:<\/p>\n<ul>\n<li>The chosen set of encryption algorithms to be used. This is known as the Cypher Suite.<\/li>\n<li>A session ID to be used for the remainder of the connection<\/li>\n<li>The server&#8217;s digital certificate, which contains the server&#8217;s public key<\/li>\n<\/ul>\n<h4>Step 3 &#8211; Verify the digital certificate<\/h4>\n<p>The client contacts the certificate authority listed on the digital certificate and checks that the certificate is authentic and is still valid, thereby verifying the identity of the server.<\/p>\n<h4>Step 4 &#8211; Secret key sharing<\/h4>\n<p>The client sends a secret key, encrypted with the server&#8217;s public key, to be used as a shared key for symmetric encryption for the remainder of the session.<\/p>\n<p>Note: Most web servers actually use <a href=\"https:\/\/youtu.be\/NmM9HA2MQGI\">Diffie-Hellman Ephemeral Key Exchange for the session<\/a> encryption as it provides perfect forward secrecy.<\/p>\n<h4>Step 5 &#8211; Server responds handshake complete<\/h4>\n<p>The server responds with a message encrypted using the shared symmetric key, indicating that the handshake is complete and the session then begins.<\/p>\n\n<\/div><h2 class=\"tabtitle\">Record Protocol<\/h2>\n<div class=\"tabcontent\">\n\n<h3>Record Protocol<\/h3>\n<p>Once a secure session is established the remainder of the session is secured using the cypher suite, symmetric keys and compression agreed during the handshake protocol.<\/p>\n\n<\/div><h2 class=\"tabtitle\">Digital Certificates<\/h2>\n<div class=\"tabcontent\">\n\n<h3>Digital Certificates<\/h3>\n<p>Digital certificates are not just used for SSL encryption, they can also be used to verify emails and documents sent from person to person through the use of a digital signature.<\/p>\n<ul>\n<li>TLS \/ SSL certificate<\/li>\n<li>Email Certificate<\/li>\n<li>Digital Signature<\/li>\n<li>Code Signing Certificate<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n\n<\/div><h2 class=\"tabtitle\">Videos<\/h2>\n<div class=\"tabcontent\">\n\n<h3>Great Simplified Introduction<\/h3>\n<div class=\"nv-iframe-embed\">\n<div class=\"container-lazyload preview-lazyload container-youtube js-lazyload--not-loaded\"><a href=\"https:\/\/www.youtube.com\/watch?v=sEkw8ZcxtFk\" class=\"lazy-load-youtube preview-lazyload preview-youtube\" data-video-title=\"SSL\/TLS  handshake Protocol\" title=\"Play video &quot;SSL\/TLS  handshake Protocol&quot;\">https:\/\/www.youtube.com\/watch?v=sEkw8ZcxtFk<\/a><noscript>Video can&#8217;t be loaded because JavaScript is disabled: <a href=\"https:\/\/www.youtube.com\/watch?v=sEkw8ZcxtFk\" title=\"SSL\/TLS  handshake Protocol\">SSL\/TLS  handshake Protocol (https:\/\/www.youtube.com\/watch?v=sEkw8ZcxtFk)<\/a><\/noscript><\/div>\n<\/div>\n<h3>A more in-detail video<\/h3>\n<div class=\"nv-iframe-embed\">\n<div class=\"container-lazyload preview-lazyload container-youtube js-lazyload--not-loaded\"><a href=\"https:\/\/www.youtube.com\/watch?v=86cQJ0MMses\" class=\"lazy-load-youtube preview-lazyload preview-youtube\" data-video-title=\"TLS Handshake Explained - Computerphile\" title=\"Play video &quot;TLS Handshake Explained - Computerphile&quot;\">https:\/\/www.youtube.com\/watch?v=86cQJ0MMses<\/a><noscript>Video can&#8217;t be loaded because JavaScript is disabled: <a href=\"https:\/\/www.youtube.com\/watch?v=86cQJ0MMses\" title=\"TLS Handshake Explained - Computerphile\">TLS Handshake Explained &#8211; Computerphile (https:\/\/www.youtube.com\/watch?v=86cQJ0MMses)<\/a><\/noscript><\/div>\n<\/div>\n\n<\/div><h2 class=\"tabtitle\">Resources<\/h2>\n<div class=\"tabcontent\">\n\n<h3>Resources<\/h3>\n<p><a href=\"https:\/\/www.cambridgeinternational.org\/Images\/285023-topic-3.2.1-protocols-9608-.pdf\">CIE Resource<\/a><\/p>\n<p><a href=\"https:\/\/www.youtube.com\/watch?v=1dOCHwf8zVQ\">Heartbleed Bug<\/a><\/p>\n<p><a href=\"https:\/\/docs.google.com\/presentation\/d\/1CUKe1cctmW3YDoky9KnJlrkFEeWM494KCfDvzPFA5nw\/edit?usp=sharing\">Teacher Presentation<\/a><\/p>\n<p><a href=\"https:\/\/docs.google.com\/presentation\/d\/16LywR0dI9xZU5ifTBqkbJKC62VhhgCvC92VWWaOUKvE\/edit?usp=sharing\">Crossword<\/a><\/p>\n<p><strong>Past Paper Questions<\/strong><\/p>\n<p>S16 31 Qn 2<\/p>\n<p>N16 31 Qn 6<\/p>\n<p><a href=\"https:\/\/pastpapers.papacambridge.com\/viewer\/caie\/cambridge-advanced-as-and-a-level-computer-science-9608-2016-nov-9608-w16-qp-32-pdf\">Winter 2016 &#8211; Paper 32 Question 4<\/a><\/p>\n<p>S17 31 Qn 2c<\/p>\n<p><a href=\"https:\/\/pastpapers.papacambridge.com\/viewer\/caie\/cambridge-advanced-as-and-a-level-computer-science-9608-2017-nov-9608-w17-qp-31-pdf\">N17 31 Qn 4<\/a><\/p>\n<p><a href=\"https:\/\/pastpapers.papacambridge.com\/viewer\/caie\/cambridge-advanced-as-and-a-level-computer-science-9608-2018-oct-nov-9608-w18-qp-32-pdf\">Winter 2018 &#8211; Qn 6B<\/a><\/p>\n<p><a href=\"https:\/\/pastpapers.papacambridge.com\/viewer\/caie\/cambridge-advanced-as-and-a-level-computer-science-9608-2019-may-june-9608-s19-qp-31-pdf\">Summer 2019 Paper 31 &#8211; Question 5<\/a><\/p>\n<p>N19 31 Qn 8<\/p>\n<p>S20 Qn8<\/p>\n<\/div><\/div>\n","protected":false},"excerpt":{"rendered":"<p>Secure Socket Layer \/ Transport Layer Security SSL and the newer TLS are technologies that allow the secure encryption and transmission of data across the internet. Without these technologies any data sent across the internet would be susceptible to interception by third parties. This data could include: Personal information &#8211; home address, telephone number Sensitive&hellip;&nbsp;<a href=\"https:\/\/learnlearn.uk\/alevelcs\/transport-layer-security-digital-certificates-ssltls\/\" class=\"\" rel=\"bookmark\">Read More &raquo;<span class=\"screen-reader-text\">Transport Layer Security &#038; Digital Certificates (SSL\/TLS)<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"neve_meta_sidebar":"","neve_meta_container":"","neve_meta_enable_content_width":"on","neve_meta_content_width":75,"neve_meta_title_alignment":"","neve_meta_author_avatar":"","neve_post_elements_order":"","neve_meta_disable_header":"","neve_meta_disable_footer":"","neve_meta_disable_title":""},"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v20.6 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Transport Layer Security &amp; Digital Certificates (SSL\/TLS) - A Level Computer Science<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/learnlearn.uk\/alevelcs\/transport-layer-security-digital-certificates-ssltls\/\" \/>\n<meta property=\"og:locale\" content=\"en_GB\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Transport Layer Security &amp; Digital Certificates (SSL\/TLS) - A Level Computer Science\" \/>\n<meta property=\"og:description\" content=\"Secure Socket Layer \/ Transport Layer Security SSL and the newer TLS are technologies that allow the secure encryption and transmission of data across the internet. Without these technologies any data sent across the internet would be susceptible to interception by third parties. This data could include: Personal information &#8211; home address, telephone number Sensitive&hellip;&nbsp;Read More &raquo;Transport Layer Security &#038; Digital Certificates (SSL\/TLS)\" \/>\n<meta property=\"og:url\" content=\"https:\/\/learnlearn.uk\/alevelcs\/transport-layer-security-digital-certificates-ssltls\/\" \/>\n<meta property=\"og:site_name\" content=\"A Level Computer Science\" \/>\n<meta property=\"article:modified_time\" content=\"2022-03-21T14:28:16+00:00\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Estimated reading time\" \/>\n\t<meta name=\"twitter:data1\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/learnlearn.uk\/alevelcs\/transport-layer-security-digital-certificates-ssltls\/\",\"url\":\"https:\/\/learnlearn.uk\/alevelcs\/transport-layer-security-digital-certificates-ssltls\/\",\"name\":\"Transport Layer Security & Digital Certificates (SSL\/TLS) - A Level Computer Science\",\"isPartOf\":{\"@id\":\"https:\/\/learnlearn.uk\/alevelcs\/#website\"},\"datePublished\":\"2021-03-31T00:42:03+00:00\",\"dateModified\":\"2022-03-21T14:28:16+00:00\",\"breadcrumb\":{\"@id\":\"https:\/\/learnlearn.uk\/alevelcs\/transport-layer-security-digital-certificates-ssltls\/#breadcrumb\"},\"inLanguage\":\"en-GB\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/learnlearn.uk\/alevelcs\/transport-layer-security-digital-certificates-ssltls\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/learnlearn.uk\/alevelcs\/transport-layer-security-digital-certificates-ssltls\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"A Level Computer Science Home\",\"item\":\"https:\/\/learnlearn.uk\/alevelcs\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Transport Layer Security &#038; Digital Certificates (SSL\/TLS)\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/learnlearn.uk\/alevelcs\/#website\",\"url\":\"https:\/\/learnlearn.uk\/alevelcs\/\",\"name\":\"A Level Computer Science\",\"description\":\"CIE Specification\",\"publisher\":{\"@id\":\"https:\/\/learnlearn.uk\/alevelcs\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/learnlearn.uk\/alevelcs\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-GB\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/learnlearn.uk\/alevelcs\/#organization\",\"name\":\"A Level Computer Science\",\"url\":\"https:\/\/learnlearn.uk\/alevelcs\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-GB\",\"@id\":\"https:\/\/learnlearn.uk\/alevelcs\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/learnlearn.uk\/alevelcs\/wp-content\/uploads\/sites\/20\/2019\/09\/LearnLearnLogowhite.png\",\"contentUrl\":\"https:\/\/learnlearn.uk\/alevelcs\/wp-content\/uploads\/sites\/20\/2019\/09\/LearnLearnLogowhite.png\",\"width\":710,\"height\":98,\"caption\":\"A Level Computer Science\"},\"image\":{\"@id\":\"https:\/\/learnlearn.uk\/alevelcs\/#\/schema\/logo\/image\/\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Transport Layer Security & Digital Certificates (SSL\/TLS) - A Level Computer Science","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/learnlearn.uk\/alevelcs\/transport-layer-security-digital-certificates-ssltls\/","og_locale":"en_GB","og_type":"article","og_title":"Transport Layer Security & Digital Certificates (SSL\/TLS) - A Level Computer Science","og_description":"Secure Socket Layer \/ Transport Layer Security SSL and the newer TLS are technologies that allow the secure encryption and transmission of data across the internet. Without these technologies any data sent across the internet would be susceptible to interception by third parties. This data could include: Personal information &#8211; home address, telephone number Sensitive&hellip;&nbsp;Read More &raquo;Transport Layer Security &#038; Digital Certificates (SSL\/TLS)","og_url":"https:\/\/learnlearn.uk\/alevelcs\/transport-layer-security-digital-certificates-ssltls\/","og_site_name":"A Level Computer Science","article_modified_time":"2022-03-21T14:28:16+00:00","twitter_card":"summary_large_image","twitter_misc":{"Estimated reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/learnlearn.uk\/alevelcs\/transport-layer-security-digital-certificates-ssltls\/","url":"https:\/\/learnlearn.uk\/alevelcs\/transport-layer-security-digital-certificates-ssltls\/","name":"Transport Layer Security & Digital Certificates (SSL\/TLS) - A Level Computer Science","isPartOf":{"@id":"https:\/\/learnlearn.uk\/alevelcs\/#website"},"datePublished":"2021-03-31T00:42:03+00:00","dateModified":"2022-03-21T14:28:16+00:00","breadcrumb":{"@id":"https:\/\/learnlearn.uk\/alevelcs\/transport-layer-security-digital-certificates-ssltls\/#breadcrumb"},"inLanguage":"en-GB","potentialAction":[{"@type":"ReadAction","target":["https:\/\/learnlearn.uk\/alevelcs\/transport-layer-security-digital-certificates-ssltls\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/learnlearn.uk\/alevelcs\/transport-layer-security-digital-certificates-ssltls\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"A Level Computer Science Home","item":"https:\/\/learnlearn.uk\/alevelcs\/"},{"@type":"ListItem","position":2,"name":"Transport Layer Security &#038; Digital Certificates (SSL\/TLS)"}]},{"@type":"WebSite","@id":"https:\/\/learnlearn.uk\/alevelcs\/#website","url":"https:\/\/learnlearn.uk\/alevelcs\/","name":"A Level Computer Science","description":"CIE Specification","publisher":{"@id":"https:\/\/learnlearn.uk\/alevelcs\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/learnlearn.uk\/alevelcs\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-GB"},{"@type":"Organization","@id":"https:\/\/learnlearn.uk\/alevelcs\/#organization","name":"A Level Computer Science","url":"https:\/\/learnlearn.uk\/alevelcs\/","logo":{"@type":"ImageObject","inLanguage":"en-GB","@id":"https:\/\/learnlearn.uk\/alevelcs\/#\/schema\/logo\/image\/","url":"https:\/\/learnlearn.uk\/alevelcs\/wp-content\/uploads\/sites\/20\/2019\/09\/LearnLearnLogowhite.png","contentUrl":"https:\/\/learnlearn.uk\/alevelcs\/wp-content\/uploads\/sites\/20\/2019\/09\/LearnLearnLogowhite.png","width":710,"height":98,"caption":"A Level Computer Science"},"image":{"@id":"https:\/\/learnlearn.uk\/alevelcs\/#\/schema\/logo\/image\/"}}]}},"rttpg_featured_image_url":null,"rttpg_author":{"display_name":"learnlearnadmin","author_link":"https:\/\/learnlearn.uk\/alevelcs\/author\/learnlearnadmin\/"},"rttpg_comment":0,"rttpg_category":null,"rttpg_excerpt":"Secure Socket Layer \/ Transport Layer Security SSL and the newer TLS are technologies that allow the secure encryption and transmission of data across the internet. Without these technologies any data sent across the internet would be susceptible to interception by third parties. This data could include: Personal information &#8211; home address, telephone number Sensitive&hellip;&nbsp;Read&hellip;","_links":{"self":[{"href":"https:\/\/learnlearn.uk\/alevelcs\/wp-json\/wp\/v2\/pages\/1879"}],"collection":[{"href":"https:\/\/learnlearn.uk\/alevelcs\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/learnlearn.uk\/alevelcs\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/learnlearn.uk\/alevelcs\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/learnlearn.uk\/alevelcs\/wp-json\/wp\/v2\/comments?post=1879"}],"version-history":[{"count":6,"href":"https:\/\/learnlearn.uk\/alevelcs\/wp-json\/wp\/v2\/pages\/1879\/revisions"}],"predecessor-version":[{"id":2257,"href":"https:\/\/learnlearn.uk\/alevelcs\/wp-json\/wp\/v2\/pages\/1879\/revisions\/2257"}],"wp:attachment":[{"href":"https:\/\/learnlearn.uk\/alevelcs\/wp-json\/wp\/v2\/media?parent=1879"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}