NBB - helpdesk

SSL stands for Secure Socket Layer and means that all messages between the user's computer and the site in question are encoded. This is achieved by a combination of a public key and symmetric encryption. The messages are rendered illegible by a key and an encryption algorithm set by the client and the server when the link is established.

Using SSL ensures that the data transmitted are not altered in transit. This can be achieved by using a special algorithm which is agreed between the two servers. This algorithm adds a control data item (or data digest) to the data sent. This digest is checked by the receiving server by making a new digest using the data sent and comparing that with the digest received. If the two correspond, one can be sure of the integrity of the message sent. Before an internet company can use the SSL protocol, it must apply for a certificate from a specialist, independent organisation (such as Verisign). These certificates are issued only after a thorough check on the applicant.

There can be little doubt about the security of SSL. SSL uses known, secure public key encryption mechanisms. The export version of SSL (used outside the United States) makes use of a forty-bit key for the encryption. The number of possible combinations with this key totals 2 to the power of 40 (more than 1 billion). An attempt was made to crack this key, and with a network of 120 computers it took 8 days to scan just half of all the possibilities.

The SSL version used on the NBB's site makes use of a 128-bit key. This means that there are 2 to the power of 128 possible combinations. This version is totally incapable of being cracked, because if it takes 16 days to crack a 40-bit key, then it takes 32 days for a 41-bit key, 64 days for 42 bits and so on.

If an internet page is secured by SSL, that can be seen from the URL. This then begins with "https" instead of the usual "http". The additional "s" here stands for Secure. Almost all browsers support SSL and most of the major browsers have a special symbol at the bottom of the status bar to emphasise the security (in the case of Microsoft Internet Explorer it is a closed padlock, Netscape Communicator uses a small key).

The term encryption means the encoding of digital documents so that they can be sent in a secure manner via insecure media (such as the internet). There are various types of encryption, symmetric encoding and asymmetric or public key encryption. This subdivision is based on the number of keys used.

	General

	What is SSL?

	SSL stands for Secure Socket Layer and means that all messages between the user's computer and the site in question are encoded. This is achieved by a combination of a public key and symmetric encryption. The messages are rendered illegible by a key and an encryption algorithm set by the client and the server when the link is established. Using SSL ensures that the data transmitted are not altered in transit. This can be achieved by using a special algorithm which is agreed between the two servers. This algorithm adds a control data item (or data digest) to the data sent. This digest is checked by the receiving server by making a new digest using the data sent and comparing that with the digest received. If the two correspond, one can be sure of the integrity of the message sent. Before an internet company can use the SSL protocol, it must apply for a certificate from a specialist, independent organisation (such as Verisign). These certificates are issued only after a thorough check on the applicant. There can be little doubt about the security of SSL. SSL uses known, secure public key encryption mechanisms. The export version of SSL (used outside the United States) makes use of a forty-bit key for the encryption. The number of possible combinations with this key totals 2 to the power of 40 (more than 1 billion). An attempt was made to crack this key, and with a network of 120 computers it took 8 days to scan just half of all the possibilities. The SSL version used on the NBB's site makes use of a 128-bit key. This means that there are 2 to the power of 128 possible combinations. This version is totally incapable of being cracked, because if it takes 16 days to crack a 40-bit key, then it takes 32 days for a 41-bit key, 64 days for 42 bits and so on. If an internet page is secured by SSL, that can be seen from the URL. This then begins with "https" instead of the usual "http". The additional "s" here stands for Secure. Almost all browsers support SSL and most of the major browsers have a special symbol at the bottom of the status bar to emphasise the security (in the case of Microsoft Internet Explorer it is a closed padlock, Netscape Communicator uses a small key). The term encryption means the encoding of digital documents so that they can be sent in a secure manner via insecure media (such as the internet). There are various types of encryption, symmetric encoding and asymmetric or public key encryption. This subdivision is based on the number of keys used.