View Forum Topic

Forums
CS580
SSL second phase question

Author	Message
aligh1979 Posts: 121	Posted 23:40 Jan 27, 2012 \| in slide 120, in phase ii and iii of ssl , in cases that Ephermal DH , when the signature of the key is passed [ s(g, p , g^s) ], is it only the hash value , or it carries the actual Key too ? if it is only the Hash value then when is the actual public key passed ? can the certificate carry the key too ? the certificate structure does not include any key on slide 20 again , at a.Rsa, the pre -master key is passed but such thing has not been done on c.Ephermal Dh for instance , why is that ? ----------------------------------------------------------------------- on slide 126 , for ssl record protocal services , it is talking about shared secret key , is the Master key what it is talking about? if you could please clarify . Last edited by aligh1979 at 00:08 Jan 28, 2012.
hpguo Posts: 139	Posted 09:21 Jan 28, 2012 \| aligh1979 wrote: in slide 120, in phase ii and iii of ssl , in cases that Ephermal DH , when the signature of the key is passed [ s(g, p , g^s) ], is it only the hash value , or it carries the actual Key too ? if it is only the Hash value then when is the actual public key passed ? DH means Diffie Hellman. The data passed is signature and (g,p, g^s). g and p are the global parameter. g^s is the public key of the sender. can the certificate carry the key too ? the certificate structure does not include any key The certificate contains the PUBLIC KEY which is used to encrypt the pre-master secret. on slide 20 again , at a.Rsa, the pre -master key is passed but such thing has not been done on c.Ephermal Dh for instance , why is that ? Because in DH, the client and the server need to calculate the shared key(pre-master secret) INDEPENDENTLY. While in RSA, the client randomly chooses a pre-master secret and encrypts it with the server's public key. The server decrypts the pre-master secret with its private key. ----------------------------------------------------------------------- on slide 126 , for ssl record protocal services , it is talking about shared secret key , is the Master key what it is talking about? Each party calculates 6 share secrets based on the master secret , CR and SR. if you could please clarify .
aligh1979 Posts: 121	Posted 18:32 Jan 28, 2012 \| 1.So when it talks about "shared key" it means pre-master and when it talks about "shared secret key" it means those 6 secret keys? 2. so if in DH, the client and the server need to calculate the shared key(pre-master secret) INDEPENDENTLY. , then we have two different pre-master keys? how we can calculate master keys and those 6 keys from two diffrent pre-master keys? in slides the process of 6 keys generation are shown by one pre-master keys and there is no talk about two different ones.