Skip to Main Content
Secure Sockets Layer is a Web-based protocol used for securing data exchanges over the Internet. To understand how SSL does its job, we also must review the two cryptographic techniques on which it relies: symmetric-key and public-key cryptography (PKC). If a particular recipient is intended to decode the ciphertext, the sender and receiver must be using the same cryptographic technique, and they must safeguard a secret - a random number (called a key) in the case of symmetric-key cryptography, or the private key of a public/private key pair in the case of the public-key cryptography. To transport data, large messages are divided into multiple smaller messages with a maximum size of 16 Kbytes. Each message is optionally compressed, then a message authentication code (a hash derived from the plaintext, the two nonces, and the pre master secret) is appended. The plain-text and appended MAC are now encrypted using the negotiated symmetric-key scheme and the computed session key.