Article | REF: H5230 V1

SSL/TLS protocols

Author: Cyril TESSEREAU

Publication date: April 10, 2005 | Lire en français

You do not have access to this resource.
Click here to request your free trial access!

Already subscribed? Log in!

Automatically translated using artificial intelligence technology (Note that only the original version is binding) > find out more.

A | A

8. Conclusion

TLS fulfills the security objectives expected of it: it is capable of ensuring mutual authentication of actors, confidentiality, and the spatial and temporal integrity of transactions. Naturally, this does not come without interference from the environment: to sum up the essentials, the application that embeds it and the certificate management policy are of critical importance if a reasonable level of security is to be achieved.

This is why TLS can be said to be a secure protocol in terms of its construction and mechanisms, but weak in terms of authentication: unable to do better than the Internet, it offers only passable resistance to active attacks. Of course, this is a theoretical verdict, and the reality leaves relatively few opportunities for attackers to take advantage of it. After several years of service and widespread use, SSL/TLS has not suffered any devastating...

You do not have access to this resource.

Exclusive to subscribers. 97% yet to be discovered!

You do not have access to this resource.
Click here to request your free trial access!

Already subscribed? Log in!

The Ultimate Scientific and Technical Reference

A Comprehensive Knowledge Base, with over 1,200 authors and 100 scientific advisors

+ More than 10,000 articles and 1,000 how-to sheets, over 800 new or updated articles every year

From design to prototyping, right through to industrialization, the reference for securing the development of your industrial projects

This article is included in

Security of information systems

This offer includes:

Knowledge Base

Updated and enriched with articles validated by our scientific committees

Services

A set of exclusive tools to complement the resources

Practical Path

Operational and didactic, to guarantee the acquisition of transversal skills

Doc & Quiz

Interactive articles with quizzes, for constructive reading

Subscribe now!

Ongoing reading
Conclusion

Previous
page A few attacks

Bibliography

References

(1) - KERCKHOFFS (A.) - La cryptographie militaire. - Journal des sciences militaires. Vol. IX, p. 5-38, janv. 1883 ; p. 161-191, fév. 1883.
(2) - DIFFIE (W.), HELLMAN (M.E.) - New directions in cryptography. - IEEE Transactions...

Standardization

Information technology – Open Systems Interconnection – The Directory: Overview of concepts, models and services - ITU-T Rec. X.500 - 02-01
Information technology – Open Systems Interconnection – The Directory: Public-key and attribute certificate frameworks - ITU-T Rec. X.509 - 03-00
Information Technology – Open Systems Interconnection (OSI) – The directory: an overview of concepts, models and services -...

Organizations

Internet Engineering Task Force (IETF) http://www.ietf.org

International Telecommunication Union – Telecom Standardization (ITU-T) http://www.itu.int/ITU-T

National Institute of Standards and Technology (NIST)

Software

OpenSSL http://www.openssl.org

You do not have access to this resource.

Exclusive to subscribers. 97% yet to be discovered!

You do not have access to this resource.
Click here to request your free trial access!

Already subscribed? Log in!

The Ultimate Scientific and Technical Reference

A Comprehensive Knowledge Base, with over 1,200 authors and 100 scientific advisors

+ More than 10,000 articles and 1,000 how-to sheets, over 800 new or updated articles every year

From design to prototyping, right through to industrialization, the reference for securing the development of your industrial projects

Outline
Full outline