Me: hi,tls! This is your special session!
Tls:ok, then I'll start! First of all, my name is called Transport Layer Security Protocol (Transport Layer Secure Protocol), which is an upgraded version of SSL. In fact, my left and right hand are able to use the left hand is called record layer (record), the right hand is called handshake layer (handshake layer) ...
Me: Hey, wait a minute, record layer? The handshake layer? What the hell is all this?
TLS: Don't interrupt me! Listen to me slowly explain: TLS is based on a reliable TCP connection, and want to establish a reliable connection there must be a process called handshake, TCP has AH (TCP: Yes, I have to build a connection to go through the Three-way handshake (three-way handshake), the specific process is ... )
I &tls:stop! TCP, will give you a special session, now you go back to work for a moment! (Tcp:ok, yes!) )
TLS: Go ahead, TCP has a handshake, and so do I, and you can also think of my handshake as an improvement over the TCP handshake process.
start talking about the exact process!
First, the client sends a message to the server named "Client Hello", including the version number of the SSL/TLS protocol, the random number generated by the client (P1,p refers to parameter, parameters), and the cryptographic algorithm supported by the client;
The server then sends another message called "Server Hello", confirms the encryption algorithm used and generates and sends another random number (P2), paying special attention to the server-side digital certificate .
me: Wait a minute, digital certificate? Why did you show up so early?
TLS: I said, what do you think? Do you think a digital certificate-based authentication will be performed after the connection is established to begin transmitting user data?
me: Why not? It is not too late to complete the handshake, establish a connection, and then authenticate immediately .
TLS: You! Really! Is! A! Big! Stupid! Eggs! After the connection is established must be the client data is sent in the past, in the case of web browsing is a GET request HTTP packets, if not before the authentication, then this packet will likely fall into the third party impersonating the target Web server (so-called man-in-the-middle attack)! And you don't have any idea!
me: Just a GET packet, not as if ...
T
ls:i served you!. Do you know how the automatic login function of the website is implemented? Is the credit of the cookie! After the first login, your username and password are stored in a cookie, and the browser will add this cookie to the first get packet to add the packet header (HTTP Headers), and the cookie itself is a special HTTP headers! In the beginning of the user name and password sent past, then the return is the login interface, this is the secret of automatic login!
Me: Ah, I see! If a Web site with automatic login enabled is attacked by a man-in-the-middle, then once the first user's packet is transmitted, the user account will fall directly into the hands of the third party! Do not say that the encryption of cookies is not strong, in fact, the third party does not need to crack encryption, as long as the direct use of the cookie in the hand to complete the login to do whatever it takes!
TLS: Yes, that's it! So the identity authentication process must be completed in the handshake phase!
then say it:
identity authentication can be two-way, that is, the server can also request a certificate to the client, the authentication process is similar, simple is to compare the signature and the private key and host name, and so on, under normal circumstances this matching process is very strict, third-party forged certificate difficult to pass. Incidentally, the algorithm used in identity authentication and the algorithm used in the final encryption are often the same. For the browser, he trusts and does not trust a set of certificates, IE and chrome based on the operating system's own certificate system, Firefox has its own set of certificate system. These certificates are issued by a trusted third-party certification authority (certficate authority), generally no problem, except for a big rogue ...
me: which big rascal? Ah, remember, I used to hear you say, CNNIC (China Internet Information Center), but what is going on?
TLS: I can't explain this time, I'll tell you the next time I explain the specific process of the man-in-the-middle attack. Let's go ahead:
after authentication has no problem, the client will be regenerated to a random number (P3) and then transmitted to the server by encrypting the public key on the digital certificate. The asymmetric encryption algorithm used here, take g+ as an example: "and use ECDHE_ECDSA as a key exchange mechanism", this ECDHE_ECDSA is a public key algorithm (also known as asymmetric algorithm), the encryption public key is public, decryption private key is secret, so third party can not know the value of P3. After the server receives it, it decrypts the P3 with its own private key and sends a message informing the client that it has received it.
Next, the server and the client based on the agreed encryption algorithm, while using the hands of P1,P2 and P3 to calculate the secret session key (session key), generally 128 or 256 bits, The client then encrypts all the user data that needs to be transferred and transmits it again with this key. It is necessary to mention that at this time the transmission unit is called the socket (socket), the Application layer protocol (such as HTTP) to process the data first, and then be fully encrypted (including the head), and then injected into the socket, These sockets are strongly encrypted in addition to the source and destination addresses, as well as the necessary integrity verification mechanisms and other data required to ensure reliability. The same is true for SSL (Secure Socket layer, secured sockets layers).
the above is the whole process of shaking hands, the handshake layer after the handshake is the record layer is responsible for the transfer of TCP, please note that the key exchange algorithm used in the handshake and the data encryption algorithm used in the transmission is not the same, the transmission of the data encryption algorithm is a symmetric encryption algorithm, The key is the end of the handshake by the final calculation of the session key, taking g+ as an example, the algorithm is chacha20_poly1305.
me: (dizziness) is really complicated ...
TLS: Dizzy, you see the 100-page RFC (request for Comment, requesting a review document) probably jumped off the bar! Forget it, go straight!
me: Thank You (laughter).
The principle of SSL/TLS and how the Internet Works (3)-TLS's special session
