Types of encryption and their use in SSL certificates

By G. Lara

Types of encryption and their use in SSL certificates
Credits: CC BY-SA 3.0, https://commons.wikimedia.org/w/index.php?curid=1698345

In this article we will explain what is encryption? and how is it used in an SSL certificate?
It is advisable to have an SSL certificate for your website, because it encrypts the traffic between the browser and your website, in addition to certifying the authenticity of the web domain.

An SSL certificate is important for the cybersecurity of your website and of the people who visit your website, your potential customers, therefore our ready to launch Online Store websites we sell have an SSL certificate included. More information in this link order your online store website

We already know that an SSL certificate is important, today we are going to talk a little more about what is encryption? How does it work? Types of encryption and which are used in an SSL certificate.

What is encryption?

Encryption is a process that consists of converting a plain text, or a text readable by everyone, into an encrypted text that can only be read by the person who has the secret code to reverse this process, called decryption.

We have been using encryption techniques for centuries. One of the oldest dates from 700 BC. There is evidence that the Greek and Spartan generals used a simple text message encryption system that consists of the use of a cylinder or staff and a strip of leather or papyrus.

When a commander was sent out on a campaign, two wooden staves were made exactly equal in length and thickness, so that each one is exactly the same as the other in size. The commander kept one of the staves and his envoy to the front would take the other. These wooden batons are called Scytale. More information in this link https://en.wikipedia.org/wiki/Scytale.

Every time the envoy sent to the front needed to send a secret or important message, he used a long and narrow leather strip, like a strap, and wrapped it around his scytale, leaving no empty space, the entire surface was covered with the strip. After doing this, he would write the message to be sent on the strip wrapped over the scytale. Once the message was written, he would remove the leather strip and send it to the commander. The message written on this strip is not legible as the sequence of letters does not make sense, they are out of order. Until once received by the commander, he would wrap the message strip around his scytale and the legible message would appear.

Each scytale had its own dimensions and they were easy to steal and forge, but the encrypted messages used to refer to an ongoing battle and were not very important with the passage of time, so it was a very effective encryption method for that age.

This would be a simple type of encryption, where the algorithm would be the wrapping of the encrypted message around the scytale. So the scytale would be the decryption key in this case.

Types of encryption

Encryption algorithms can encrypt each bit of information, encrypting them one by one like a string or they can act on groups of bits of fixed length, called blocks (128 bits, 256 bits, etc).

1. Symmetric encryption algorithms: only one secret key is used to encrypt and decrypt the information.

These types of encryption algorithms are very fast, each party already has the key, but we must bear in mind that the transport of keys is difficult (the only safe and true way is to deliver it in person) and once the key is exchanged there is no identity verification of who has the key.

2. Asymmetric encryption algorithms: they use key pairs, public keys, which can be widely disseminated, and private keys, which are only known to the owner.

In this case, a public key infrastructure is needed and digital certificates are used to verify identity.

These types of encryption algorithms use authentication that allow verifying the identity of the sender / recipient, the private key never needs to be shared. But this makes them slower than symmetric algorithms as they require a certificate authority and create the need to trust a third party.

Examples of this type of encryption algorithms are RSA and Diffie-Hellman.

Encryption in an SSL certificate

Both types of encryption are used for data encryption using an SSL certificate: asymmetric first to verify the identity of the web domain using a digital cerficate. Once communication is established, the encryption keys are exchanged for the chosen symmetric algorithm. From here the communication continues using a symmetric encryption algorithm, faster, which is very important for these days of immediate information exhange as we have on the internet.

This we have all the elements in one: certification of the authenticity of the interlocutors (server and user) through a trusted third party, exchange of symmetric keys in a secure environment to ensure the confidentiality and speed of the exchange of information.

SSL certificates are named after the acronym Secure Server Layer, but it is interesting to point out that in the year 2000 it was replaced by TLS, Transport Socket Layer. Today's browsers use the version 1.2 or 1.3 of TLS. The SSL protocol was originally developed by Netscape (it seems like their protocol name is going to outlive their brand).

How does an SSL certificate work?

Broadly speaking, when your internet server connects to a web page with an HTTPS certificate, the first thing that happens is what is called the TLS handshake.

Your internet browser sends a Hello message to the web server you are connecting to. This message includes the TLS version, the algorithms it can use for communication, and a random text.

The web server replies with another Hello message with more or less the same information, plus its digital certificate with its public key.

Then your web browser verifies the authenticity of the server's digital certificate through the trusted certification authority. Once the identity of the server is assured, the browser encrypts the traffic using the server's public key, sending an initial encryption key, encoded with the server's public key.

The server receives this key and decrypts it using its private key.

Types of encryption and their use in SSL certificates

From here, the symmetric private session keys are generated on both sides that will be used to encrypt / decrypt the information that is exchanged while they remain connected.

More information about this process in this link https://en.wikipedia.org/wiki/Transport_Layer_Security

You can view the information of an SSL certificate by clicking on the padlock in the address bar of your web browser. In the pop-up window you can see the algorithms used for signing and encrypting the data.

You can also see information about who is the certified authority that signs the digital certificate of the domain, which gives us the assurance that the identity of this web domain has been confirmed.

The image shows the information of an SSL certificate in a web browser where you can see the types of encryption

If you are thinking of having a website with your own domain name, we recommend that you install an SSL Security Certificate for your website. Many of our web pages with a fixed price already come with an SSL included, especially if you are going to sell online or want a good positioning in web search engines. You can check our price ranges on our website at this link /en/website-prices.php

You can contact us to get more information on how to get an SSL certificate or a new website or online store.