SSL Time-Diagram. First Variant: Generation of a Temporary 512-bit RSA Key

Transcription

1 SSL Time-Diagram This document provides a detailed description of the sequence of first exchanges between an SSL and an SSL. This is the first variant to the main scenario described in another document. It reflects an Export situation entailing the generation of a temporary 512-bit RSA key for enabling the transport of the pre-master key. The type of encryption algorithm used is "block cipher" in CBC mode, with this scenario. First Variant: Generation of a Temporary 512-bit RSA Key V1.0 March 2, pages

2 Summary of Exchanges Connect Hello Key Exchange Hello Certificate Key Exchange Hello Done

3 (1) Export Situation Connection HTTP HTTP ' Connect port #443 Connect

4 (2) Export Situation Hello Hello (1) Protocol Version : 3.0 Random : CHr Session ID : null List of Cipher Suites : Key Encrypt Hash exch. algorithm algor RSA_EXP DES40_CBC SHA RSA_EXP RC4_40 MD5 RSA_EXP RC2_CBC_40 MD5 Compression Method : null content Hello (1)

5 (3) Export Situation Hello & Key Exchange Hello (2) Protocol Version : 3.0 Random : SHr Session ID : ses_id Cipher Suite: RSA_EXP / DES40_CBC / SHA Compression Method : null Hello (2) - Cipher Spec MAC algorithm : SHA Encryption algorithm : DES40_CBC - random : CHr - random : SHr content 's Public key (KUs) is larger than 512 bits and cannot be used for encryption, due to US Export restrictions. As a result, a temporary 512-bit RSA key is generated, signed with 'KRs' RSAParams = RSA_modulus + RSA_exponent md5_hash = MD5(CHr + SHr + RSAParams ) sha_hash = SHA (CHr + SHr + RSAParams ) Signature = E RSA KRs (md5_hash + sha_hash ) - Cipher Spec MAC algorithm : SHA Encryption algorithm : DES40_CBC - random : CHr - random : SHr Certificate (11) List of Certificates: Certificate (KUs) Issuer Certificate(s) KeyExchange (12) RSAParams Signature HelloDone (14) (2) + (11) + (12) + (14)

6 (4) Export Situation Authentication of Temporary RSA Key Certificate (11) Validate 's Certificate: KUs - Cipher Spec MAC algorithm : SHA Encryption algorithm : DES40_CBC - Peer Certificate : KUs - random : CHr - random : SHr KeyExchange (12) Check "KUs-temp" signature with KUs HelloDone (14)

7 (5) Export Situation Transport of Encrypted PreMasterKey Generate PreMasterSecret: pms Encrypted_pMS = E RSA KUs-temp (pms) KeyExchange (16) Encrypted_pMS KeyExchange (16) pms =D RSA KRs-temp (Encrypted_pMS) - Cipher Spec algorithms MAC : SHA Encryption : DES40_CBC - Peer Certificate : KUs - Master Secret : MS - random : CHr - random : SHr - MAC secret Write : cwm Write : swm - Bulk Encryption Key Write : cwk Write : swk - Initialization Vector IV : civ IV : siv To produce the 48-byte master secret, the pre-master secret is hashed with the server-random and client-random numbers and the "mixers": MS =MD5 (pms + SHA('A' + pms + CHr + SHr)) + MD5 (pms + SHA('BB' + pms + CHr + SHr)) + MD5 (pms + SHA('CCC' + pms + CHr + SHr)); key_block = MD5 (MS + SHA('A' + MS + SHr + CHr)) + MD5 (MS + SHA('BB' + MS + SHr + CHr)) + MD5 (MS + SHA('CCC'+ MS + SHr + CHr)) + [...]; until enough output has been generated Then the key_block is partitioned as follows: cwm [CipherSpec.hash_size] swm [CipherSpec.hash_size] temp_cwk [CipherSpec.key_material] temp_swk [CipherSPec.key_material] cwk = MD5 (temp_cwk + CHr + SHr) swk = MD5 (temp_swk + SHr + CHr) civ = MD5 (CHr + SHr) siv = MD5 (SHr + CHr) - Cipher Spec algorithms MAC : SHA Encryption : DES40_CBC - Peer Certificate : KUs - Master Secret : MS - random : CHr - random : SHr - MAC secret Write : cwm Write : swm - Bulk Encryption Key Write : cwk Write : swk - Initialization Vector IV : civ IV : siv