The Secure Sockets Layer (SSL) provides a data security layer between the network layer and various internet transfer protocol applications. For example, SSL can provide a secure session between the transmission control protocol/internet protocol (TCP/IP) network layer and the hypertext transfer protocol (HTTP) or file transfer protocol (FTP) application. SSL provides data encryption, message integrity, and server authentication for TCP/IP connections between clients and servers. SSL ensures that credit card numbers and other sensitive information can be sent over the Internet without fear of interception.
To begin a secure session, the server and client exchange a handshake. In this digital handshake, the client and server are authenticated and also agree on the SSL version, data compression method, and cryptographic algorithm they will use when exchanging data. They also exchange an RSA-encrypted seed key that SSL manipulates to create symmetric session keys that are used to encrypt the data that the client and server exchange. The ICSF PKA encrypt and PKA decrypt callable services provide a secure method for SSL applications to exchange this seed key.
You can exploit PCI cryptographic accelerators, Crypto Express accelerators without entering master keys if SSL uses clear keys. This enhances performance.