Cryptographic security protocols: TLS
Cryptographic protocols provide secure connections, enabling two parties to communicate
with privacy and data integrity. The Transport Layer Security (TLS) protocol evolved from that of
the Secure Sockets Layer (SSL). IBM MQ supports TLS.
The primary goals of both protocols is to provide confidentiality, (sometimes referred to as privacy ), data integrity, identification, and authentication using digital certificates.
Although the two protocols are similar, the differences are sufficiently significant that SSL 3.0 and the various versions of TLS do not interoperate.
Transport Layer Security (TLS) concepts
The TLS protocol enables two parties to identify and authenticate each other and communicate with confidentiality and data integrity. The TLS protocol evolved from the Netscape SSL 3.0 protocol but TLS and SSL do not interoperate.
An overview of the SSL/TLS handshake
The SSL/TLS handshake enables the TLS client and server to establish the secret keys with which they communicate.
How TLS provides identification, authentication, confidentiality, and integrity
During both client and server authentication there is a step that requires data to be encrypted with one of the keys in an asymmetric key pair and decrypted with the other key of the pair. A message digest is used to provide integrity.
CipherSpecs and CipherSuites
Cryptographic security protocols must agree on the algorithms used by a secure connection. CipherSpecs and CipherSuites define specific combinations of algorithms.
Digital signatures in SSL/TLS
A digital signature is formed by encrypting a representation of a message. The encryption uses the private key of the signatory and, for efficiency, usually operates on a message digest rather than the message itself.
Federal Information Processing Standards
The US government produces technical advice on IT systems and security, including data encryption. The National Institute for Standards and Technology (NIST) is an important body concerned with IT systems and security. NIST produces recommendations and standards, including the Federal Information Processing Standards (FIPS).
National Security Agency (NSA) Suite B Cryptography
The government of the Unites States of America produces technical advice on IT systems and security, including data encryption. The US National Security Agency (NSA) recommends a set of interoperable cryptographic algorithms in its Suite B standard.
Parent topic: Security concepts and mechanisms
Related concepts