Cookies help us display personalized product recommendations and ensure you have great shopping experience.

By using this site, you agree to the Privacy Policy and Terms of Use.
Accept
SmartData CollectiveSmartData Collective
  • Analytics
    AnalyticsShow More
    sales and data analytics
    How Data Analytics Improves Lead Management and Sales Results
    9 Min Read
    data analytics and truck accident claims
    How Data Analytics Reduces Truck Accidents and Speeds Up Claims
    7 Min Read
    predictive analytics for interior designers
    Interior Designers Boost Profits with Predictive Analytics
    8 Min Read
    image fx (67)
    Improving LinkedIn Ad Strategies with Data Analytics
    9 Min Read
    big data and remote work
    Data Helps Speech-Language Pathologists Deliver Better Results
    6 Min Read
  • Big Data
  • BI
  • Exclusive
  • IT
  • Marketing
  • Software
Search
© 2008-25 SmartData Collective. All Rights Reserved.
Reading: A Look at How Keyless SSL Works
Share
Notification
Font ResizerAa
SmartData CollectiveSmartData Collective
Font ResizerAa
Search
  • About
  • Help
  • Privacy
Follow US
© 2008-23 SmartData Collective. All Rights Reserved.
SmartData Collective > IT > Security > A Look at How Keyless SSL Works
Security

A Look at How Keyless SSL Works

Anand
Anand
4 Min Read
Image
SHARE

Secure Socket Layer, or SSL for short, is one of the key elements to providing a safe and secure web transaction. Websites that offer financial services or handle confidential user information have for long used SSL technology to encrypt such sensitive data and thus deter hackers from stealing them.

Secure Socket Layer, or SSL for short, is one of the key elements to providing a safe and secure web transaction. Websites that offer financial services or handle confidential user information have for long used SSL technology to encrypt such sensitive data and thus deter hackers from stealing them.

Typically, SSL deployment happens with the help of a public key-private key pair. When a browser requests access to a secure page (https in most cases), it first receives a public key from the web server that is used by the browser to encrypt a random symmetric encryption key. This process is called the encryption handshake. This is then sent to the server along with other required data (which is also encrypted).

Once the server receives this information, it decrypts the data using a private key and processes the information. The output is now passed on to the browser with the help of the random symmetric encryption key. This is now decrypted by the browser before being displayed to the user. The complete process of how this happens is provided in the visual below:

More Read

VPN data security
How Big Data Provides A Pivotal Foundation For VPN Data Security
AI Drives the Intersection of Industrial Hygiene and Cybersecurity
How To Improve Cybersecurity With Data Science
6 Essential Practices For Data Security With Remote Working
Big Data: Important Ways To Protect Yourself Online

ImageRecently however, CloudFlare has come up with an alternate SSL technology that does not require the traditional handshaking process. In this article, we will take a look at how this technology works and compares with the traditional SSL protocol. But in case you didn’t know what CloudFlare does, here is a brief : CloudFlare is a content delivery network (CDN) that protects websites from sudden traffic surges and potential DDoS (Distributed Denial of Service) attacks. This is achieved through the use of their virtualized servers that are spread across the internet. Here is a video that demonstrates what they do (Courtesy : Arvixe Web Hosting)

In keyless SSL used by CloudFlare, the “handshake” operations are typically broken down into two segments. One, the public key operation, and Two, the private key operation. In order to prevent the private key from being handed over to a third party, all aspects of the private key handshaking process happens within the origin website’s infrastructure. To do this, CloudFlare simply sets up a remote key server at the customer’s end. This way, the private part of the handshaking process is complete within the origin web server and thus stays exclusive.

So what happens now is that when a visitor approaches a secure website, the web server first sends out the public key certificate along with the random symmetric encryption key to the browser. At the same time, it passes along the information to the remote key server for signing the public key certificate along with the client and server randoms. This is responded to by the key server once the private key data has been authenticated. Once complete, CloudFlare goes ahead with the rest of the process required to output content to the user. Here is a visual representation of how the keyless SSL works

Cloudflare keyless SSL

So as you can see, keyless SSL does not technically do away with the public key-private key pairs. Instead it has tweaked the Transport Security Layer (TLS) process in a way that is harder to break into.

Share This Article
Facebook Pinterest LinkedIn
Share
ByAnand
Follow:
Anand Srinivasan is the founder of Hubbion, a suite of business apps. The Hubbion Project Management app was ranked among the top 20 in its category for 2017 by Capterra.

Follow us on Facebook

Latest News

sales and data analytics
How Data Analytics Improves Lead Management and Sales Results
Analytics Big Data Exclusive
ai in marketing
How AI and Smart Platforms Improve Email Marketing
Artificial Intelligence Exclusive Marketing
AI Document Verification for Legal Firms: Importance & Top Tools
AI Document Verification for Legal Firms: Importance & Top Tools
Artificial Intelligence Exclusive
AI supply chain
AI Tools Are Strengthening Global Supply Chains
Artificial Intelligence Exclusive

Stay Connected

1.2kFollowersLike
33.7kFollowersFollow
222FollowersPin

You Might also Like

business data security
Security

5 Urgent Changes to Immediately Improve Business Data Security

6 Min Read
data sovereignty
Cloud ComputingITSecurity

What Every Business Owner Needs to Know About Data Sovereignty

5 Min Read
security audit
ITSecurity

4 Easy Steps How to Conduct IT Security Audit of Your Own Company

17 Min Read
cloud computing and robotics
Cloud ComputingITRoboticsSecurity

How Cloud Computing And Robotics Play A Role In Industrial Automation

8 Min Read

SmartData Collective is one of the largest & trusted community covering technical content about Big Data, BI, Cloud, Analytics, Artificial Intelligence, IoT & more.

ai in ecommerce
Artificial Intelligence for eCommerce: A Closer Look
Artificial Intelligence
data-driven web design
5 Great Tips for Using Data Analytics for Website UX
Big Data

Quick Link

  • About
  • Contact
  • Privacy
Follow US
© 2008-25 SmartData Collective. All Rights Reserved.
Go to mobile version
Welcome Back!

Sign in to your account

Username or Email Address
Password

Lost your password?