TLS and SSL

Question 1

What are SSL and TLS designed for?

Answer 1

SSL and TLS are as cryptographic protocols designed to facilitate secure communication over networks

Question 2

Which is the predecessor of which

Answer 2

SSL is the predecessor of TLS

Question 3

Describe SSL

Answer 3

SSL, or Secure Sockets Layer, is an encryption-based Internet security protocol.

It was developed for the purpose of ensuring privacy, authentication, and data integrity in Internet communications.

Question 4

What is an SSL/TLS Certificate

Answer 4

An SSL/TLS certificate is a digital credential that facilitates secure communication between systems over the internet using the Secure Sockets Layer (SSL) or Transport Layer Security (TLS) protocol.

It serves as a digital identity card, allowing systems to verify each other’s identity and establish encrypted connections.

Question 5

What is included in an SSL/TLS Certificate

Answer 5

The domain name
Certificate authority
Issuance date
Expiration date
Public key
SSL/TLS version
Certificate authority’s digitical signature

Question 6

Why are the certificates important

Answer 6

1. Crucial for establishing trust and security
2. Encrypt data transmitted between clients and servers
3. Protect sensitive information from hackers.
4. Provide visual cues

Question 7

What are key principles in SSL/TLS

Answer 7

1. Encryption,
2. Authentication
3. Digital Signature
4. Asymmetric cryptography
5. Public key Infrasture

Question 8

What is a TLS Handshake

Answer 8

A TLS handshake is the process that kicks off a communication session that uses TLS.

During a TLS handshake, the two communicating sides exchange messages to acknowledge each other, verify each other, establish the cryptographic algorithms they will use, and agree on session keys.

Question 9

Describe the TLS Handshake

Answer 9

Client’s Request:

Client initiates handshake
Sends message with supported cryptographic algorithms and parameters
Server’s Response:

Server responds with selected cryptographic algorithms and parameters
Provides digital certificate if required
Authentication and Key Exchange:

Client verifies server’s digital certificate
Sends its own certificate if needed
Both agree on cryptographic keys for encryption and decryption
Session Keys:

Establish cryptographic keys
Securely encrypt and decrypt data ensuring confidentiality and integrity
Handshake Completion:

Session keys in place
Secure data exchange begins over the encrypted connection

Question 10

What Java Extensions can be used as a framework for SSL/TLS

Answer 10

The Java Secure Socket Extension (JSSE) enables secure Internet communications. It provides a framework and an implementation for a Java version of the SSL and TLS protocols

Question 11

What is a keystore

Answer 11

Keystore: A keystore is a repository of security certificates, typically containing private keys and corresponding certificates for authentication.

In the context of SSL/TLS communication, the server’s private key and its associated certificate are stored in a keystore. Keystores are protected by a password.

Question 12

What is a trustore

Answer 12

Truststore: A truststore is a repository of certificates used to verify the authenticity of certificates presented by other parties in SSL/TLS connections.

It contains trusted certificates from trusted Certificate Authorities (CAs) or self-signed certificates that the application trusts.
Truststores are used by clients to verify the identity of servers in SSL/TLS connections.