Electronic Components Datasheet Search |
|
AN4683 Datasheet(PDF) 6 Page - STMicroelectronics |
|
AN4683 Datasheet(HTML) 6 Page - STMicroelectronics |
6 / 31 page SSL/TLS protocol overview AN4683 6/31 DocID027745 Rev 1 Note: The client and the server must support at least one common cipher suite, otherwise the handshake protocol fails. The server generally chooses the strongest common cipher suite they both support. 3. The server sends its digital certificate in an optional certificate message. For example, the server uses X.509 digital certificates. 4. Additionally, a ServerKeyExchange message may be sent, if it is required (e.g., if the server has no certificate, or if its certificate is for signing only). 5. If the server requires a digital certificate for client authentication, an optional CertificateRequest message is appended. 6. The server sends a ServerHelloDone message indicating the end of this phase of negotiation. 7. If the server has sent a CertificateRequest message, the client must send the Certificate message. For example the client uses an X.509 digital certificate. 8. The client sends a ClientKeyExchange message. This message contains the premaster secret used in the generation of the symmetric encryption keys and the message authentication code (MAC) keys. The client encrypts the pre-master secret with the public key of the server. Note: The public key is sent by the server in the digital certificate or in ServerKeyExchange message. 9. If the client sent a digital certificate to the server, the client sends a CertificateVerify message signed with the client's private key. By verifying the signature of this message, the server can explicitly verify the ownership of the client digital certificate. 10. The client sends a ChangeCipherSpec message announcing that the new parameters (cipher method, keys) have been loaded. 11. The client sends a finished message. It is the first message encrypted with the new cipher method and keys. 12. The server responds with a ChangeCipherSpec and a finished message from its end. 13. The SSL handshake protocol ends and the encrypted exchange of application data can be started. During the initial handshaking phase, the client and server negotiate cipher suites, which specify a cipher for each of the following functionalities: A complete list of SSL/TLS cipher suites can be found in the registry maintained by the Internet assigned numbers authority (IANA) (see [6] in References). Table 1. Ciphers Functionality Cipher Authentication RSA, DSA, ECDSA Key-exchange/agreement RSA, DH, ECDH, SRP, PSK Symmetric ciphers for encryption RC4, IDEA, DES, 3DES, AES or Camellia. Hash MAC (for SSLv3.0) or HMAC with MD2, MD4, MD5, SHA-1, SHA-256 (after TLSv1.1 and 1.2 standards). |
Similar Part No. - AN4683 |
|
Similar Description - AN4683 |
|
|
Link URL |
Privacy Policy |
ALLDATASHEET.COM |
Does ALLDATASHEET help your business so far? [ DONATE ] |
About Alldatasheet | Advertisement | Datasheet Upload | Contact us | Privacy Policy | Link Exchange | Manufacturer List All Rights Reserved©Alldatasheet.com |
Russian : Alldatasheetru.com | Korean : Alldatasheet.co.kr | Spanish : Alldatasheet.es | French : Alldatasheet.fr | Italian : Alldatasheetit.com Portuguese : Alldatasheetpt.com | Polish : Alldatasheet.pl | Vietnamese : Alldatasheet.vn Indian : Alldatasheet.in | Mexican : Alldatasheet.com.mx | British : Alldatasheet.co.uk | New Zealand : Alldatasheet.co.nz |
Family Site : ic2ic.com |
icmetro.com |