SSL & SET Flashcards
What is SSL/TLS?
SSL stands for Secure Socket Layer. TLS stands for Transport Layer Security. In today’s context, SSL and TLS are synonymous.
SSL/TLS provides a technological standard for secure communication over web protocols such as HTTP. It can facilitate server authentication using digital certificate and confidentiality/privacy through encryption.
It uses public key cryptography to generate and exchange a (symmetric) shared secret key between client and server, therefore it is considered a hybrid cryptographic system.
What is the main difference between SET and SSL?
SSL can only achieve confidentiality, but SET achieves confidentiality, non-repudiation and authentication. Therefore, SSL cannot prevent fraudulent transactions.
Why did SET fail?
What are the advantages of SSL/TLS?
What are the disadvantages of SSL/TLS?
- SSL/TLS can slow down servers.
- It only protects data in transit, not in databases.
- SSL/TLS is can only facilitate communication between no more than two parties.
- SSL/TLS cannot authenticate the actual identities of the persons behind the client and server. Therefore, it cannot detect masquerading.
What is SET?
SET stands for Secure Electronic Transaction. It was a messaging security protocol used to secure bank-card payment transactions. The bank’s customer is provided with a SET card which contains a digital certificate issued by a trusted certificate holder, allowing for authentication and non-repudiation.
How does SSL/TLS 1.3 handshake protocol work?
The handshake is the most complex part of SSL/TLS protocol.
What are the advantages of SET?
What are the disadvantages of SET?
