{"id":1119,"date":"2019-10-04T04:13:25","date_gmt":"2019-10-04T11:13:25","guid":{"rendered":"https:\/\/www.ssls.com\/blog\/?p=1119"},"modified":"2023-09-27T15:04:31","modified_gmt":"2023-09-27T22:04:31","slug":"understanding-how-ssl-encryption-works","status":"publish","type":"post","link":"https:\/\/www.ssls.com\/blog\/understanding-how-ssl-encryption-works\/","title":{"rendered":"Understanding How SSL Encryption Works"},"content":{"rendered":"Most people know that SSL (Secure Socket Layer) or TLS (Transport Layer Security) is encryption that scrambles the data a person types on a website, to keep it from getting into the wrong hands.\n\nWhen you add your credit card number during an online shop for example, the details are protected<\/a> as they travel from your browser to the website. No-one but you and the website admin can read the information. That\u2019s what it means when you see the padlock HTTPS in your browser.\n\n\n\n\n\n\n\n\nLet\u2019s take a look at how this encryption security<\/a> actually works:\n

The SSL Handshake<\/h2>\nFor the techies out there, the data delivery process is called TCP (Transmission Control Protocol). Think of TCP as the pipe that delivers clean (encrypted) water. When you open your browser (called \u2018the client\u2019) and access an encrypted website (called the server), it kicks off the SSL Handshake. This process happens in a few steps:\n
    \n \t
  1. Your browser client starts the handshake by sending across SSL compatibility information. It also checks the validity of the website\u2019s SSL Certificate<\/a> i.e. ensuring the SSL\/TLS is legitimately authenticated so it can be trusted. Tech savvy people can generate something that looks like an SSL, but it\u2019s like naming a website The Bank of America, that doesn\u2019t make it true. It\u2019s important to know that every SSL\/TLS works by using two keys: a public key that encrypts data and a private key that unlocks it. Like a government mailbox, you put your letter in (public key), and only the mail workers have access to take the letter out (private key). It\u2019s a one way interaction, which is why it\u2019s called an asymmetric-key system.<\/li>\n \t
  2. After your browser confirms the SSL Certificate<\/a> is valid, it encrypts the data transfer session with the website server\u2019s public key.<\/li>\n \t
  3. The website server then receives the private key from the browser client for decryption.<\/li>\n \t
  4. Both sides agree on something called a cipher suite, and generate session keys (also called symmetric keys because they operate on both sides) which allow them to encrypt and decrypt the data sent during an SSL session.<\/li>\n<\/ol>\nThis sounds complicated but the SSL Handshake takes milliseconds, which just shows how amazing technology is behind the scenes. Now the data encryption<\/a> is in place and the info gets securely sent between your browser and the website. It\u2019s like people getting to know each other before they feel safe to talk more deeply, only it happens in the blink of an eye.\n

    Encryption Strength<\/h2>\nIndustry standard SSL\/TLS strength is 256 bits encryption for data moving from your browser to a website server. The bigger the number, the longer it takes to decrypt the data. Put another way, a higher bit strength makes it harder for criminal types to hack in and decrypt private information.\n\nIf 256 is not supported by either the browser or server, the SSL data session steps down to 128 bits. This is not something to worry about really, because modern setups support 256 bits. Decryption strength also involves ciphers and algorithms, but this article is about giving you the main points to understand, without getting too complex.\n

    Take Away<\/h3>\nHTTPS websites allow customers to have a data session, where they can safely share their personal information (such as email address or credit card details) on websites.\n\nThis process involves the SSL Handshake. It boils down to the browser you\u2019re using getting to know the website server you\u2019re engaging with, so they can agree on the best way to encrypt the travelling data. It\u2019s a robust, structured and fairly complex process behind the scenes, but to users it all happens in the blink of an eye. Almost like magic.\n","protected":false},"excerpt":{"rendered":"

    Most people know that SSL (Secure Socket Layer) or TLS (Transport Layer Security) is encryption that scrambles the data a person types on a website, to keep it from getting into the wrong hands. When you add your credit card number during an online shop for example, the details are protected as they travel from […]<\/p>\n","protected":false},"author":9,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-1119","post","type-post","status-publish","format-standard","hentry","category-news"],"_links":{"self":[{"href":"https:\/\/www.ssls.com\/blog\/wp-json\/wp\/v2\/posts\/1119","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.ssls.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.ssls.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.ssls.com\/blog\/wp-json\/wp\/v2\/users\/9"}],"replies":[{"embeddable":true,"href":"https:\/\/www.ssls.com\/blog\/wp-json\/wp\/v2\/comments?post=1119"}],"version-history":[{"count":7,"href":"https:\/\/www.ssls.com\/blog\/wp-json\/wp\/v2\/posts\/1119\/revisions"}],"predecessor-version":[{"id":2725,"href":"https:\/\/www.ssls.com\/blog\/wp-json\/wp\/v2\/posts\/1119\/revisions\/2725"}],"wp:attachment":[{"href":"https:\/\/www.ssls.com\/blog\/wp-json\/wp\/v2\/media?parent=1119"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.ssls.com\/blog\/wp-json\/wp\/v2\/categories?post=1119"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.ssls.com\/blog\/wp-json\/wp\/v2\/tags?post=1119"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}