Post

TLS/ SSL HandShake

Posted
By So Hee Park 3 min read

✅ TLS/SSL

SSL

Secure Socket Layer

  • provide network transport security
  • prevent eveasdropping, forgery of transport data of server-client
  • encrypt data over client-server

TLS

Transport Layer Security

Handshake

Before client and server communicates in HTTTS, checks SSL for security

✅ TLS/SSL Handshake

Screenshot 2024-07-27 at 09 51 45

  • SSL is created of three phases. SSL handshake - Session - Terminate Session
  • HTTPS operates on SSL

1️⃣ SSL handshake(1~8)

  • First, server and client decides which algorithm to use
  • When algorithm is decided, create symmetric key and share

1. Client Hello
Client sends client hello message to server
client hello message holds such as client random data, version, encryption algorithm
if server and client has had SSL handshake, send session key to reuse the session

  • random data: random dara
  • version
  • encryption algorithm: what kind of encryption algorithm the client can use

2. Server Hello
Server recieves client hello, replies with server hello
Server decides which encryption algorithm to use from the list of algorithms that the client sent
server hello message includes server random data, session ID, CA public key certificate

  • server random data
  • CA public key certificate holds public key

3. Client verify, create pre master secret(symmetric key)
Client checks if CA public key certificate is valid
Then create pre master secret, also called random key byte

  • To check if CA public key certificate digital signature is valid, use public key from CA
  • the certificate has Digital signature by CA
  • If verified, the client will trust the server
  • If CA public key certificate is valid, client creates random key byte also called pre master secret
  • Client creates symmetric key, called pre master secret, combining client random data and server random data
  • This pre master secret will be used assymmetric key for encryption in client-server communication
  • This random key byte is used for symmetric key

4. Encrpyt pre master secret with server's public key

  • Then, send to server
  • ⭐️ Assymetric key used

5. If in step 2, server required client certificate, send client cerfiticate

6. Server checks random key byte, decrypts random key byte(pre master secret) with server private key.

  • Server checks client certificate
  • ⭐️ Assymetric key used

7. Create master secret and session key

  • Client sends finished message saying handshake is complete.
  • Now, server and client will create master secret from pre master secret
  • And use master secret to create session key
  • Hash the transmission messages then encrypts with symmetric key and sends to server.

8-1. Server also hashes transmission messages and checks if they match.

  • If matches, server also sends finished message(encrypted with symmetric key).

8-2.Client decrypts message and checks the server is safe, now two parties will share data with symmetric key.

2️⃣ Session(9)

  • Server and Client exchange messages
  • messages are encrypted with session key which is a symmetric key
  • decryption is also possible with session key

3️⃣ Terminate Session

  • When transmission of data is over, server and client tells each other that the communication is over
  • Then dispose session key

💡 When is symmetric key used?

In level 3, using pre-master-secret which is a symmetric key
During session, when server and client is exchanging messages with session key

💡 When is asymmetric key used?

In level 4, to send pre-master-secret to the server, encrypt the secret with server's public key
In level 6, server will decrypt pre-master-secret using its private key

💡 When is digital signature used?

In level 3, when client verifies the certification from server
the server certificate has digital signature by CA

💡 Why not only use public key?

  • 👎🏻 public key uses a lot of computer power
  • If lots of traffic occur on public key using server, the server will have high cost

💡 Why not only use symmetric key?

  • In order to use private key, the server and client needs to share the private key
  • Cannot share private key without encryption ➡️ need to encrypt with public key

✅ Why use SSL/TLS over HTTP?

Screenshot 2024-08-21 at 18 11 19

  • HTTP exchanges message with plain text
  • 👎🏻 easy to steal data
  • HTTPS is a secure version of HTTP, which is HTTP on SSL/TLS
  • every HTTP message that is sent on HTTPS is encrypted, decrypted by SSL/TLS
Computer Science, Network
This post is licensed under CC BY 4.0 by the author.