Shulou(Shulou.com)06/01 Report--

This article introduces you how to thoroughly understand the SSL/TLS agreement, the content is very detailed, interested friends can refer to, hope to be helpful to you.

SSL/TLS is a cryptographic communication framework, and it is the most widely used cryptographic communication method in the world. SSL/TLS comprehensively uses symmetric cryptography, message authentication code, public key cryptography, digital signature, pseudorandom number generator and so on, which can be said to be the aggregator of cryptography.

SSL (Secure Socket Layer) secure socket layer is a set of protocols designed by Netscape in 1994, and version 3.0 was released in 1995.

TLS (Transport Layer Security) transport layer security is a protocol designed by IETF on the basis of SSL3.0, which is actually equivalent to the subsequent version of SSL.

Application of SSL/TLS

SSL/TLS is a secure communication framework that can carry HTTP protocol or SMTP/POP3 protocol and so on.

The architecture of TLS protocol

TLS is mainly divided into two layers. The bottom layer is TLS recording protocol, which is mainly responsible for encrypting messages with symmetric passwords.

The upper layer is TLS handshake protocol, which is mainly divided into four parts: handshake protocol, password specification change protocol and application data protocol.

The handshake protocol, which is responsible for agreeing on cryptographic algorithms and shared keys on the client and server, including certificate authentication, is the most complex part of the four protocols.

The password specification change protocol is responsible for conveying the signal of changing the password mode to the communication object.

The warning protocol is responsible for communicating the error to the other party when an error occurs

The application data protocol is responsible for communicating the application data carried by TLS to the communication object.

Handshake protocol

Handshake protocol is a very important protocol in TLS protocol. Through the interaction between client and server, and sharing some necessary information, shared keys and interactive certificates are generated.

If you don't speak, the picture above first:

Next, we will introduce the meaning of each step step by step:

Client hello

The client sends a client hello message to the server, including the following:

Available version number

Current time

Client random number

Session ID

List of available cipher suites

List of available compression methods

We mentioned earlier that TLS is actually a cryptographic framework, and some of the components are replaceable. Here you can use the version number, the list of available cipher suites, and the list of available compression methods is to ask the server which services are supported.

A client random number is a random number generated by the client that is used to generate a symmetric key.

Server hello

When the server receives the client hello message, it returns a server hello message to the client, which contains the following contents:

The version number used

Current time

Server random number

Session ID

Cipher suite used

The compression method used

The version number used, the cipher suite used, and the compression method used is the answer to step 1.

The server random number is a random number generated by the server, which is used to generate symmetric keys.

Optional step: certificate

The server sends its own list of certificates, and because certificates may be hierarchical, you need to send certificates signed for the server in addition to processing the server's own certificates. The client will validate the certificate on the server side. If you are communicating anonymously, no certificate is required.

Optional step: ServerKeyExchange

If the certificate information in step 3 is insufficient, you can send a ServerKeyExchange to build an encrypted channel.

The content of a ServerKeyExchange may contain two forms:

If you choose the RSA protocol, then you pass the parameters that RSA uses to build the public key cipher (Erecom N). Let's recall the formula for building the public key in RSA: $ciphertext = plaintext ^ E\ mod\ Npermission. As long as you know E and N, then you know the public key of RSA. Here you pass the two numbers EJI N. You can refer to the RSA algorithm for details.

If Diff-Hellman key exchange protocol is selected, the key exchange parameters are passed. For details, please refer to the more secure key generation method Diffie-Hellman.

Optional step: CertificateRequest

If you are in an environment with restricted access, such as fabric, the server side also needs to ask the client for a certificate. If client authentication is not required, this step is not required.

The server hello done server sends a server hello done message to the client to tell the client that his message is over.

Optional step: Certificate

In response to step 5, the client sends the client certificate to the server

ClientKeyExchange

There are still two situations:

In the case of public key or RSA mode, the client will generate a preparatory master password based on the random number generated by the client and the random number generated by the server, which is encrypted by the public key and sent back to the server.

If the Diff-Hellman key exchange protocol is used, the client sends the value that its own party needs to expose in order to generate the Diff-Hellman key. For details, please refer to the more secure key generation method Diffie-Hellman, so that the server can calculate the prepared master password based on this public value.

Optional step: CertificateVerify

The client proves to the server that it is the holder of the client certificate.

ChangeCipherSpec (ready to switch passwords)

ChangeCipherSpec is a message from the password specification change protocol, indicating that subsequent messages will be encrypted with the previously negotiated key.

Finished (end of handshake protocol)

The client tells the server that the handshake protocol is over.

ChangeCipherSpec (ready to switch passwords)

The server tells the client that it is about to switch passwords.

Finished (end of handshake protocol)

The server tells the client that the handshake protocol is over.

Switch to Application data Protocol

After that, the server and the client communicate with each other in an encrypted way.

Master password and reserve master password

The preparatory master password is generated in step 8 above, which is generated according to the pseudo-random number generator + prepared master password + client random number + server random number implemented by the one-way hash function defined in the cipher suite.

The master password is mainly used to generate the key called the password, the key of the message authentication code and the initialization vector used by the CBC mode of the symmetric password. For more information, see block cipher and mode

TLS recording protocol

TLS recording protocol is mainly responsible for message compression, encryption and data authentication:

Let's start with the picture.

The message is first segmented, then compressed, its message authentication code is calculated, and then encrypted with a symmetric password, which uses CBC mode, and the initial vector of CBC mode is generated by the master password.

After getting the ciphertext, other information such as type, version and length will be added to form the final message data.

On how to thoroughly understand the SSL/TLS protocol to share here, I hope that the above content can be of some help to you, can learn more knowledge. If you think the article is good, you can share it for more people to see.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.