Crypto U12, SSL protocol descriptions

Descripción

IYM002 Apunte sobre Crypto U12, SSL protocol descriptions, creado por jjanesko el 05/05/2013.
jjanesko
Apunte por jjanesko, actualizado hace más de 1 año
jjanesko
Creado por jjanesko hace más de 11 años
124
1

Resumen del Recurso

Página 1

High level summary of the SSL handshake protocol The client sends a request to server for a secure connection.  Request includes: session ID, pseudorandom number for freshness, and a list of cipher suites supported. The server responds with the session ID, it's own pseudorandom number for freshness, the selected cipher suite, a copy of its public key certificate and details of the certificate chain. The client should check the certificate's validity.  If good, then the client creates a key that will be encrypted using the server's public key.  This key is called the premaster secret and will be used to derive the keys to secure the session.  The client encrypts the premaster secret with the server's public key, and sends it to the server. Both the clent and the server then use the premaster secret and the two freshness values and a key derivation function to derive symmetric encryption keys and a MAC key. The client then creates a MAC of all of the messages that have been sent thus far and encrypts that using the derived symmetric key.  This is sent to the server as a "finished" message. The server then creates a MAC of all the messages sent thusfar and and encrypts the MAC and sends it to the client as a "finished" message.

Link to higher quality version of image

High level description of record protocol:  For each message sent between client and server or server and client, a MAC is created on the message.   The MAC is appended to the message. Pad as needed. Encrypt the message.

SSL Handshake Protocol

SSL Record Protocol

Mostrar resumen completo Ocultar resumen completo

Similar

Crypto U4, Block Cipher, Cipher Feedback Mode (CFB)
jjanesko
Crypto U4, Block Cipher, Cipher Block Chaining Mode (CBC)
jjanesko
Crypto U3, Theoretical vs. Practical Security
jjanesko
Crypto U1, Basic Principles
jjanesko
Crypto U4, Stream Cipher
jjanesko
Crypto U4, Block Cipher, Counter Mode
jjanesko
Crypto U4, Block Cipher, Electronic Codebook Mode (ECB)
jjanesko
Crypto U2, Crypto design principles
jjanesko
Crypto U10 (part 2), Key Management and Lifecycle
jjanesko
Crypto U9, Cryptographic Protocols
jjanesko
Crypto U10 (part 1), Key Management & Lifecycle
jjanesko