Security/Server Side TLS: Difference between revisions

Security/Server Side TLS (view source)

Revision as of 17:40, 17 November 2014

262 bytes added , 17 November 2014

→‎DHE handshake and dhparam

Ulfr

Confirmed users

529

edits

@@ Line 166: / Line 166: @@
 As an example, TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 works as follow:
+[[File:Dhe_params.png|frame|server key exchange message as displayed in Wireshark]]
 # Server sends Client a [[http://tools.ietf.org/html/rfc5246#section-7.4.3 SERVER KEY EXCHANGE]] message during the SSL Handshake. The message contains:
 ## Prime number ''p''
 ## Generator ''g''
-## Server's Diffie-Hellman public value ''A = g^X mod p'', where ''X'' is a private integer chosen by the server at random, and never shared with the client.
+## Server's Diffie-Hellman public value ''A = g^X mod p'', where ''X'' is a private integer chosen by the server at random, and never shared with the client. (note: A is called ''pubkey'' in wireshark)
 ## signature ''S'' of the above (plus two random values) computed using the Server's private RSA key
 # Client verifies the signature ''S''
+[[File:Dhe_client_params.png|frame|client key exchange message as displayed in Wireshark]]
 # Client sends server a [[http://tools.ietf.org/html/rfc5246#section-7.4.7 CLIENT KEY EXCHANGE]] message. The message contains:
-## Client's Diffie-Hellman public value ''B = g^Y mod p'', where ''Y'' is a private integer chosen at random and never shared.
+## Client's Diffie-Hellman public value ''B = g^Y mod p'', where ''Y'' is a private integer chosen at random and never shared. (note: B is called ''pubkey'' in wireshark)
 # The Server and the Client can now calculate the pre-master secret using each other's public values:
 ## server calculates ''PMS = B^X mod p''

Security/Server Side TLS: Difference between revisions

Security/Server Side TLS (view source)

Revision as of 17:40, 17 November 2014

Navigation menu

Search