Open SSL Handshaking
- SSL protocol, does its fantastic job of securing communication over the wire, with the help of multiple layers of protocols, above TCP.
- Always keep in mind that, although HTTP protocol is the protocol, which highly makes use of SSL, to secure communication. SSL is an application layer independent protocol.So you can use that with any application layer Protocol.
- But a major point to note here is that, both the server and client must first agree on the same algorithm, that they are going to use in their communication.
- As the client is the first person to begin the communication, the first step that the client does is to tell server, about the cipher suits and MAC(Message Authentication code, this is made in record Layer.Read Record Layer Protocol in SSL) hash algorithm's it supports.
********************************************************************************************************
This is done by sending a CLIENT-HELLO message. The client's Hello message consists of the following contents.
- SSL version that the client supports
- In what order the client prefer the versions
- The ciphersuits(Cryptographic Algo's) supported by the client
- Compression methods supported if any
- Random Number
- Keep in mind that, during the SSL initial handshake, nothing is encrypted. So anybody can sniff, and see whats going on. Encryption, starts only after the master secret(which will be used to encrypt and decrypt data as well as MAC calculation) is send by the client.
********************************************************************************************************
- Client hello message content:-
- SSL Version number
- Random Data number
- Session ID
- Cipher suit--RSA algorithm is used for the initial key exchange which will be done using public key cryptography.
Server HELLO MSG in SSL-TLS
only the extra is CERTIFICATE that server gives to client and Public key shared with the client.
*********************************************************************************
Comments
Post a Comment