SSL握手过程 [英] SSL handshake process

问题描述

我正在开始安全，并阅读有关SSL握手情况。在这个帖子中，复制者提到了对称密钥在浏览器上生成，使用服务器的公钥加密并发送到服务器。

然而，在其他文章中，他们提到了一个预先的秘密被生成并发送，而不是计算对称密钥。

我可以知道哪个是正确的解释，以及如何生成和用于生成对称密钥的这个预先主密码？

<说divion =h2_lin>解决方案

说浏览器生成对称密钥只是一个简化（至少比使用证书完成加密更好）。您可能对Security.SE的此答案感兴趣，了解更多详情：

然后密码套件确定最终如何共享这些对称密钥。 SSL / TLS握手的直接目的是在客户端和服务器之间建立共享主机秘密。这更广泛地称为密钥交换（参见RFC 4346附录F. 1.1，也可能是第7.4.7节）。

这分为两类（不包括匿名密钥交换）：

• RSA密钥交换（例如 TLS_RSA_WITH_AES_128_CBC_SHA ）：客户端使用服务器的公钥（发现在证书）。


• 密钥交换（例如 TLS_DHE_RSA_WITH_AES_256_CBC_SHA ）：进行Diffie-Hellman密钥交换。服务器签署其DH参数，客户端根据服务器证书中的公钥验证签名。 （拥有基于RSA的证书并不意味着RSA密钥交换。）

在握手结束时，取其中之一使用了两个步骤，客户机和服务器拥有一个共同的 pre-master secret ，从中导出了一个主密钥（见 RFC 4346第8.1节）。

从双方可以导出加密密钥（和MAC密钥），如 RFC 4346第6.3节。

I am getting started on security and read about the SSL handshaking scenario. In this post, the replier mentioned that the symmetric key is generated on the browser, encrypted using the server's public key and sent over to the server.

However, in the other articles, they mentioned that a pre-master secret was generated and sent over instead for calculation of the symmetric key.

May I know which is the correct explanation, and how is this pre-master secret generated and used to generate the symmetric key?

解决方案

Saying that the browser generates the symmetric key is just a simplification (at least better than saying the encryption is done with the certificate). You may be interested in this answer on Security.SE for more details:

The cipher suite then determines how these symmetric keys are eventually shared. The immediate purpose of the SSL/TLS handshake is to establish a share pre-master secret between the client and the server. This is more broadly referred to as the key-exchange (see RFC 4346 Appendix F.1.1, and perhaps Section 7.4.7).

This falls in two categories (excluding anonymous key exchange):

• RSA key exchange (e.g. TLS_RSA_WITH_AES_128_CBC_SHA): the client encrypts the pre-master secret using the server's public key (found in the certificate).
• DH(E) key exchange (e.g. TLS_DHE_RSA_WITH_AES_256_CBC_SHA): a Diffie-Hellman key exchange takes place. The server signs its DH parameters and the client verifies the signature against the public key in the server certificate. (Having an RSA-based certificate doesn't imply an RSA key exchange.)

At the end of the handshake, whichever of these two steps were used, the client and the server are in possession of a common pre-master secret, from which they derive a master secret (see RFC 4346 Section 8.1).

From that master secret, both parties can derive the encryption keys (and MAC secrets), as described in RFC 4346 Section 6.3.

这篇关于SSL握手过程的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！