Parsing of SSL Protocol session establishment process

The SSL protocol abbreviation secure socketlayeris a set of protocols that ensure secure communication between the server and the client. Originally released by Netscape in 1996 year, due to some security reasons SSL v1.0 and SSL v2.0 were not disclosed until 1996 years of SSL v3.0. TLS is an upgraded version of SSL v3.0, and all HTTPS is currently on the market using TLSinstead of SSL. This paper mainly analyzes and explains TLS.

HTTPS (Hyper texttransfer Protocol over Secure Socket Layer), is a SSL/ TLS-based HTTP, all http Data is transmitted over and above the SSL/TLS protocol package. HTTPS Protocol on the basis of the HTTP protocol, the addition of SSL/TLS handshake and data encryption transmission, also belongs to the application layer protocol. Therefore, the study of the principle of HTTPS protocol, in fact, is to study SSL/TLS protocol.

The following is a combination of HTTPS to explain Tls

the handshake phase of TLS occurs after the TCP handshake. A handshake is actually a negotiation process that negotiates some of the parameters necessary for the protocol. the TLS handshake process is divided into four steps, as follows: (note: The brackets in the graph are optional messages)

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M01/54/8A/wKiom1SFphLieeBOAAb5Lwj2Cw8167.jpg "title=" The SSL session setup process is detailed. png "alt=" wkiom1sfphlieeboaab5lwj2cw8167.jpg "/>

Client Hello

because the client ( e.g. browser ) The degree of support for some encryption and decryption algorithms is different, but the TLS protocol must use the same set of decryption algorithm in the transmission process to ensure that the data can be properly decrypted. In the TLS handshake phase, the client first tells the server what encryption algorithms it supports, so the client needs to route a list of locally supported cryptographic suites (Cipher Suite) to the server. In addition, the client will also produce a random number, the random number on the one hand needs to be saved on the client side, on the other hand needs to be transmitted to the server, the client's random number needs to be with the server generated by the random number to produce the following to be referred to the Master Secret.

Server Hello

in, from Server Hello to server done, some service-side implementations are each sent separately, and there is a server-side implementation that is combined to send. Sever Hello and Server done are data with only headers and no content.

The server receives the client-side after ClientHello, the server needs to select a set of cryptographic algorithms and HASH algorithms, and send its own identity information back to the browser as a certificate. The certificate contains information such as the website address, the encrypted public key, and the issuing authority of the certificate. This certificate is a certification for the service side. A certificate is an electronic certificate that needs to be applied and issued by a specialized digital certificate Authority (CA) after a very rigorous audit. Issuing a certificate produces a private key and a public key. The private key is stored by the server itself and is non-leaking. The public key is included in the certificate's information and can be made public. The certificate itself is also accompanied by a certificate electronic signature, which is used to verify the integrity and authenticity of the certificate and to prevent the certificate from being string changed. In addition, the certificate has an expiration date.

when there is not enough information in the certificate sent by the server to the client, you can also send the client a Server Key Exchange.

In addition, for very important confidential data, the server also needs to authenticate the client to ensure that the data is delivered to a secure and legitimate client. The server can issue a cerficate request message to the client , requiring the client to send a certificate to authenticate the client's legitimacy.

As with the client, the server also needs to generate a random number to send to the client. Both the client and the server need to use these two random numbers to produce the Master Secret.

The end server sends a Serverhello the done message to the client, indicating that the Server Hello message has ended.

Client Keyexchange

if the server needs to authenticate the client, the client receives the server's After the Server Hello message, you first need to send the client's certificate to the service side to let the service side verify the legitimacy of the client.

all prior to thisTlshandshake information is transmitted in plaintext. After receiving information such as the server's certificate, the client uses some encryption algorithms(For example:RSA, Diffie-hellman)produce a48bytes ofKey, thisKeycalledPremaster Secret, many materials are also calledPremaster Key,ultimately throughMaster SecretBuildSession Secret,Session Secretis used to decrypt the application data. Premaster Secretbelong to a confidentialKey, just interceptPremaster Secret, the random number transmitted in the previous plaintext can be used to calculate the finalSession Secret, soPremaster SecretUseRsaThe Asymmetric encryption method uses the public key passed by the server to encrypt it and then passes it to the server.

Client Certificate Validation

The client then needs to check with the received server's certificate.

A) verify the legality of the certificate (the issuing authority is legal, the certificate contains the address of the website is consistent with the address being accessed, etc.), if the certificate is trusted, the browser bar will display a small lock, otherwise the certificate is not trusted to prompt.

b) If the certificate is trusted, or if the user accepts an untrusted certificate, the browser generates a random number of passwords and encrypts them with the public key provided in the certificate.

c) Use the agreed HASH to calculate the handshake message, encrypt the message with the generated random number, and then send all previously generated information to the Web site.

Changecipherspec is a separate protocol that is represented in a packet as a byte of data that informs the server that the client has switched to the state of the previously negotiated cryptographic suite and is ready to encrypt the data and transmit it using the previously negotiated cryptographic suite.

in the After the Changecipherspec transfer is complete, the client uses the previously negotiated cryptographic suite and session secret to encrypt a piece of data from the Finish to the server. This data is intended to validate the encryption and decryption channels that have just been shook up before the application data is formally transmitted.

Server Finish

the server was sent over to the client. after Premaster encrypts the data, the encrypted data is decrypted with the private key, the data is validated, and the session secret is generated in the same way as the client, and when it isready, the client is sent a Changecipherspec, informs the client that it has switched to the negotiated encryption suite state, and is ready to encrypt the data using cryptographic suite and session secret . After that, the server will also use session secret encryption to send a Finish message to the client to verify that the encryption and decryption channel that was established by the handshake was successful.

based on the previous handshake information, if both the client and the server can When the Finish information is properly decrypted and the message is correctly verified, the handshake channel has been established successfully, and then the two sides can use the session secret generated above to encrypt the data transmission.

Application Data transfer

Here the browser and the Web site to send encrypted handshake message and verify, the purpose is to ensure that both sides have obtained a consistent password, and can be normal encryption and decryption of data, for the subsequent transmission of real data to do a test.

after all the handshake phases have been completed, the application data can be transferred. Before the application data is transferred, the first thing to do is attach the MAC secret, and then encrypt the packet using the Write encryption key . After receiving the ciphertext on the server, the client write encryption key is used to decrypt it, and after receiving the data from the server, it uses serverwrite encryption key to decrypt it. Then use the respective write MAC key to verify the integrity of the data including whether it was changed by string.

in addition, HTTPS is generally used for encryption and hashing algorithms as follows:

Asymmetric Encryption algorithm: RSA,Dsa/dss

symmetric encryption algorithm: AES,RC4,3DES

HASH algorithm:MD5,SHA1,SHA256

where the asymmetric encryption algorithm is used to encrypt the generated password during the handshake, the symmetric encryption algorithm is used to encrypt the data that is actually transmitted, and The HASH algorithm is used to verify the integrity of the data. Because the password generated by the browser is the key to the entire data encryption, the asymmetric encryption algorithm is used to encrypt it at the time of transmission. Asymmetric encryption algorithms generate public and private keys, the public key can only be used to encrypt data, so can be transferred at will, and the Web site's private key is used to decrypt the data, so the site will be very careful to keep their private keys to prevent leakage.

Summarize

here, The principle of SSL/TLS is actually explained by the principle of HTTPS.

Reference article: http://www.fenesky.com/blog/2014/07/19/how-https-works.html

This article is from "Dragon Guardian" blog, please make sure to keep this source http://sohudrgon.blog.51cto.com/3088108/1587668

Parsing of SSL Protocol session establishment process