After I took the Cryptography course, I started to read more things about the security on the Web. Some of the concepts are now more clear than before because of general understanding of Cryptography. Thanks to the course! I will try to summarize my understanding of several topics in the security.
Transport Layer Security (TLS) / Secure Socket Layer (SSL)
TLS/SSL provide a secure channel between two points using Asymmetric and Symmetric encryption. Just using symmetric cipher only faces the challenge of securely delivering the shared key. For this reason, both asymmetric and symmetric encryption is used.
A secure channel provides message integrity between two points. Before establishing a secure channel, SSL Handshake needs to be happened. This post is to explain how the SSL Handshake works. The Client can be translated as client’s browser and server will be Web Server.
Below scenario doesn’t require a Server to authenticate Client’s Certificate. If Server requires mandatory Client’s Certificate validation, it will happen after Step 4. If Client doesn’t have a Certificate, the handshake will stop. I added some symbols for me to remember and understand the process better.
1. Client sends a message to the server. The message contains a list of algorithm that client can support, client’s date and time (4 bytes), and a random number (28 bytes), which will be used later to generate the server random value (PreMasterSecret).
2. Server sends a message to the client. The message contains the algorithm to be used from the list, server’s date and time (4 bytes), and a random number (28 bytes), which also will be used later to generate the client random value (PreMasterSecret).
3. Server also sends a Certificate to client.
4. Client authenticate the Server’s Certificate by going through below steps. Any failure in the steps will stop the handshake.
- Is Certificate expired?
- Is CA trusted CA?
- Is public key validate issuer’s digital signature?
- Does domain name match? This will prevent the “Man in the middle” attack.
5. Client generates a random value (PreMasterSecret) and encrypt with Server’s public key.
- G() = Xp
- E(PKs, Xp) = Cc
6. Server decrypts the random value (PreMasterSecret) using its private key.
- D(SKs, Cc) = Xp
7. Client and Server use the 28 bytes random number and PreMasterSecret value to generate the Master Secret key.
- X is generated.
8. Client sends “Finished” message with Hash and MAC for a message integrity.
9. Server attempt to decrypt “Finished” message and verify the Hash and MAC. If decryption or verification failed, handshake will stop.
10. Server does the same thing by sending “Finished” message with Hash and MAC.
11. Client performs the same decryption and verification.
12. Handshake is done and further message exchange will be encrypted using the Master Secret key.
Diagram from IBM
Numbers don’t match above. Diagram is to show the steps visually.
TLS/SSL handshake requires many steps from both sides. Key thing is that SSL uses both asymmetric (PK, SK) and symmetric (X – master key) to exchange the Certificate (PK) each other and to encrypt messages after secure channel is established. Next posting, I’d like to summarize the Digital Certificate and different type of attacks on the Web.