Noob Doob
Reputation: 1907
Keys' exchange between server and client
When SSL is used, as far as I have understood, the server sends to the client a public key to encrypt the sent data with, and that makes it safe to send data FROM THE CLIENT TO THE SERVER. For the other way around, to send data from server to client in a safe manner, too, what is the procedure that takes place? Does the client (e.g. a normal home pc) generate its own pair of keys and sends its own public key to the server?
Upvotes: 0
Views: 1089
Answers (1)
M'vy
Reputation: 5774
To secure the transmission you follow a specific protocol called handshake. For TLS (which is the updated version of SSL) it goes like this:
- Client communicates its intention to do encryption to the server (this is a clear text message)
- The server replies with by sending its certificate, the protocol he agrees on and a random number (clear text).
- The client generates a pre-shared-key (PSK) and encrypts it with the server's certificate
- The client and server generate with the PSK and the random number a master secret key
- Client and server can now communicate with the master key that no one knows.
More details wikipedia
Upvotes: 1
Related Questions
- Client Private Key is set as part of client certificate authentication
- Understanding how certificates work in a client-server interaction
- How exactly SSL works with asymmetric algorithm?
- How dose the client securely sends secert to server before encrypted transmission starts during SSL handshake in HTTPS connection
- Should the client have the same keystore as the server?
- How client's SSL/TLS certificate is sent from a client (browser) to a server
- SSL: Server key length and browser connection info. Base understanding
- Using the same private key on both the client and Server side for a SSL connection
- How does simple SSL accomplish server-to-client communication?
- How does SSL handshake/protocol work if client already has server certificate?