Cryptography Reference
In-Depth Information
client random
server random
p
g
Ys
SHA-1
MD5
RSA Signature
Figure 8-5:
Server key exchange signature
Examining an Ephemeral Key Exchange Handshake
Here is an illustration of an abbreviated DHE/RSA/DES/SHA-1 handshake.
debian:/home/jdavies/devl/test/c/ssl# tcpdump -s 0 -X -i lo tcp port 8443
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on lo, link-type EN10MB (Ethernet), capture size 65535 bytes
… (omitted TCP handshake) …
21:35:48.344479 IP localhost.59349 > localhost.8443: Flags [P.], ack 1, win 257,
options [nop,nop,TS val 4294952080 ecr 4294952080], length 50
0x0000: 4500 0066 6dde 4000 4006 ceb1 7f00 0001 E..fm.@.@.......
0x0010: 7f00 0001 e7d5 20fb aa9d a94d ab00 752a ...........M..u*
0x0020: 8018 0101 fe5a 0000 0101 080a ffff c490 .....Z..........
0x0030: ffff c490
1603 0100 2d01 0000 2903 014c
........-...)..L
TLS_DHE_RSA_
WITH_DES_CBC_
SHA
0x0040:
758c b400 0000 0000 0000 0000 0000 0000
u...............
0x0050:
0000 0000 0000 0000 0000 0000 0000 0000
................
0x0060:
0002 0015 0100
......
This is an ordinary client hello message, just like the one in Chapter 6. The
only noteworthy point here is that the only offered cipher suite is an ephemeral
Diffi e-Hellman cipher.
21:35:48.345236 IP localhost.8443 > localhost.59349: Flags [P.], ack 51, win
256, options [nop,nop,TS val 4294952080 ecr 4294952080], length 1158
0x0000: 4500 04ba b1bb 4000 4006 8680 7f00 0001 E.....@.@.......
0x0010: 7f00 0001 20fb e7d5 ab00 752a aa9d a97f ..........u*....
Search WWH ::
Custom Search