How SSL & TLS Invented? An Interesting History
History is my favorite subject and when it combines with my favorite product, it makes me thrill to find how SSL certificate and TLS were invented. Read an interesting history behind invention of this amazing product.
HTTPS, green padlock, self-signed / third party signed, EV SSL or Wildcard SSL, for Windows or for Android, for website or web server, determining reputation among software down-loaders and much more. I know you have one word for all these and that is SSL or SSL certificate.
It encrypts communication, establishes a legitimate identity and so on we all know these stuffs. Some of you may have also installed and enjoyed the unbroken bond of security provided by SSL. But, do you know the origin or say the “necessity is the mother of invention” – story of this little buddy of yours? (What? It helps you secure yourself and your clients, right?).
SSL – History unveiled
Secure Socket Layer and famous as SSL which was initially invented by Netscape. The idea behind developing SSL was to secure online communications. The very first version of SSL named SSL version 1.0 was not that successful so the Netscape invented its second version, version 2.0 in 1995 in the month of Feb. Just after its release, people found a number of loopholes in its architecture and hence the third version, SSL version 3.0 came into existence in 1996.
Version 2.0 found vulnerable to man-in-the-middle attack because it was easier to alter the preferences of the messages in 40-bit encryption. Taher A Elgamal popular as ‘father of SSL’, lead the invention of the flawless cryptographic system within SSL Version 3.0. Version 3.0 was far better than its previous versions. With 128-bit encryption, it was nearly impossible for any hacker to alter the messages or intercept it from encrypted transmission.
SSL works between the Hypertext Transfer (HTTP) protocol and Transmission Control Protocol (TCP). Securing almost every aspects of Internet, SSL is very much compatible SMTP, VoIP, FTP and such other protocols.
SSL Certificates – a revolution in Internet Security
Along with SSL encryption, developers also contributed their effort in developing a digital certificate kind of thing. Lately, Certificate Authority (CA) took the responsibility of developing, issuing and improving the SSL certificates. Some of the famous CAs are Digicert, GeoTrust, GlobalSign, RapidSSL, Comodo, Thawte, and so on. VA visible feature like HTTPS in the address bar and a green padlock made the SSL certificate the most trust-able asset.
SSL certificates now provide 256 bit encryption, which highly secured than that of 128-bit encryption. It protects web servers, websites, businesses, softwares, web applications, source code, mobile applications and much more. With add-ons like anti-virus and anti-malware and phishing detection tools, it stands unbeaten when it comes to Internet Security.
TLS – Future Enhancement of SSL
SSL uses the Message Authentication (MAC) algorithm; Transport Layer Security (TLS) goes a step further than this and uses keyed-Hashing Message Authentication (HMAC). What does HMAC will do? Well, it generates an identity check same as the MAC but with HMAC, it become tougher to break it into. TLS is a venture of Internet Engineering Task Force (IETF).
Many new alert messages are included in TLS. Also with the TLS it will not require to associate the certificate to the root CA, an intermediary authority can be used. With TLS in one can benefit with its eminent features like tougher authentication, privacy and integrity, interoperability, flexibility, easy deployment and use.
Related Posts :