Crypto U12, SSL protocol descriptions

Description

IYM002 Note on Crypto U12, SSL protocol descriptions, created by jjanesko on 05/05/2013.
jjanesko
Note by jjanesko, updated more than 1 year ago
jjanesko
Created by jjanesko over 11 years ago
129
1

Resource summary

Page 1

High level summary of the SSL handshake protocol The client sends a request to server for a secure connection.  Request includes: session ID, pseudorandom number for freshness, and a list of cipher suites supported. The server responds with the session ID, it's own pseudorandom number for freshness, the selected cipher suite, a copy of its public key certificate and details of the certificate chain. The client should check the certificate's validity.  If good, then the client creates a key that will be encrypted using the server's public key.  This key is called the premaster secret and will be used to derive the keys to secure the session.  The client encrypts the premaster secret with the server's public key, and sends it to the server. Both the clent and the server then use the premaster secret and the two freshness values and a key derivation function to derive symmetric encryption keys and a MAC key. The client then creates a MAC of all of the messages that have been sent thus far and encrypts that using the derived symmetric key.  This is sent to the server as a "finished" message. The server then creates a MAC of all the messages sent thusfar and and encrypts the MAC and sends it to the client as a "finished" message.

Link to higher quality version of image

High level description of record protocol:  For each message sent between client and server or server and client, a MAC is created on the message.   The MAC is appended to the message. Pad as needed. Encrypt the message.

SSL Handshake Protocol

SSL Record Protocol

Show full summary Hide full summary

Similar

Crypto U4, Block Cipher, Cipher Feedback Mode (CFB)
jjanesko
Crypto U4, Block Cipher, Cipher Block Chaining Mode (CBC)
jjanesko
Crypto U3, Theoretical vs. Practical Security
jjanesko
Crypto U1, Basic Principles
jjanesko
Crypto U4, Stream Cipher
jjanesko
Crypto U4, Block Cipher, Counter Mode
jjanesko
Crypto U4, Block Cipher, Electronic Codebook Mode (ECB)
jjanesko
Crypto U2, Crypto design principles
jjanesko
Crypto U10 (part 2), Key Management and Lifecycle
jjanesko
Crypto U9, Cryptographic Protocols
jjanesko
Crypto U10 (part 1), Key Management & Lifecycle
jjanesko