Every HTTPS connection begins with what is called a HANDSHAKE which is the negotiation between a client and server detailing and agreeing on how they will communicate. The handshake determines the following:
[mc4wp_form id=”4911″]
- What cipher suite to be used to encrypt the communications,
- Serer verification by Client,
- Clients verification by Server
Lets now go through the 11 steps to establish this secure connection
- Client sends a message to server requesting a secured connection.
- Client presents the list of cipher suites and all the available versions of security protocol(SSL/TLS) in its library to the server. A cipher suite is a set of algorithms that help secure a network connection that uses Transport Layer Security (TLS) or Secure Socket Layer (SSL). The set of algorithms that cipher suites usually contain include: a key exchange algorithm, a bulk encryption algorithm, and a message authentication code (MAC) algorithm. More studies n this from (https://en.wikipedia.org/wiki/Cipher_suite)
- Server goes through the list and picks the most recent cipher suite and Secure protocol in common with both client and server.
- Client agrees on choice.
- Server sends the client a certificate that includes the servers public key.
- Client receives the certificates and verifies it.
- Client then extracts the public key and uses it to encrypt a new key called master key.
- Client sends the master key to the server.
- Server uses its private key to decrypt the master key.
- After a successful decryption of the master key by the server, both client and server agrees to using the master key as the main key for decryption of data traffic between them.
- Encryption session begins between the client and server. Data can now be safely passed over the network to the server.
Now every time you direct your browser to a secure site, these complex interactions always takes place to make sure that your data is safe over the internet.
Thanks for reading this post. Please comment on any questions or suggestions
Leave a Reply