Harry Whitehouse wrote:
>
> As I read the SSL3 specs, I gather that random bytes from the client
> (generated as part of Client Hello) are combined with the client-generated
> pre-master secret and random bytes from the server (generated at the Server
> Hello) to yield the master secret.
>
> I'm curious as to the rationale for using randomly generated bytes --
> particularly in the need to use random bytes from both parties. It would
> seem, for instance, that the client is already contributing random data in
> the form of the pre-master secret (i.e., the data which is encrypted with
> the public key and sent to the server).
The premaster secret will be used as base data for generating all the
secrecy related data like the encryption keys, initialization vectors
(if needed by the selected alogrithm) and the MAC secrets for client &
server.
SSL offers the posibility of a shorter handshake AKA session reuse.
Because of this feature it's not sufficient to use only the premaster
secret as base for the secret generation (as it would lead to the same
result for every new connection using the same session). Therefor the
randoms of client and server has been added to calculate the secrets as
it gives you always different secrets based on the same premaster secret
but enhanced with the randoms exchange with the hello messages (i.e.
every new session based on the same premaster secret session is
cryptograhically independent from others)
Hope this helps
Michael
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
