Zilog EZ80F91AZA User Manual Page 14
- Page / 79
- Table of contents
- BOOKMARKS
Rated. / 5. Based on customer reviews
UM020107-1211 SSL Handshake Protocols
ZTP Network Security SSL Plug-In
User Manual
8
SSL Handshake Protocols
This chapter presents an overview of the SSL handshake protocols and some background
information about security concepts.
Before SSL begins transferring encrypted application data, an SSL session is established
between the SSL client and the SSL server. The establishment of a session is initiated by
the SSL client.
The following processes occur during this session establishment:
1. The client verifies the identity of the server. This verification is performed by analyz-
ing a certificate that the server sends to the client when a new session is established.
The SSL protocol optionally allows the server to request a certificate from the client
so that the server can verify the client’s identity. However, the SSL server in ZTP does
not implement client authentication.
2. The client and server decide on a set of cryptographic algorithms to be used to
exchange a secret key, encrypt/decrypt data (cipher), and ensure message integrity
(through a one-way hash function). The combination of a key exchange algorithm, a
cipher algorithm and a hash algorithm is called a cipher suite.
3. The client generates a secret value, called a Master Key, that is used to derive addi-
tional keys for encrypting/decrypting data exchanged between a client and a server.
This key is sent to the server using the selected key exchange algorithm; and is pro-
tected using the information in the server’s certificate (the server’s public key) and
other SSL handshake messages.
4. Because the key exchange algorithm is asymmetric, only the server that possesses the
corresponding private key recovers the Master Key generated by the client.
5. The client and server independently generate read and write keys from the Master
Key; these keys are used to encrypt/decrypt data with the cipher algorithm.
6. The client and server exchange test messages to ensure both sides are using the correct
Read and Write keys. The test message is composed of data exchanged using the
handshake protocol. In the case of TLSv1 and SSLv3, the test message is a hash of all
handshake messages used to establish the SSL session. This message is also encrypted
using the negotiated cipher suite. If each party is able to decrypt the message and ver-
ify its contents then both parties are using the same symmetric key. This also proves
that the server is in possession of the private key corresponding to the public key in
the server’s certificate and completes the authentication of the server.
When a session is successfully established, every byte of data exchanged between the cli-
ent and server is packaged into an SSL data record. Each data record contains a field
called the message authentication code (MAC), which is computed using the Hash func-
- ZTP Network Security SSL 1
- UM020107-1211 2
- Revision History 3
- Table of Contents 5
- Introduction 7
- Architecture 8
- Handshake Protocol 9
- How to Use SSL 10
- SSL Version 2 12
- UM020107-1211 Introduction 13
- User Manual 13
- HMAC_MD5 and 13
- SSL Handshake Protocols 14
- Security Concepts 15
- Getting Started 19
- Getting Started 21
- → Rebuild All menu option 23
- Send an Encrypted Message 24
- SSL Configuration 25
- ZDS II Project Settings 26
- SSL Initialization 27
- Digest Algorithm Selection 30
- Cipher Algorithm Selection 32
- PKI Algorithm Selection 34
- Cipher Suite Configuration 37
- Cipher Suite Tables 40
- EDH Parameters 43
- Modulus Length 45
- Certificates 46
- Certificate Chains 47
- Generating Certificates 48
- SSL Configuration 52
- Certificate Creation Issues 53
- Certificate Verification 54
- Verifying All Certificates 56
- Signature Verification 56
- Limitations 57
- Session Cache 58
- Session Cache Operation 59
- Diagnostic Messages 59
- How to Use the HTTPS Server 60
- Figure 7. Security Alert 62
- Creating SSL Applications 63
- Client Applications 66
- SSL Version 2 Cipher Suites 69
- SSL Version 3 Cipher Suites 70
- TLS Version 1 Cipher Suites 71
- AES Extensions 73
- UM020107-1211 74
- Private Cipher Suites 75
- Customer Support 79
Related products and manuals for Sensors Zilog EZ80F91AZA
Sensors Zilog Z8F0130 User Manual
(214 pages)
(214 pages)
Sensors Zilog EZ80F916 User Manual
(0 pages)
(0 pages)
Sensors Zilog EZ80F916 User Manual
(0 pages)
(0 pages)
Sensors Zilog EZ80190 User Manual
(10 pages)
(10 pages)
Sensors Zilog EZ80F91AZA User Manual
(34 pages)
(34 pages)
Sensors Zilog EZ80190 User Manual
(87 pages)
(87 pages)
Sensors Zilog EZ80F91 User Manual
(78 pages)
(78 pages)
Sensors Zilog Z02215 User Manual
(2 pages)
(2 pages)
Sensors Zilog eZ80F92 User Manual
(87 pages)
(87 pages)
Sensors Zilog EZ80L92 User Manual
(86 pages)
(86 pages)
Sensors Zilog Z16C30 User Manual
(208 pages)
(208 pages)
Sensors Zilog Z16C35 User Manual
(322 pages)
(322 pages)
Sensors Zilog Z80380 User Manual
(268 pages)
(268 pages)
Sensors Zilog Z80380 User Manual
(116 pages)
(116 pages)
Sensors Zilog Z80195 User Manual
(47 pages)
(47 pages)
Sensors Zilog Z80180 User Manual
(326 pages)
(326 pages)
Sensors Zilog Z86193 User Manual
(260 pages)
(260 pages)
Sensors Zilog Z86C36 User Manual
(64 pages)
(64 pages)
Sensors Zilog Z86E07 User Manual
(43 pages)
(43 pages)
Sensors Zilog Z08470 User Manual
(326 pages)
(326 pages)
© 2020, manymanuals.com. All rights reserved. | 1.328 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Comments to this Manuals