The client responds with a ClientKeyExchange message, which may contain a PreMas

Question

The client responds with a ClientKeyExchange message, which may contain a PreMasterSecret, public key, or nothing. (Again, this depends on the selected cipher.) This PreMasterSecret is encrypted using the public key of the server certificate.

The parenthetical remark is interesting. It implies that if there is no premaster secret (which I believe is the case for a DHE key exchange), then the server's public key is not used. However, the server needs to prove that it has the corresponding private key. So where does that proof happen in the protocol if RSA key exchange is not being used?

Explanation / Answer

When a (EC)DHE (non-anon) cipher suite is used, the server's public key is used to verify the signature of the ServerDHPublic. Diffie-Hellman is an anonymous key-exchange protocol. A signature is used to make sure that the client is talking with who he thinks to talk and no MITM attack has took place.

Related Questions

Navigate

• Browse (All)
• Browse T
• Subjects

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.