-1

https://en.wikipedia.org/wiki/Transport_Layer_Security#Protocol_details

I was studying how SSL/TSL handshakes work, and though I get the gist of the asymmetric encryption part, I do not understand the Cipher Suite information during the handshake.

Below is a brief summary of what I make of the handshake.

  1. Client Hello
    Sends session info, available cipher suites, and a random string.

  2. Server Hello
    Sends its certificate info, chooses a cipher suite and a random string.

  3. Client

    • Extracts Public Key from the certificate
    • Puts together the two random strings and creates a pre mastered secret with them
    • Encrypts the pre mastered secret with the Public Key
    • Sends the encrypted pre mastered secret

  4. Server

    • Uses private key to decrypt the pre mastered secret

  5. Client & Server

    • Both on their own generate master secret from the pre mastered secret
    • With the Master secret, both generate a symmetric key to be used

  6. Client Change Cipher Suite

    • "(unencrypted)Ok changing the cipher suite now", "(encrypted)Done." type of message

  7. Server Change Cipher Suite

    • "(unencrypted)Ok changing the cipher suite now", "(encrypted)Done." type of message

  8. Secure Connection

How is the initial cipher suite information relevant in this exchange?

And if there is any mistaken understanding about TSL/SSL Handshake I have, please do correct me. Thank you!

John Suh
  • 110
  • 2
  • 9
  • 1
    It is not quite clear to me what you are asking. In step 2 you clearly see that the server chooses the cipher - and the choice is based on what the client has send in step 1 and what the server itself supports. Or are you asking what the cipher suite actually is and how the parts of it (encryption, authentication, ...) are actually used inside TLS? Apart from that, I don't think this is really on-topic here. A better site would be security.stackexchange.com and there are also already many question about the details of TLS. – Steffen Ullrich Jan 07 '18 at 11:41
  • Also, you describe RSA key exchange only. But the recommended key exchange today is Diffie-Hellman. – Steffen Ullrich Jan 07 '18 at 11:42
  • @steffenUlrich Thank you! Will definitely check out security.stackexchange. I was wondering how the parts of the cipher suite are actually used inside TLS after the server picks one - from the abstract understanding I have, I couldn't really nail how exactly the cipher suite was applied. I'll post a more specific question after researching a bit more. – John Suh Jan 08 '18 at 01:55

1 Answers1

0

Cipher suite defines the set of algorithms for this TLS handshake for key exchange, message encryption and message authentication. The article in wikipedia explains is pretty well.

Oleg
  • 726
  • 5
  • 11
  • So essentially, the cipher suite defines "HOW" the key exchange and message encryption will happen. The message encryption itself occurs using the server's public key, but the cipher suite algorithm uses the public key to encrypt it, is my understanding correct? – John Suh Jan 08 '18 at 01:57
  • @JohnSuh: No, the message encryption happens with the symmetric key and not the public key. The symmetric key is created as the result of the key exchange. Cipher defines which algorithm is used for symmetric encryption and HMAC. – Steffen Ullrich Jan 08 '18 at 04:52