This preview shows page 1. Sign up to view the full content.
Unformatted text preview: ollowing:
o RSA: A 48-byte pre_master_secret key, enciphered with the public key from the server's
certificate or the temporary RSA key provided in a server key_exchange message. This
pre_master_secret key is used to derive the master_secret key.
o Diffie-Hellman: The client’s Diffie-Hellman public value (gX mod p). If Diffie-Hellman is
used, both client and server perform the Diffie-Hellman calculation to create a pre_master key. 44 VPN, IPSec and TLS Key Calculation – Key and MAC Secrets
Client Web Server
Exchange (wrap / transport ) or agree on
(Diffie-Hellman) a pre-master key. Pre_Master_
Generation Key_Block prf
Expansion Key_Block prf
Client Key, IV
Server Key, IV Symmetric
Encryption Encipher VPN Client MAC
Server MAC Integrity IPsec Confidentiality Symmetric
Encryption Client Key, IV
Server Key, IV Decipher IKE v2 TLS M. Mogollon – 01/08 - 45 • The record protocol requires an algorithm to generate keys and MAC secrets from the security
parameters provided by the Handshake Protocol. As stated before, the master_secret generated
during the Authentication and Key Exchange is used as an entropy source to generate keys and
MAC secrets. The key material is generated as follows:
key_block = PRF (SecurityParameters.master_secret, "key
expansion", SecurityParameters.server_random ||
until enough key material is generated for the following four items: client write MAC secret, server
write MAC secret, client write key, and server write key.
• The master secret is a 48-byte secret shared between the two peers in the connection. The client
random is a 32-byte value provided by the client, and the server random is a 32-byte value
provided by the server.
• The pseudorandom function (PRF) is used to expand secrets into blocks of data for the purposes of
key generation or validation. The PRF takes as input a secret, a seed, and an iden...
View Full Document
- Spring '10