Networking, Security & Cloud Knowledge

Wednesday, June 3, 2015

How HTTPS works

How HTTPs works
    1.      Client make tcp connection on destination port 443
    2.      Ssl handshake process starts once tcp connection is established
a.    Browser send the CLIENT HELLO message
                                                         i.   It contains information like
1.      Highest version of SSL supported by browser
2.      Compression method that it supports
3.      Suite of cipher it can user for encryption
4.      And random data which can later use when generating symmetric key for session.
b.      Server response with SERVER HELLO
It contains
1.      SSL version used for session
2.      Cipher and compression method that will be used
3.      Session id for ssl session
4.      Random data used for key generation process.
c.       Server then send Digital certificate singed by CA
It serves for two purposes
1.      It contain public key so that browser can use key to encrypt sent to server it can optionally send chain of certificate beginning with certificate of authority that issued the server certificate.
2.      It established the identity of the server from which the web page is coming.
d.      Server sends SERVER HELLO DONE message
e.      Browser respond by sending CERTIFICATE VERIFY message that it has verified the certificate
f.        Browser then sends CHANGE CIPHER SPEC command to server telling it now on data send to server will be encrypted.
g.      After that browser send FINISHED MESSAGE. This contains digest of message exchanged between browser and server till now. This is done to ensure that none of the information exchanged earlier is tampered during transit.
h.      Server responds with CHANGE CIPHER SPEC message hinting browser that now on data send by server will be encrypted.
i.        Server sends FINISHED MESSAGE containing digest of all message between browser and server.
j.        Now we consider SSL handshake to be complete
   3.      Browser generate symmetric secret key just to be used for this ssl session. It encrypt generated key using public key of the serve and send it across to the server. This key remains secret with browser and server.

Note: Reason for using symmetric key is encryption and decryption using symmetric key is lighter then asymmetric key.