An article lets you understand SSL / TLS protocol thoroughly

Time:2021-1-16

An article lets you understand SSL / TLS protocol thoroughly

SSL / TLS is a cryptographic communication framework, which is the most widely used cryptographic communication method in the world. SSL / TLS is a comprehensive use of symmetric cryptography, message authentication code, public key cryptography, digital signature, pseudo-random number generator and so on.

SSL (secure socket layer) is a set of protocol designed by Netscape company in 1994 and released version 3.0 in 1995.

TLS (Transport Layer Security) is a protocol designed by IETF based on SSL3.0, which is actually equivalent to the subsequent version of SSL.

Application of SSL / TLS

An article lets you understand SSL / TLS protocol thoroughly

SSL / TLS is a secure communication framework, which can carry HTTP protocol or SMTP / POP3 protocol.

Architecture of TLS protocol

An article lets you understand SSL / TLS protocol thoroughly

TLS is mainly divided into two layers. The bottom layer is TLS recording protocol, which is mainly responsible for encrypting messages with symmetric ciphers.

The upper layer is TLS handshake protocol, which is mainly divided into handshake protocol, password specification change protocol and application data protocol.

  • Handshake protocol is the most complex part of the four protocols, which is responsible for the agreement of cryptographic algorithm and shared key between client and server, including certificate authentication.
  • Password specification change protocol is responsible for transmitting the signal of changing password mode to the communication object
  • The warning protocol is responsible for communicating the error to the other party when it occurs
  • The application data protocol is responsible for transferring the application data carried by TLS to the communication object.

handshake protocol

Handshake protocol is a very important protocol in TLS protocol. Through the interaction between client and server, and sharing some necessary information, the shared key and interactive certificate are generated.

Don’t talk, first picture:

An article lets you understand SSL / TLS protocol thoroughly

Next, we will introduce the meaning of each step step by step

  1. client hello

    The client sends a client Hello message to the server, including the following contents:

    • Available version numbers
    • current time
    • Client random number
    • Session ID
    • List of available cipher Suites
    • List of available compression methods

We mentioned earlier that TLS is actually a set of encryption framework. Some of its components can be replaced. Here we can use the version number, the list of available cipher suites, and the list of available compression methods to ask the server which services the other party supports.

Client random number is a random number generated by client to generate symmetric key.

  1. server hello

    After receiving the client Hello message, the server will return a server Hello message to the client, including the following contents:

    • Version number used
    • current time
    • Server random number
    • Session ID
    • Cipher suite used
    • Compression method used

The version number used, the cipher suite used, and the compression method used are the answers to step 1.

Server random number is a random number generated by the server, which is used to generate symmetric key.

  1. Optional step: Certificate

    The server sends its own certificate list, because the certificate may be hierarchical, so in addition to the server’s own certificate, it also needs to send the certificate signed for the server.
    The client will verify the certificate of the server. If you are communicating anonymously, you do not need a certificate.

  2. Optional steps: serverkeyexchange

    If the certificate information in the third step is insufficient, you can send serverkeyexchange to build an encrypted channel.

    The content of serverkeyexchange can take two forms:

    • If RSA protocol is selected, then the parameters (E, n) of RSA public key cryptography are passed. Let’s recall the formula of constructing public key in RSA: $ciphertext = plaintext ^ e \ \ mod \ \ n $. As long as we know e and N, we will know RSA’s public key. Here we pass E and n. The specific content can refer to RSA algorithm
    • If diff Hellman key exchange protocol is selected, then the parameters of key exchange are passed. For details, please refer to Diffie Hellman, a more secure key generation method
  3. Optional step: certificaterequest

    If it is in a restricted access environment, such as fabric, the server also needs to ask the client for the certificate.
    If client authentication is not required, this step is not required.

  4. server hello done
    The server sends the server Hello done message to tell the client that its message is over.
  5. Optional step: Certificate

    In response to step 5, the client sends the client certificate to the server

  6. ClientKeyExchange

    There are two situations

    • In the case of public key or RSA mode, the client will generate the prepared master password according to the random number generated by the client and the random number generated by the server, which will be encrypted by the public key and sent back to the server.
    • If the diff Hellman key exchange protocol is used, the client will send the value that needs to be disclosed to generate the diff Hellman key. For details, please refer to Diffie Hellman, a more secure key generation method, so that the server can calculate the prepared master password according to the public value.
  7. Optional step: certificateverify

    The client proves to the server that it is the holder of the client certificate.

  8. Change cipherspec

    Changecipherspec is the message of password specification change protocol, which means that the following message will be encrypted with the previously negotiated key.

  9. Finished (handshake protocol ended)

    The client tells the server that the handshake protocol is over.

  10. Change cipherspec

    The server tells the client to switch the password.

  11. Finished (handshake protocol ended)

    The server tells the client that the handshake protocol is over.

  12. Switch to application data protocol

    After that, the server and the client communicate in an encrypted way.

Master password and standby master password

In step 8 above, the prepared master password is generated according to the pseudo-random number generator + Prepared master password + client random number + server random number implemented by the one-way hash function defined in the cipher suite.

Master cipher is mainly used to generate key called cipher, key of message authentication code and initialization vector used by CBC mode of symmetric cipher. See block cipher and mode for details

TLS recording protocol

TLS recording protocol is mainly responsible for message compression, encryption and data authentication

An article lets you understand SSL / TLS protocol thoroughly

Let’s start with the picture above.

First, the message will be segmented, then compressed, and then the message verification code will be calculated, and then the symmetric password will be used for encryption. The encryption uses CBC mode, and the initial vector of CBC mode is generated by the master password.

After obtaining the ciphertext, other information such as type, version and length will be added to form the final message data.

More on flydean’s blog