0% found this document useful (0 votes)
161 views1 page

SSL Handshake With Two-Way Authentication With Certificates

The document describes a 4-phase SSL handshake process with two-way authentication using certificates. In phase 1, the client and server exchange random numbers and agree on encryption settings. In phase 2, the server sends its certificate to the client and requests the client's certificate. In phase 3, the client sends its encrypted certificate to the server. In phase 4, the client and server use a pre-master secret to calculate a master secret key and then encrypt all further communication.
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
0% found this document useful (0 votes)
161 views1 page

SSL Handshake With Two-Way Authentication With Certificates

The document describes a 4-phase SSL handshake process with two-way authentication using certificates. In phase 1, the client and server exchange random numbers and agree on encryption settings. In phase 2, the server sends its certificate to the client and requests the client's certificate. In phase 3, the client sends its encrypted certificate to the server. In phase 4, the client and server use a pre-master secret to calculate a master secret key and then encrypt all further communication.
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 1

SSL Handshake With Two Way Authentication with Certificates

public key client public key server


Client Server
private key client private key server

known information known information

generate random number RNC

RNC
client_hello (crypto information, RNC )
RNC

Phase 1
generate random number RNS

RNC RNS
server_hello (crypto information, RNS )
RNS RNC

server certificate

demand client certificate


Phase 2

check server certificate


RNS RNC

client certificate

check client certificate

client certificate (encrypted with Private Key Client)

check encrypted client certificate Phase 3


RNC RNS

generate random number pre-master-secret PMS

PMS RNS RNC


send PMS encrypted with public key server
RNC RNS PMS

calculate Master-Secret with PMS RNS RNC

MS MS

change to encrpted connection with MS as key

end SSL handshake


Phase 4
change to encrpted connection with MS as key

end SSL handshake

Author: Christian Friedrich


GNU Free Documentation License
Creative Commons Attribution ShareAlike 3.0

You might also like