On 2/5/2013 12:05 PM, Thulasi wrote:
Hello all,
** This is not regarding OpenSSL software but about the protocol in
general.
I am trying to understand the use of 32 byte(4 byte data + 28 byte rand)
client random which is part of Client Hello. I understand that Server
Random is required to avoid replay attacks by making server to
dynamically contribute in the derivation of session keys along with
Pre-master-secret chosen by Client, but what additional security is
derived from Client Random?
The same benefits, but seen from the other end.
Server random protects the server from being attacked with replays of
client packets, amongst other benefits.
Client random protects the client from being attacked with replays of
server packets, amongst other benefits.
Simple, really.
Enjoy
Jakob
--
Jakob Bohm, CIO, Partner, WiseMo A/S. http://www.wisemo.com
Transformervej 29, 2730 Herlev, Denmark. Direct +45 31 13 16 10
This public discussion message is non-binding and may contain errors.
WiseMo - Remote Service Management for PCs, Phones and Embedded
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
