TLS 1.2 and TLS 1.3 Handshake Walkthrough

TLS 1.2 Handshake

  1. Client Hello
  2. Server Hello
  3. Client key exchange and generate the master secret
  4. Finished

Step 1 — Client Hello

  • the TLS version,
  • a 28-byte random number (Client Random), and
  • a list of cipher suites.

Step 2 — Server Hello

  • It checks if the TLS version is a valid one.
  • It saves the Client Random and puts it aside.
  • It generates another 28-byte random number (Server Random).
  • It picks a preferred cipher suite from the list. TLS recommends using ECDHE (Ephemeral Elliptic-curve Diffie–Hellman) as the key exchange algorithm. An example of suggested cipher suites is TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384.
  • It adds a server certificate to prove its identity.
  • Since ECDHE is selected, it puts key exchange algorithm params to the message. This is required for the next step.
  • A signature, encrypted by the server’s private key, is attached to the param list for additional identity verification.

Step 3 — Client key exchange and generate the master secret

  • It verifies the server’s identity with the server certificate.
  • Also, it verifies the signature in the key exchange algorithm params.
  • If all go well, the browser creates a public key and adds it to the key exchange algorithm params. It is mandatory for the next step.

Step 4 — Finished

TLS 1.3 Handshake

Extensions

Handshake Protocol: Client Hello
Version: TLS 1.2 (0x0303)
Extension: supported_versions (len=11)
Supported Versions length: 10
Supported Version: TLS 1.3 (0x0304)
Supported Version: TLS 1.2 (0x0303)
Supported Version: TLS 1.1 (0x0302)
Supported Version: TLS 1.0 (0x0301)

Safer Communication

  • RSA and DH key exchange algorithms and many named curves
  • RC4 and DES symmetric-key encryption algorithms and ECB and CBC modes
  • MD5, SHA1, and the SHA-224 digest algorithm
  • TLS_AES_128_GCM_SHA256
  • TLS_AES_256_GCM_SHA384
  • TLS_CHACHA20_POLY1305_SHA256
  • TLS_AES_128_CCM_SHA256
  • TLS_AES_128_CCM_8_SHA256

Better Performance

Handshake Protocol: Client Hello
Version: TLS 1.2 (0x0303)
Random: d06068b9b0a6a451949f02b55683dfcceecf95d49cbd4e9e273f8f3f453462ea
Cipher Suites (27 suites)
Cipher Suite: TLS_AES_128_GCM_SHA256 (0x1301)
Cipher Suite: TLS_AES_256_GCM_SHA384 (0x1302)
Cipher Suite: TLS_CHACHA20_POLY1305_SHA256 (0x1303)
...
Extension: supported_groups (len=12)
Supported Groups (5 groups)
Supported Group: x25519 (0x001d)
Supported Group: secp256r1 (0x0017)
Supported Group: secp384r1 (0x0018)
Supported Group: secp521r1 (0x0019)
Extension: key_share (len=107)
Key Share extension
Client Key Share Length: 41
Key Share Entry: Group: x25519, Key Exchange length: 32
...
Extension: supported_versions (len=11)
Supported Versions length: 10
Supported Version: TLS 1.3 (0x0304)
Supported Version: TLS 1.2 (0x0303)
Supported Version: TLS 1.1 (0x0302)
Supported Version: TLS 1.0 (0x0301)
  • supported_groups is for supported named curves, such as P-256 and x25519. By the way, x25519 is a high-performance curve and should be your choice if possible.
  • key_share is for the client's public key params.
  • signature_algorithms is for the signature algorithm.
Handshake Protocol: Server Hello
Version: TLS 1.2 (0x0303)
Random: b0a37492143def6d4959205dfe6fd620d93baa7ba89e1593e8cb60d6497537d4
...
Cipher Suite: TLS_AES_128_GCM_SHA256 (0x1301)
...
Extension: supported_versions (len=2)
Supported Version: TLS 1.3 (0x0304)
Extension: key_share (len=36)
Key Share extension
Key Share Entry: Group: x25519, Key Exchange length: 32
Group: x25519 (29)
Key Exchange: 105aaf79c1f424cdc9352723a4dea7db65568a229c091d3fd8a700da883bd15e
  • In the Supported Version, the server confirms using TLS 1.3.
  • Key Share has the selected named curve and key exchange params.
  • Client Key Share
  • Server Key Share
  • Client Random
  • Server Random
  • verifies the server’s certificate,
  • generates the same master secret, and
  • sends its Change Cipher Spec and Finished message.

Join Medium

Further Reading

--

--

--

a coder 🧑🏻‍💻

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

X-XSS-Protection headers. Protection or vulnerability?

How To Scan Mac For Malware Yosemite

Anatomy of a Phishing Attack — The methods fraudsters can use to trick

Digital Age and Corporate Social Responsibility — A case study of Cambridge Analytica

If You Got A Ledger You’ll Want To Know How To Secure Binance USDT(BUSD): Here’s How

Mystiko.Network, the private base layer of web3, joined Polygon family

Key considerations for the proper management of connected devices in an IoT product

Firefox browser privacy features explained

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Carson

Carson

a coder 🧑🏻‍💻

More from Medium

GREM Preparation

https://www.credly.com/badges/c069f409-c445-45ca-9146-e8aa3c62c63d/embedded

#7 OSI vs TCP/IP MODEL: THE NETWORKING SERIES

Create Your Own Echo Server in Java

Understanding Memories (Binex-1)