3) The TLS process of generating symmetric keys from the master secret uses one-way hashes to protect the master secret from an attacker who knows some symmetric keys. If the master secret and symmetric keys were the same (or easily computable from each other), this security. May 12, 2017 Server Random: 32-byte pseudorandom number used to generate the Master Secret. Session Identifier: Unique number to identify the session for the corresponding connection with the client. If the session ID in the client hello message is not empty, the server will find a match in the session. An SSL session key is used for symmetric encryption in the TLS protocol. Learn how a TLS handshake enables clients and servers to create session keys.
SSL Handshake
A session key is a single-use symmetric key used for encrypting all messages in one communication session.A closely related term is content encryption key (CEK), traffic encryption key (TEK), or multicast key which refers to any key used for encrypting messages, contrary to other uses like encrypting other keys (key encryption key (KEK) or key wrapping key). In return, the web server decrypts the pre-master secret with its private key. Now, both the client and the server generate session keys from the client random, the server random, and the pre-master secret. This session key generated by both must be the same. The client sends the “finished” message, encrypted with the session key. How is the master key distributed in key distribution? The idea of having a master key to generate session keys can be implemented in several ways such as in. The master key is a secret.
The SSL protocol uses a combination of public-key and symmetric keyencryption. Symmetric key encryption is much faster than public-key encryption,but public-key encryption provides better authentication techniques. An SSLsession always begins with an exchange of messages called the SSLhandshake. The handshake allows the server to authenticate itselfto the client by using public-key techniques, and then allows the client andthe server to cooperate in the creation of symmetric keys used for rapid encryption,decryption, and tamper detection. Optionally, the handshake also allows theclient to authenticate itself to the server.
For information about the SSL handshake, see the following sections:
Messages Exchanged During SSL Handshake
The following steps describes the sequence of messages exchanged duringan SSL handshake. These step describe the programmatic details of the messagesexchanged during the SSL handshake.
Before continuing with a session, directory servers can be configuredto check that the client’s certificate is present in the user’sentry in an LDAP directory. This configuration option provides one way ofensuring that the client’s certificate has not been revoked.
Both client and server authentication involve encrypting some pieceof data with one key of a public-private key pair and decrypting it with theother key:
Server Authentication During SSL Handshake
SSL-enabled client software always requires server authentication, orcryptographic validation by a client of the server’s identity. The serversends the client a certificate to authenticate itself. The client uses thecertificate to authenticate the identity the certificate claims to represent.
To authenticate the binding between a public key and the server identifiedby the certificate that contains the public key, an SSL-enabled client mustreceive a yes answer to the four questions shown in thefollowing figure.
Figure 5–9 Authenticating a Client Certificate During SSL Handshake
An SSL-enabled client goes through the following steps to authenticatea server’s identity:
After the steps described here, the server must successfully use itsprivate key to decrypt the pre-master secret sent by the client.
Man-In-the-Middle Attack
The man-in-the-middle is a rogue program thatintercepts all communication between the client and a server with which theclient is attempting to communicate via SSL. The rogue program interceptsthe legitimate keys that are passed back and forth during the SSL handshake,substitutes its own, and makes it appear to the client that it is the server,and to the server that it is the client.
The encrypted information exchanged at the beginning of the SSL handshakeis actually encrypted with the rogue program’s public key or privatekey, rather than the client’s or server’s real keys. The rogueprogram ends up establishing one set of session keys for use with the realserver, and a different set of session keys for use with the client. Thisallows the rogue program not only to read all the data that flows betweenthe client and the real server, but also to change the data without beingdeleted. Therefore, it is extremely important for the client to check thatthe domain name in the server certificate corresponds to the domain name ofthe server with which a client is attempting to communicate—in additionto checking the validity of the certificate by performing the other stepsdescribed in Server Authentication During SSL Handshake
Client Authentication During SSL HandshakeHe Master Secret Is Used To Generate Session Keys Free
SSL-enabled servers can be configured to require client authentication,or cryptographic validation by the server of the client’s identity.When a server configured this way requests client authentication separatepiece of digitally signed data to authenticate itself. The server uses thedigitally signed data to validate the public key in the certificate and toauthenticate the identity the certificate claims to represent.
The SSL protocol requires the client to create a digital signature bycreating a one-way hash from data generated randomly during the handshakeand known only to the client and server. The hash of the data is then encryptedwith the private key that corresponds to the public key in the certificatebeing presented to the server.
To authenticate the binding between the public key and the person orother entity identified by the certificate that contains the public key, anSSL-enabled server must receive a yes answer to the firstfour questions shown in Figure 5–10.Although the fifth question is not part of the SSL protocol, directory serverscan be configured to support this requirement to take advantage of the userentry in an LDAP directory as part of the authentication process.
![]() Figure 5–10 Authentication and Verification During SSL Handshake
An SSL-enabled server goes through the following steps to authenticatea user’s identity:
Applicable Products
Objective
This article describes how to capture SSL master keys when running an nstrace on NetScaler
Background
From NetScaler 11.0-66+ and 11.1/12.0 (all builds), the 'start nstrace' command has a new parameter, -capsslkeys, with which you can capture the SSL master keys for all SSL sessions. If the capsslkeys option is enabled, a file named nstrace.sslkeys is generated along with the packet trace and imported into Wireshark to decrypt the SSL traffic in the trace file.
InstructionsCapture nstrace from NetScaler CLI
Complete the following steps to capture SSL master keys when running an nstrace on NetScaler:
![]()
Capture nstrace from NetScaler GUI
Open nstrace Files with Wireshark
Additional Resources![]() The Master Secret Is Used To Generate Session Keys In Word
CTX128655 - How to Record Network Packet Trace on NetScaler Appliance
Citrix Documentation - nstrace Command Reference CTX205282 - How Do I Configure Perfect Forward Secrecy (PFS) on NetScaler? Comments are closed.
|
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |