SSL Secure Sockets Layer

SSL Encryption Explained

What is SSL?

SSL stands for "Secure Sockets Layer". It is a protocol designed to enable applications to transmit information back and forth securely. Applications that use the Secure Sockets Layer protocol inherently know how to give and receive encryption keys with other applications, as well as how to encrypt and decrypt data sent between the two.

Some applications that are configured to run SSL include web browsers like Internet Explorer and Netscape, email programs like GroupWise, Outlook, and Outlook Express, SFTP (secure file transfer protocol) programs, etc. These programs are automatically able to receive SSL connections.

To establish a secure SSL connection, however, your application must first have an encryption key assigned to it by a Certification Authority in the form of a Certificate. Once it has a unique key of its own, you can establish a secure connection using the SSL protocol.

SSL - a Quick History

In the earlier days of the World Wide Web, 40 bit keys were used. Each bit could contain a one or a zero -- which meant there were 2⁴⁰ different keys available. That's a little over one trillion distinct keys.

Because of the ever-increasing speed of computers, it became apparent that a 40-bit key wasn't secure enough. Conceivably, with the high-end processors that would come available in the future, hackers could eventually try every key until they found the proper one, which would allow them to decrypt and steal private data. It would take some time, but it was possible.

The keys were lengthened to 128 Bits. That's 2^{128 keys}, or 340,282,366,920,938,463,463,374,607,431,768,211,456 unique encryption codes. (That's 340 trillion trillion trillion, for those of you keeping track at home.) It was determined that if computers kept advancing in speed as they have in the past, these 128-bit codes would remain secure for at least another decade, if it not longer. DigiCert certificates don't stop there though. DigiCert Certificates are also compatible with the new AES 256-bit encryption.

SSL and Consumers

Without secure SSL Encryption, most of your customers will simply shop elsewhere. You cannot offer secure authentication to your customers without an SSL Certificate.

Cheap SSL Certificates with High Assurance

Inexpensive SSL Certification is often "Low Assurance", with minimal validation. DigiCert's High Assurance certificates offer the same level of 256 Bit SSL Encryption as the more expensive Certification Authorities, like Verisign, or Thawte. Why pay More, when you can get SSL Certificates with 256 Bit encryption from DigiCert for much less?