TLS 1.2 and TLS 1.3 Handshake Walkthrough

TLS 1.2 Handshake

  1. Client Hello
  2. Server Hello
  3. Client key exchange and generate the master secret
  4. Finished

Step 1 — Client Hello

  • the TLS version,
  • a 28-byte random number (Client Random), and
  • a list of cipher suites.

Step 2 — Server Hello

  • It checks if the TLS version is a valid one.
  • It saves the Client Random and puts it aside.
  • It generates another 28-byte random number (Server Random).
  • It picks a preferred cipher suite from the list. TLS recommends using ECDHE (Ephemeral Elliptic-curve Diffie–Hellman) as the key exchange algorithm. An example of suggested cipher suites is TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384.
  • It adds a server certificate to prove its identity.
  • Since ECDHE is selected, it puts key exchange algorithm params to the message. This is required for the next step.
  • A signature, encrypted by the server’s private key, is attached to the param list for additional identity verification.

Step 3 — Client key exchange and generate the master secret

  • It verifies the server’s identity with the server certificate.
  • Also, it verifies the signature in the key exchange algorithm params.
  • If all go well, the browser creates a public key and adds it to the key exchange algorithm params. It is mandatory for the next step.

Step 4 — Finished

TLS 1.3 Handshake

Extensions

Handshake Protocol: Client Hello
Version: TLS 1.2 (0x0303)
Extension: supported_versions (len=11)
Supported Versions length: 10
Supported Version: TLS 1.3 (0x0304)
Supported Version: TLS 1.2 (0x0303)
Supported Version: TLS 1.1 (0x0302)
Supported Version: TLS 1.0 (0x0301)

Safer Communication

  • RSA and DH key exchange algorithms and many named curves
  • RC4 and DES symmetric-key encryption algorithms and ECB and CBC modes
  • MD5, SHA1, and the SHA-224 digest algorithm
  • TLS_AES_128_GCM_SHA256
  • TLS_AES_256_GCM_SHA384
  • TLS_CHACHA20_POLY1305_SHA256
  • TLS_AES_128_CCM_SHA256
  • TLS_AES_128_CCM_8_SHA256

Better Performance

Handshake Protocol: Client Hello
Version: TLS 1.2 (0x0303)
Random: d06068b9b0a6a451949f02b55683dfcceecf95d49cbd4e9e273f8f3f453462ea
Cipher Suites (27 suites)
Cipher Suite: TLS_AES_128_GCM_SHA256 (0x1301)
Cipher Suite: TLS_AES_256_GCM_SHA384 (0x1302)
Cipher Suite: TLS_CHACHA20_POLY1305_SHA256 (0x1303)
...
Extension: supported_groups (len=12)
Supported Groups (5 groups)
Supported Group: x25519 (0x001d)
Supported Group: secp256r1 (0x0017)
Supported Group: secp384r1 (0x0018)
Supported Group: secp521r1 (0x0019)
Extension: key_share (len=107)
Key Share extension
Client Key Share Length: 41
Key Share Entry: Group: x25519, Key Exchange length: 32
...
Extension: supported_versions (len=11)
Supported Versions length: 10
Supported Version: TLS 1.3 (0x0304)
Supported Version: TLS 1.2 (0x0303)
Supported Version: TLS 1.1 (0x0302)
Supported Version: TLS 1.0 (0x0301)
  • supported_groups is for supported named curves, such as P-256 and x25519. By the way, x25519 is a high-performance curve and should be your choice if possible.
  • key_share is for the client's public key params.
  • signature_algorithms is for the signature algorithm.
Handshake Protocol: Server Hello
Version: TLS 1.2 (0x0303)
Random: b0a37492143def6d4959205dfe6fd620d93baa7ba89e1593e8cb60d6497537d4
...
Cipher Suite: TLS_AES_128_GCM_SHA256 (0x1301)
...
Extension: supported_versions (len=2)
Supported Version: TLS 1.3 (0x0304)
Extension: key_share (len=36)
Key Share extension
Key Share Entry: Group: x25519, Key Exchange length: 32
Group: x25519 (29)
Key Exchange: 105aaf79c1f424cdc9352723a4dea7db65568a229c091d3fd8a700da883bd15e
  • In the Supported Version, the server confirms using TLS 1.3.
  • Key Share has the selected named curve and key exchange params.
  • Client Key Share
  • Server Key Share
  • Client Random
  • Server Random
  • verifies the server’s certificate,
  • generates the same master secret, and
  • sends its Change Cipher Spec and Finished message.

Join Medium

Further Reading

--

--

--

a coder 🧑🏻‍💻

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

Behind the Digital Curtain

How to Use BSC with Metamask and Enter Hero Park

DoraHacks Raises $20M Led by FTX Ventures and Liberty City Ventures To Scale Its Global Web3…

What’s the Difference Between Web 2.0 and Web 3.0

Difference between Web 3.0 and Web 2.0

GOVERNANCE AND SECURITY

Billance launches First-come Users campaign, save to get 100% APY!

Will a purchasing executive order protect the electrical power system of USA?

{UPDATE} OVERHIT Hack Free Resources Generator

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Carson

Carson

a coder 🧑🏻‍💻

More from Medium

Freeradius

What I learnt about container image in the Pizza House?

x86 Linux Reverse TCP Shellcode

Running sctest on MSF’s linux/x86/shell_reverse_tcp shellcode

Clear Linux Distro — Optimized for Performance and Security