Secure HTTP (S-HTTP)
Secure HTTP (S-HTTP) is a security extension to the HTTP protocol, and it allows secure transactions over the Web by allowing messages to be encapsulated and have security transformations applied to it. It provides a wide range of cryptographic mechanisms to be used for providing privacy and authentication, and is therefore not tied to any particular cryptographic algorithm or system.
Secure Sockets Layer (SSL)
Secure Sockets Layer (SSL) is another technology for transmitting secure communications over the World Wide Web. SSL was developed by Netscape Communications in 1994 to provide security and privacy to Internet sessions. It provides both server-side and client-side authentication.
A SSL client and the server establish a secure connection by a handshaking procedure. During the course of this process, the server submits a digital certificate (electronic document containing identity information) to the client and states its preference for the cipher to be used for communication. The client then generates a secret key and submits it to the server, properly encrypted using the server's public key. The server then decrypts this message using its private key and obtains the secret key, and authenticates itself to the client by sending it a message encrypted with the secret key it just received. Once this is done, further communication takes place with the data encrypted using this private key.
Secure Shell (SSH)
Another protocol which facilitates secure online communication, SSH (Secure Shell) was developed by Tatu Ylönen (researcher, Helsinki University of Technology in Finland) in the year 1995. Cryptography accounts for both authentication and confidentiality. It is essentially a program which allows one computer to communicate with another in the same network, and transfer files between the two even when the communication channels are unsecure.
Making use of public key cryptography, SSH protects against host sending packets (data sent between the source and destination on the internet) under the pretence of coming from trusted source. In addition to this, it guards against the interference of intermediate hosts. Therefore, any external source which tries to conquer the network may succeed in disconnecting SSH, but lacks the power to decrypt the traffic flow.
There are 2 different versions which exist – SSH1 and SSH2. The only difference between the two is the protocols used. They are incompatible and SSH2 is known to be safer.
- Secure Shell FAQ Section 1: About Secure Shell
- History of SSH (SSH, The Secure Shell: The definitive guide)