This blog is a refresher of the SSL protocol; next time I will demonstrate how SSL can be hacked by using OSS.
SSL was designed to make use of TCP in order to provide reliable end-to end secure service over the Internet. Hence, it provides security for HTTP protocol, authentication of server to client, and security services to ensure confidentiality and integrity.
SSLv2 developed by Netscape® in 1995. A few years later, PCT was (Private Communications Technology) developed by Microsoft®. Then, Netscape® overhauled SSLv2 and introduced SSLv3 which is still the most commonly deployed protocol. IETF developed its on protocol – TLS.
During the SSL 4-way-handshake the client and server negotiate on a cipher suite and cooperatively establish session keys for secure communication.
- Client initiates contact with server
- Generates random # Rc (32-bit time stamp and 28 bytes generated)
- Sends supported cipher suite
- Creates Session ID
Message 2: SERVER
- Server sends PKI certificate
- Server generates Random # Rs
- Picks cipher (lower of suggested version and highest supported by server)
Message 3: CLIENT
- Generates Pre-Master Key S (Random # S)
- Generates Master-Key K which is derived from Rc, Rs, and S (symmetric encryption)
- Verifies certificate and extract public key from certificate
- Encrypts Pre-Master Key S with extracted public key and sends to the server
- Hash Master-Key K and previous handshake messages (ensure tampering of handshake messages would be detected)
Message 4: SERVER
- Server proves he knows session keys by sending keyed hash of all handshake messages, encrypted with symmetric write-encryption key, and integrity-protected with write-integrity key
- Since session keys are derived from S the server knows server private key, because it was needed to extract Pre-Master Key S
4orensics 