An article explains the detailed process of SSL handshake protocol

[[274498]]

Overview

SSL (Secure Socket Layer) is a security mechanism that runs between the application layer and the TCP layer, ensuring the confidentiality and integrity of upper-layer application data transmission and the legitimacy of the identities of both parties in the transmission.

• Transmission encryption: After the handshake protocol defines the session key, all transmitted messages are encrypted by the session key.
• Message integrity: A MAC (Message Authentication Code) is added to the transmitted message to detect integrity.
• Authentication: Client authentication (optional), server authentication (mandatory)

SSL protocols include: Handshake protocol, SSL password change protocol, Alert protocol, and Record protocol.

The handshake protocol is the first subprotocol of SSL connection communication and is also the most complex protocol.

SSL Layered Structure

SSL Handshake Protocol

Through the handshake process, the client and the server negotiate session parameters (including mutual authentication, negotiation of encryption and MAC algorithms, generation of session keys, etc.).

SSL handshake protocol process

Phase 1: Building security capabilities

Client - client_hello:

• The highest SSL version number that the client can support;
• A 32-byte random number generated by the client;
• Session identifier ID;
• A list of cipher suites that the client can support;
• A list of compression methods that the client can support.

Server-server_hello:

• SSL version number, which is the lower of the received client SSL version and the highest version supported by the server;
• A 32-byte random number generated by the server;
• Session identifier ID;
• Select a cipher suite (including key exchange algorithm, symmetric encryption algorithm, and digest algorithm) from the received client cipher suite list;
• Select a compression method from the list of client compression methods received.

Phase 2: Server Authentication and Key Exchange

• Server-certificate:

The server's digital certificate containing the public key information or the complete certificate chain to the CA.

Server-server_key_exchange:

• Optional. Depending on the key negotiation algorithm, if the server certificate data sent to the client is not sufficient to negotiate the key according to the key exchange algorithm selected in the first phase, this step does not constitute a key negotiation element.

Server-certificate_request:

• Optional. Request to verify the client certificate information. This step is not required for one-way data authentication (authenticating only the server).

Server-server_hello_done:

• Notify the client that the version number and cipher suite negotiation is complete.

Phase 3: Client Authentication and Key Exchange

Client-certificate:

• Optional, client digital certificate. In two-way data authentication, the server requires to verify the legitimacy of the client identity.

Client-client_key_exchange:

• The client exchanges keys, depending on the key exchange algorithm, key negotiation parameters or pre-master key (server public key encryption).

client-certificate_verify:

• Optionally, the client encrypts the exchanged handshake message and the digest value of the session key with the client private key and sends them to the server.

Phase 4: Completion

client-change_cipher_spec:

• Change the password format information to tell the server that subsequent messages will be encrypted with the session key.

Client-finished:

• Announce the completion of the handshake protocol to the server.

Server-change_cipher_spec:

• Change the password format information to tell the client that subsequent messages will be encrypted with the session key.

Server-finished:

• Announces the completion of the handshake protocol to the client.