Vous êtes sur la page 1sur 13



 Introduction
 Types of Protocol
 SSL Handshake Protocol
Steps in Handshake

 SSL : Secure Socket Layer

 SSL is protocol uses the SSL Record Protocol to exchange a series of
message between an SSL-enabled server and SSL-enabled client when they
first establish an SSL connection.
 It is developed by Netscape in 1994.
 It was standardized by IETF in1999 and called Transport Layer Security(TLS).
Today SSL and TLS are used interchangeable.
Types of Protocol

 SSL comprised of two main protocols (fig 1.1)

1] The Handshake Protocol
2] The Record Layer Protocol
 The SSL handshake protocol is used to negotiate the set of algorithms to
be used for securing the communication link.
 This includes algorithms for encryption and hash computation besides a
method for key exchange. Server authentication in SSL is mandatory and
performed as a part of handshake.
 The handshake protocol is also responsible for deriving keys for encryption
and MAC computation.
Continued ……

 The actual job of providing message authentication integrity checking

and encryption is performed by the SSL record layer protocol. It sits just
below the handshake protocol and protects each message exchanged
by the two communicating parties.
 The record layer protocol detects replayed, re-ordered, and duplicate
SSL on the protocol stack
Continued …..

 Handshake protocol divided into 4 phases:

1] Establish Security Capabilities.
2] Server Authentication and key Exchange.
3] Client Authentication and key Exchange
4] Change Cipher-Spec and Finish
Steps in Handshake Protocol

 Step1: Two messages are communicated in this step Client Hello and Server Hello . The
following decisions are taken here:
1]Should a new session be established or should an existing one be re-used. In the former case,
the session ID field in the Client Hello message is 0; else the field is set to the ID of the session to be
re-used. The session ID field in the Server Hello message is the ID of the new session to be
established or the ID of an existing session.
2]The algorithm to be used in computing the MAC for message integrity. Permissible choices
include MDS and SHA-1.
3]Whether or not message confidentiality is required, If so, the encryption algorithm – DES, 3DES,
AES, RC4, etc., and the key length.
4]The key exchange method used for communicating the pre-master secret.
Continued ….

 Step 2: The server communicates its certificate to the client . On receipt of

the certificate, the client checks the owner’s name/URL and validity
period. It also verifies the signature of the CA on the certificate.
Continued ….

 Step 3: The client chooses a pre-master secret –a 48 byte random number. The
pre-master secret is encrypted with the server’s public key and sent to the server
in the Client_Key_Exchange message.
Both client and server compute the master secret. This is an HMAC-style function,
of the pre-master secret, the nonces exchanged in step1 and some predefined
constants. The communication uses a standard cryptography hash function such as
the SHA-1 or the MDS.
Master_Secret=f(Pre-Master_Secret, Ra, Rb constants)
 Finally, six secrets are derived using HMAC-style functions of the master secret,
the two nonces, and different pre-defined constants
Derived_Secret_i= f(Master_Secret, Ra, Rb, constants) , 1< i < 6
Continued ….

 Step 4: This step involves the exchange of two messages in each direction.
 The party that sends this message signals that from in this step is the
“Finished” message.
 This message includes a keyed hash on the concatenation of all the
handshake messages sent in the preceding steps + a pre-defined
 The keyed hash serves as an integrity check on the previous handshake
 The client receives the keyed hash and verifies it. Only at this point is the
server authenticated on the client.