The Record Protocol in SSL provides confidentiality and integrity to encrypted data being exchanged after a successful handshake. It takes application messages as input, fragments them into smaller blocks, optionally compresses the blocks, adds a MAC for integrity, encrypts the blocks, and appends a header before sending the data over TCP. At the receiver, the header is removed and the blocks are decrypted, verified with the MAC, decompressed if compressed, and reassembled into the original application messages.
Echo on a Chip - Secure Embedded Systems in Cryptography: A New Perception for the Next Generation of Micro-Controllers handling Encryption for Mobile Messaging
The Record Protocol in SSL provides confidentiality and integrity to encrypted data being exchanged after a successful handshake. It takes application messages as input, fragments them into smaller blocks, optionally compresses the blocks, adds a MAC for integrity, encrypts the blocks, and appends a header before sending the data over TCP. At the receiver, the header is removed and the blocks are decrypted, verified with the MAC, decompressed if compressed, and reassembled into the original application messages.
The Record Protocol in SSL provides confidentiality and integrity to encrypted data being exchanged after a successful handshake. It takes application messages as input, fragments them into smaller blocks, optionally compresses the blocks, adds a MAC for integrity, encrypts the blocks, and appends a header before sending the data over TCP. At the receiver, the header is removed and the blocks are decrypted, verified with the MAC, decompressed if compressed, and reassembled into the original application messages.
The Record Protocol in SSL provides confidentiality and integrity to encrypted data being exchanged after a successful handshake. It takes application messages as input, fragments them into smaller blocks, optionally compresses the blocks, adds a MAC for integrity, encrypts the blocks, and appends a header before sending the data over TCP. At the receiver, the header is removed and the blocks are decrypted, verified with the MAC, decompressed if compressed, and reassembled into the original application messages.
The Record Protocol in SSL comes into picture after a successful handshake is completed between the client and the server. That is, after the client and the server have optionally authenticated each other and have decided what algorithms to use for secure information exchange, we enter into the SSL record protocol. This protocol provides two services to an SSL connection, as follows: (a) Confidentiality This is achieved by using the secret key that is defined by the handshake protocol. (b) Integrity The handshake protocol also defines a shared secret key (MAC) that is used for assuring the message integrity. The operation of the record protocol is shown in Fig. 6.20. As the figure shows, the SSI, record protocol takes an application message as input. First, it fragments it into smaller blocks, optionally compre.es each block, adds MAC, encrypts it, adds a header and gives it to the transport layer, where the TCP protocol processes it like any other TCP block. At the receiver's end, the header of each block is removed; the block is then decrypted, verified, decompressed, and reassembled into application messages. Let us discuss these steps in more detail. (c) Fragmentation The original application message is broken into blocks, so that the size of each block is less than or equal to 2'4 bytes (16,384 by.). (d) Compression The fragmented blocks are optionally compressed. The compression process must not result into the loss of the original data, which means that this must be a lossless compression mechanism. (e) Addition of MAC Using the shared secret key established previously in the handshake protocol, the Message Authentication Code (MAC) for each block is calculated. This operation is similar to the HMAC algorithm. (f) Encryption Using the symmetric key established previously in the handshake protocol, the out-put of the previous step is now encrypted. This encryption may not increase the overall size of the block by more than 1024 bytes. (g) Append Header: Finally, a header is added to the encrypted block. The header contains the following field Content type (8 bits) Specifies the protocol used for processing the record in the next higher level (e.g. handshake, alert, change cipher). Major version (8 bits) Specifies the major version of the SSL protocol in use. For instance, if SSL version 3.1 is in use, this field contains 3.
Echo on a Chip - Secure Embedded Systems in Cryptography: A New Perception for the Next Generation of Micro-Controllers handling Encryption for Mobile Messaging