All geek questions in one place

TLS security breach by fully recording a handshake

I watched TLS recently and I'm not sure why it is so secure, but probably due to a lack of understanding of how it works. But if the entire handshake is recorded, either using a person in an average attack, or using a packet sniffer on the target computer, then any of the remaining messages can be decrypted, since you will have all the information that the client and server used to generate encryption keys.

I doubt there will be such a hole in tls, but can anyone tell me how tls protects this?

+1
source share
2 answers

Critical data sent by the client to the server in a TLS handshake is encrypted using the public key . Thus, even if packets are recorded on the wire, a private key (which is supposedly known only to the server) will be required to decrypt the packets.

+5
source

The main purpose of the handshake is to provide a secret exchange of a pre-secret key, which is then shared by both parties (which then leads to a shared secret workshop and shared encryption keys).

How to do this depends on the cipher suite and the key exchange algorithm is used. Using authenticated key exchange consists mainly of two options:

  • RSA key exchange, where the client encrypts secret information in front of the main master with the server’s public key (obtained from the certificate).
  • Diffie-Hellman key exchange , where the client checks the server parameters of DH with the public key of the server.

You may be interested in the following links:

0
source

Source: https://habr.com/ru/post/1412675/

More articles:


All Articles