This preview shows page 1. Sign up to view the full content.
Unformatted text preview: e client and server security
capabilities:secure ID, compression
method, and initial random number. Server_hello Phase 2 and 3 Server & Client Authentication and Key Exchange
Server and client exchange
authentication, type of key exchange, Server_Key_
and public-key parameters.
Exchange Web Server Generating the Master Secret Keys
Master Key Server and client create the
shared master key and the
cryptographic parameters. Server-Shared
Master Key Phase 4 Finish Message
Client Finish VPN Client and server exchange
Finish Message and a hash of the
IPsec IKE v2 Server Finish
TLS M. Mogollon – 01/08 - 39 • The cryptographic parameters of the session state are produced by the TLS handshake protocol,
which operates on top of the TLS record layer. When a TLS client and server first start
communicating, they agree on a protocol version, select cryptographic algorithms, authenticate
each other (optional), and use public-key encryption techniques to generate shared secrets.
• The Handshake Protocol can be divided into four phases. 39 VPN, IPSec and TLS Phase 1 Handshake Protocol
Web Server Phase 1 Establishing Security Capabilities Client
Client_Hello 1. A ClientHello.random number (28 bytes), which is used
later in the protocol; 2. A CipherSuite list containing the combinations of
cryptographic algorithms supported by the client (in
order of the client's preference, first choice first); 3. A list of the compression methods supported by the
client, sorted by client preference.
Server_hello 1. A ServerHello.random number (28 bytes), different from
the one sent by the client; 2. A CipherSuite list containing the combinations of
cryptographic algorithms supported by the server (in
order of the server's preference, first choice first); 3. A list of the compression methods supported by the
server, sorted by the server. When the client sends a client_hello message, the server must
When the client sends a client_hello message, the server must
View Full Document
This note was uploaded on 05/26/2010 for the course TECH 6350 taught by Professor Mogollon during the Spring '10 term at University of Arkansas for Medical Sciences.
- Spring '10