Cryptography Reference
In-Depth Information
21:54:05.568432 IP localhost.8443 > localhost.37289: Flags [P.], ack 83, win
256, options [nop,nop,TS val 274087 ecr 274087], length 130
0x0000: 4500 00b6 f2e1 4000 4006 495e 7f00 0001 E.....@.@.I^....
0x0010: 7f00 0001 20fb 91a9 d260 dc47 d246 a65c .........`.G.F.\
Headshake
Header
TLS Header
0x0020: 8018 0100 feaa 0000 0101 080a 0004 2ea7 ................
0x0030: 0004 2ea7
1603 0100 4a02 0000 4603 014c
........J...F..L
0x0040:
743f 7dc9 fc4e af63 d94b e2e0 672e 5a0d
t?}..N.c.K..g.Z.
0x0050:
ea6b 91da 9e2f 2f48 f733 23d5 4b0d 8720
.k...//H.3#.K...
Same Session
Id
0x0060:
be2e b988 f5bc 6412 5981 35f7 7e3b 2128
......d.Y.5.~;!(
0x0070:
f8cc 4e6f fc52 77fd a687 2ac5 0f1e cbbb
..No.Rw...*.....
0x0080:
000a 0014 0301 0001 0116 0301 0028 1d95
.............(..
Change Cipher
Spec
Finished
Message
0x0090:
a8c8 56f3 841b 0046 4e40 29d9 6b83 036b
..V....FN@).k..k
0x00a0:
c30f 624e c3b9 fc32 d8f2 9d1e 8ae5 6b18
..bN...2......k.
0x00b0:
cb75 d7a7 d311
.u....
The server responds with a server hello message containing the identical ses-
sion ID. If the session ID is different here, the client should begin negotiating a
new connection. If the session ID is the same, however, the client should expect
the server hello to be followed immediately by a change cipher spec message,
followed by a server fi nished.
The client follows up with its own change cipher spec and server fi nished mes-
sage; this is followed immediately by encrypted application data, as shown here:
21:54:05.572924 IP localhost.37289 > localhost.8443: Flags [P.], ack 131, win
265, options [nop,nop,TS val 274088 ecr 274087], length 6
0x0000: 4500 003a 88b2 4000 4006 b409 7f00 0001 E..:..@.@.......
0x0010: 7f00 0001 91a9 20fb d246 a65c d260 dcc9 .........F.\.`..
0x0020: 8018 0109 fe2e 0000 0101 080a 0004 2ea8 ................
0x0030: 0004 2ea7
1403 0100 0101
..........
21:54:05.613696 IP localhost.37289 > localhost.8443: Flags [P.], ack 131, win
265, options [nop,nop,TS val 274098 ecr 274098], length 196
0x0000: 4500 00f8 88b3 4000 4006 b34a 7f00 0001 E.....@.@..J....
0x0010: 7f00 0001 91a9 20fb d246 a662 d260 dcc9 .........F.b.`..
0x0020: 8018 0109 feec 0000 0101 080a 0004 2eb2 ................
0x0030: 0004 2eb2
1603 0100 2892 32f1 da76 4138
........(.2..vA8
0x0040:
cb21 3a05 15f0 803b 34d3 e308 f12c 7aee
.!:....;4....,z.
0x0050:
634f 9246 924d f6bd d646 9c92 3879 a882
cO.F.M...F..8y..
0x0060:
2e17 0301 0030 0127 7be8 e387 2b97 5f9c
.....0.'{...+._.
0x0070:
8d2b 02fe 8587 a91a ef3a fa53 fb54 d577
.+.......:.S.T.w
0x0080:
e62a 44fd 5e0d eaf1 769f c2a2 619c 27aa
.*D.^...v...a.'.
0x0090:
d619 fc02 3d81
…
Adding Session Resumption on the Server Side
How about supporting session resumption on the server side? The server has
to do quite a bit more work than the client. It must remember each session ID
it assigns and the master key associated with each.
Search WWH ::
Custom Search