This preview shows page 1. Sign up to view the full content.
Unformatted text preview: In TLS, the following key exchange methods are supported:
o RSA: The secret key is enciphered with the server’s private key.
o Fixed Diffie-Hellman: The server’s certificate has the Diffie-Hellman parameters, signed by a
certificate authority (CA).
o Ephemeral Diffie-Hellman: The Diffie-Hellman parameters are signed using the server’s RSA
o Anonymous Diffie-Hellman: The Diffie-Hellman parameters are not signed.
• Regardless of the key-exchange method, the server needs to specify the parameters for the key
exchange. The server key-exchange message conveys cryptographic information to allow the client
to communicate the pre-master secret: either an RSA public key to encrypt the pre-master secret
with, or a Diffie-Hellman public key with which the client can complete a key exchange (with the
result being the pre-master secret).
• The server key exchange parameters are signed by creating a hash (MD5 or SHA) of the
parameters and encrypting it with the server’s private key. 41 VPN, IPSec and TLS Phase 3 Handshake Protocol
Web Server Client Authentication and Key Exchange Client 1.
2. Client verifies whether or not the server’s certificate is valid.
Client sends certificate, if the server has requested it.
— 3. Pre-master key exchange
— 4. Client must send either the certificate message or a no_certificate alert; this
alert is only a warning. If client authentication is required, the server may
respond with a fatal handshake failure alert.
RSA: A 48-byte pre-master secret key, encrypted with the server’s RSA public
Diffie-Helman: Both client and server perform the Diffie-Hellman calculation to
create a pre-master key. Master Key generation
— Once the pre-master key has been created, either from RSA or from DiffieHellman, the master key is computed as follows: Master_Key = PRF(pre_master_secret, "master secret", ClientHello.random + ServerHello.random)
Master_Key = PRF(pre_master_secret, "master secret", ClientHello.random + ServerHello.random)
PRF = Ps...
View Full Document
This note was uploaded on 05/26/2010 for the course TECH 6350 taught by Professor Mogollon during the Spring '10 term at University of Arkansas for Medical Sciences.
- Spring '10