University of Texas at Austin Department of Computer Sciences
Networking Research Laboratory
Department of Computer Science
The University of Texas at Austin

Director: Simon S. Lam (more publications)


A brief history of the first secure sockets layer (Wikipedia version)


In 1993, my research group invented secure sockets, also designed and built a prototype of the first secure sockets layer, named Secure Network Programming (SNP).  This work was published in the 1994 USENIX Summer Technical conference [1].  For this contribution, we won the 2004 ACM Software System Award (prior winners include Unix, TCP/IP, and WWW).

Our work began in 1991 as a theoretical investigation on the formal meaning of a protocol layer satisfying an upper interface specification as a service provider and a lower interface specification as a service consumer [2]. A case study of adding a security layer between the application and network layers was presented [3]. This work was sponsored by the National Science Foudation [4].

We received a grant from the National Security Agency in June 1991 to investigate how to apply our theory of modules and interfaces to security verification [5].  At that time, there were three well-known authentication systems built (MIT's Kerberos) or being developed (DEC's SPX and IBM's KryptoKnight).  We recognized that all of these systems suffered from a common drawback, namely, they did not export a clean and easy-to-use interface that could be readily used by Internet applications.  For example, it would take a tremendous amount of effort to “kerberize” an existing distributed application.

Toward the goal of  "secure network programming for the masses," we conceived secure sockets as a high-level abstraction suitable for securing Internet applications.  In 1993, we designed and built a prototype of SNP.  Designed as an application sublayer on top of sockets, SNP provides a user interface closely resembling sockets.  This resemblance was by design so that security could be retrofitted into existing socket programs with only minor modifications.  Also, with such a sublayer carefully designed and its implementation thoroughly debugged, it can be easily used by any Internet application that uses sockets for end-to-end communications.  This is a natural idea in hindsight but, in 1993, it was novel and a major departure from mainstream network security research at that time.

SNP's secure sockets support both stream and datagram semantics with security guarantees (i.e., data origin authenticity, data destination authenticity, data integrity, and data confidentiality.)  Many of the ideas and design choices in SNP can be found in subsequent secure sockets layers, including: placing authenticated communication endpoints in the application layer, use of public key cryptography for authentication, a handshake protocol for establishing session state including a shared secret, use of symmetric key cryptography for data confidentiality, and managing contexts and credentials in the secure sockets layer.

We articulated the case for secure sockets in a paper presented on June 8, 1994 at the USENIX Summer Technical Conference [1].  We also presented our system design together with performance measurement results from our prototype implementation to clearly demonstrate the practicality of a secure sockets layer.

We invented secure sockets for Internet applications in general, independently and concurrently with the design and development of the HTTP protocol for the world-wide web which was still in its infancy in 1993.   Subsequent secure sockets layers (SSL by Netscape and TLS by IETF), re-implemented several years later using key ideas first presented in SNP, enabled secure e-commerce between browsers and servers. (Netscape was founded as a company on April 4, 1994 to develop a browser.) Today, many other Internet applications (including email) use HTTPS which consists of HTTP running over a secure sockets layer.



[1] Thomas Y. C. Woo, Raghuram Bindignavle, Shaowen Su, and Simon S. Lam, "SNP: An Interface for Secure Network Programming," Proceedings USENIX Summer Technical Conference, Boston, June 6-10, 1994; also available from .

[2] Simon S. Lam and A. Udaya Shankar, "A Theory of Interfaces and Modules I--Composition Theorem,'' IEEE Transactions on Software Engineering, Vol. 20, Issue 1, January 1994, pp 55-71. DOI=10.1109/32.263755

[3] Simon S. Lam, A. Udaya Shankar, and Thomas Y. C. Woo, "Applying a Theory of Modules and Interfaces to Security Verification,'' Proceedings IEEE Symposium on Research in Security and Privacy, Oakland, May 1991, pp. 136-154 (Abstract)



[4] Simon S. Lam (PI/PD), "A Theoretical Foundation for Communication Network Protocols," National Science Foundation no. NCR-9004464, 9/1/90 to 8/31/94.

[5] Simon S. Lam (PI/PD), "Applying a Theory of Modules and Interfaces to Security Verification," NSA INFOSEC University Research Program grant no. MDA 904-91-C-7046, 6/28/91 to 6/27/94.


The text of this webpage is available for modification and reuse under the terms of the Creative Commons Attribution-Sharealike 3.0 Unported License and the GNU Free Documentation License (unversioned, with no invariant sections, front-cover texts, or back-cover texts).