Crypto U12, SSL protocol descriptions

Note by , created almost 6 years ago

IYM002 Note on Crypto U12, SSL protocol descriptions, created by jjanesko on 05/05/2013.

Eye 118
Pin 1
Balloon left 0
Created by jjanesko almost 6 years ago
Crypto U4, Block Cipher, Cipher Block Chaining Mode (CBC)
Crypto U4, Stream Cipher
Crypto U2, Crypto design principles
AS Psychology - Research Methods
Suleman Shah
Crypto U4, Block Cipher, Cipher Feedback Mode (CFB)
Crypto U4, Block Cipher, Electronic Codebook Mode (ECB)
Crypto U3, Theoretical vs. Practical Security
Crypto U4, Block Cipher, Counter Mode
Crypto U1, Basic Principles

Page 1

High level summary of the SSL handshake protocol The client sends a request to server for a secure connection.  Request includes: session ID, pseudorandom number for freshness, and a list of cipher suites supported. The server responds with the session ID, it's own pseudorandom number for freshness, the selected cipher suite, a copy of its public key certificate and details of the certificate chain. The client should check the certificate's validity.  If good, then the client creates a key that will be encrypted using the server's public key.  This key is called the premaster secret and will be used to derive the keys to secure the session.  The client encrypts the premaster secret with the server's public key, and sends it to the server. Both the clent and the server then use the premaster secret and the two freshness values and a key derivation function to derive symmetric encryption keys and a MAC key. The client then creates a MAC of all of the messages that have been sent thus far and encrypts that using the derived symmetric key.  This is sent to the server as a "finished" message. The server then creates a MAC of all the messages sent thusfar and and encrypts the MAC and sends it to the client as a "finished" message.

Link to higher quality version of image

High level description of record protocol:  For each message sent between client and server or server and client, a MAC is created on the message.   The MAC is appended to the message. Pad as needed. Encrypt the message.

SSL Handshake Protocol

SSL Record Protocol