Tim TrottTim TrottAlways hope, never expect

How Internet Security and SSL Works

By , Sunday 11th October 2009 in Security & Privacy

In this tutorial we will look at how cryptography, encryption and SSL certificates actually work to secure the internet and how the public/private key exchange system works.

The techniques described here are greatly simplified, but serve to illustrate how the system works on the basic level.

Basic encryption for data transmission as we have seen is fairly easy to implement and also easy to hack. If you haven't read the article, it involves one or many methods for encrypting data and a password required to decrypt the data at the other end. A basic encryption algorithm is ROT13 where each letter of the alphabet is rotated 13 places (Hello becomes Uryyb). A more advanced system uses passphrase substitution, and this can only be cracked when you know (or defeat) the password.

Actual systems use more sophisticated algorithms where the password is generally 128 bits or higher giving a password length of 2128 characters, randomly generated.

Now the problem with using this over the internet is that you have to transmit the encrypted data, and the key (we'll start calling these long random generated passwords keys now) so that the person at the destination can decrypt the data. This is obviously open to hacking as both encrypted data and the key are sent together. A secure way of doing this would be to send the encrypted data over the internet, and send the key separately in a different format, such as in person on a USB stick or CD.

This wouldn't really work on the internet for browsing your online banking or doing your shopping would it? Every time you go to logon, you have to wait for a CD to arrive in the post.

The solution here is to use a set of public and private keys and have these exchanged in a secure way.

Let's have a look at how we might be able to send a secure key between two computers without eavesdropping or anyone stealing the secure key.

Public/Private Key Exchange Demonstration
Public/Private Key Exchange Demonstration

In this example we are trying to convey a copy of the blue key, which is our secure private key that nobody else must know about, to the receiver. We will do this by using two public locks, green and red. First, the blue secure key is placed inside a container which is then locked with the senders red padlock. Only the red key can open this padlock.

The locked container is then sent to the receiver, who at this stage cannot open the container.

Public/Private Key Exchange Demonstration
Public/Private Key Exchange Demonstration

The receiver then puts their padlock (green) on the container, and sends the doubly locked container back to the sender.

When the receiver gets the container back, they then remove the red padlock using their red key and sends the container back to the receiver again.

Public/Private Key Exchange Demonstration
Public/Private Key Exchange Demonstration

Now the receiver has a container which only has the green padlock on, which can be opened using the green key and thus the receiver now has access to the blue secure key. From now on all communication between the sender and receiver can be securely send and received by locking with a blue padlock.

Public/Private Key Exchange Demonstration
Public/Private Key Exchange Demonstration

As I said, this is a greatly over simplified example to illustrate how the system works. In reality the systems use complex mathematical calculations and long encryption keys to secure the data transmission. The simplified technique illustrates how secure keys can be transmitted over insecure lines without eavesdropping, snooping or hacking.

My website and its content are free to use without the clutter of adverts, tracking cookies, marketing messages or anything else like that. If you enjoyed reading this article, or it helped you in some way, all I ask in return is you leave a comment below or share this page with your friends. Thank you.

About the Author

Tim Trott

Tim is a professional software engineer, designer, photographer and astronomer from the United Kingdom. You can follow him on Twitter to get the latest updates.

Leave a Reply

Your email address will not be published.