Тёмный

TLS Handshake - EVERYTHING that happens when you visit an HTTPS website 

Practical Networking
Подписаться 244 тыс.
Просмотров 104 тыс.
50% 1

TLS (formerly SSL) is the protocol that makes it safe to do anything on the Internet. It's the protocol that enables that little padlock which gives you the green light to put in your password or bank account number. In order to get the padlock, however, something has to occur between you and the website you are visiting... that something is known as the TLS handshake.
The TLS handshake validates the two endpoints in the conversation, and exchanges the cryptographic material used to create Session keys which will then protect the web browsing session with Encryption, Integrity, and Authentication.
In this video, I'll show you every step of the handshake, what the client knows, what the server knows, and everything they exchange and learn from what is sent across the wire. I'll show you how they create each key involved in securing internet communication.
To be clear, this Handshake also occurs every time you use an SSL VPN as well, and as time goes on, will be used anytime any communication occurs over a computer network.
00:00 - Teaser / Intro
00:40 - TLS Handshake - Background Information
02:25 - Client and Server - the starting point
03:12 - Client Hello - Version, Random Number, Session ID, Ciphers, Extensions
05:16 - Server Hello - Version, Random Number, Session ID, Ciphers, Extensions
07:58 - Server Certificate - Full Certificate Chain
08:38 - Server Hello Done
09:11 - Client Key Exchange - RSA Key Exchange
11:36 - Pre Master Secret, Master Secret, Session Keys
13:56 - SSL/TLS Create TWO secure tunnels
15:53 - PseudoRandom Function (PRF)
17:38 - Do the Client & Server know they have the right keys?
18:22 - Change Cipher Spec (from Client)
18:56 - Client Finished
21:42 - Server Finished & Change Cipher Spec
24:17 - Sharing Protected Application Data
25:04 - Outro & Summary
26:13 - TLS 1.3 Changes Everything... Practical TLS Discount
🔑 More free lessons from the course:
• Practical TLS - Free L...
🔐 More details about the course:
classes.pracnet.net/courses/p...
🏢 Do you configure or troubleshoot TLS/SSL for work? If so, I'm willing to bet your employer would happily pay for this SSL training. Reach out if you'd like to coordinate an introduction for a bulk license purchase with your company. I'm happy to provide a generous referral bonus =)
💬 Join Practical Networking Discord
/ discord
#ssl #tls #cybersecurity

Наука

Опубликовано:

 

16 июн 2024

Поделиться:

Ссылка:

Скачать:

Готовим ссылку...

Добавить в:

Мой плейлист
Посмотреть позже
Комментарии : 181   
@PracticalNetworking
@PracticalNetworking Год назад
👉 *More free lessons:* ru-vid.com/group/PLIFyRwBY_4bTwRX__Zn4-letrtpSj1mzY ✨ *Full course:* pracnet.net/tls 💲 *Coupon Code* for 50% off: youtube50
@dilipbalaiyan6268
@dilipbalaiyan6268 Год назад
I should salute for all your efforts of these videos. It's really helpful for me. You're massive of crispy to the point. I don't know where I can give you kudos for your work.. Thanks a lot.
@PracticalNetworking
@PracticalNetworking Год назад
@@dilipbalaiyan6268 Glad you are getting a lot out of this content. If you're really wanting to help, the best way is to spread the word about this content =). Shares on Twitter/LinkedIn/Reddit are greatly appreciated. Cheers, Dilip.
@dilipbalaiyan6268
@dilipbalaiyan6268 Год назад
@@PracticalNetworking definitely
@PracticalNetworking
@PracticalNetworking Год назад
@@dilipbalaiyan6268 Thank you kindly =)
@cslb38
@cslb38 Год назад
Its worth every penny, such a small price vs large reward! Great work Ed!
@AliYahyaabadi
@AliYahyaabadi 5 месяцев назад
I wanted to take a moment to thank you for your incredibly helpful tutorial on TLS/SSL. I'm so grateful that you took the time to create such a detailed and informative resource.
@PracticalNetworking
@PracticalNetworking 4 месяца назад
You're very welcome. If you want more, you might also enjoy the full TLS course as well.
@chiefriver
@chiefriver 6 месяцев назад
Thanks for all your quick responses here and on Twitter! Until I buy a class just wanted to say thanks as you are great at fulfilling your mission of bridging the gap between overly technical documentation, RFCs etc and simplified examples that leave us with more questions than answer!!! Keep it going and thanks again!!
@PracticalNetworking
@PracticalNetworking 6 месяцев назад
Thanks for the kind words. Glad to help. Thanks for supporting the channel =)
@poojarrao
@poojarrao 9 месяцев назад
This is by far the best explanation I’ve seen on the internet. Thank you so much for sharing!! I’m sure this video has helped a lot of us here :)
@infomoreandmore
@infomoreandmore 8 месяцев назад
This is the best explanation so far I got around SSL handshake. Thanks a lot!
@user-up7uj7ky3k
@user-up7uj7ky3k 4 месяца назад
One of the absolute best training videos I've watched in the recent past! The author seems to have an impressive understanding of the audience new to the topic. Pacing of the video is spot-on for me, making the learning experience truly captivating
@umairsafdar7444
@umairsafdar7444 Год назад
One of the best and highly detailed explanations of TLS Handshake. Thanks for putting this out for free !!
@PracticalNetworking
@PracticalNetworking Год назад
Thank you for the kind words. You're very welcome, Umair.
@ericschneider2546
@ericschneider2546 5 месяцев назад
OMG! Thank you so much!!! This was EXACTLY the video I needed to understand what was missing, and I was looking for it so badly! Best explanation ever!
@shajigopinath
@shajigopinath Год назад
One of the best session which i watched. Thanks for the detailed and clean explanation.
@michaelmendoza9824
@michaelmendoza9824 9 месяцев назад
Simply and ABSOLUTELY fantastic content! I’m sold and now a paid course subscribed student looking forward to consuming ALL the content and putting it to practical use! Kudos! MM
@PracticalNetworking
@PracticalNetworking 9 месяцев назад
Glad you enjoyed it, Michael =)
@scottspa74
@scottspa74 Год назад
I'll DEFINITELY be rewatching this! Also, great way to incentivize yourself to finish up TLS 1.3 👍😁 Can't wait for that!
@PracticalNetworking
@PracticalNetworking Год назад
=)
@power8667
@power8667 8 месяцев назад
The best explanation of the concept on the internet I have seen! Thank you.
@justsomebody14
@justsomebody14 7 месяцев назад
This is a gem! Thanks for your free course!
@AbhishekD538
@AbhishekD538 2 месяца назад
Really appreciate all the work you do! This was very helpful, clear and detailed at the right level of abstraction. Thank you. 🙏
@DG-fs1pq
@DG-fs1pq Год назад
I finally purchased your Practical TLS class last night. Ready!!!
@PracticalNetworking
@PracticalNetworking Год назад
Awesome! Welcome to the course!
@ankitsharma-ef3cs
@ankitsharma-ef3cs Год назад
OMG !! What an explanation Ed. This is the best content for TLS-Handshake and i'm so glad to find. Lots of love from INDIA 💌
@PracticalNetworking
@PracticalNetworking Год назад
Cheers Ankit. Glad you enjoyed it =).
@jhde9067
@jhde9067 Год назад
I'm glad I subscribed to the channel after finding the website.
@PracticalNetworking
@PracticalNetworking Год назад
Me too =)
@alirezajalali9265
@alirezajalali9265 9 месяцев назад
after all these years in IT , now I fully understand TLS . thank you so much
@misha2082
@misha2082 Год назад
Wow. What a great video. I definitely learned something new today about SSL keys
@gedankenthesis
@gedankenthesis Год назад
This explanation was absolutely amazing! Thank you so much!
@PracticalNetworking
@PracticalNetworking Год назад
You're welcome, Arvind !
@amzathblaiseyehouessi7028
@amzathblaiseyehouessi7028 8 месяцев назад
I hit the LIKE button 6 times to give you tha round of applause. You actually deserve it more than me. Thank you!
@PracticalNetworking
@PracticalNetworking 7 месяцев назад
Thanks for the kind words and your support =) And the six likes ! ;)
@mujahid509
@mujahid509 4 месяца назад
Lucky to come across this explanation..best for SSL handshake
@MohammadJK197
@MohammadJK197 3 месяца назад
very detailed and easy to understand. This was awesome, thank you
@orilio3311
@orilio3311 11 месяцев назад
absolutely incredible video. this is the one greatest explenation of TLS I've managed to find. thank you! I hope my cyber security course test score will show I've understood the protocol :)
@PracticalNetworking
@PracticalNetworking 11 месяцев назад
Thank you for the kind words =) Glad you enjoyed it!
@RowenaReddragon
@RowenaReddragon Год назад
you are hands down the best teacher! i cant thank you enough. truly grateful 🙏
@PracticalNetworking
@PracticalNetworking Год назад
You're very welcome! Hope to see you in the full course soon!
@emonhossain4353
@emonhossain4353 Год назад
Thank you
@ghinwabadawi983
@ghinwabadawi983 2 месяца назад
best explanation about TLS Handshake! loved it!
@rudrasalaria3431
@rudrasalaria3431 Год назад
As always you clear my doubt aboutTLS 1.2. Thank U Sir. Lots of Love from india. ❤️🇮🇳
@PracticalNetworking
@PracticalNetworking Год назад
You're welcome, Rudra. =)
@muhammadumarwaseem
@muhammadumarwaseem 7 месяцев назад
You sir, are a legend! Great video, well explained.
@cslb38
@cslb38 Год назад
Yet again an amazing demonstration of excellence!
@PracticalNetworking
@PracticalNetworking Год назад
Thank you! Cheers!
@jaishankarpatil4554
@jaishankarpatil4554 24 дня назад
The best ever TLS Handshake Explained..
@kevinlupien9520
@kevinlupien9520 Год назад
Always high quality content. Thanks!
@satishbabugudapati9741
@satishbabugudapati9741 Год назад
This was beautiful video on internet. Thanks Ed
@PracticalNetworking
@PracticalNetworking Год назад
Glad you enjoyed it, Satishbabu!
@yared09
@yared09 9 месяцев назад
Crisp and clear explanation ever!
@alfiogiuffrida1007
@alfiogiuffrida1007 8 месяцев назад
Great course! Very well explained. Thanks!
@jhde9067
@jhde9067 Год назад
OMG THANK YOU SO MUCH, I NEEDED THIS. Not sure many made it as clear and detailed as that.
@PracticalNetworking
@PracticalNetworking Год назад
Glad this helped =). Please feel free to share it if you know others that might also benefit from this.
@CyberTronics
@CyberTronics Год назад
Beautiful can’t wait for the TLS 1.3
@PracticalNetworking
@PracticalNetworking Год назад
Thank you, Hamza.
@scottspa74
@scottspa74 Год назад
As someone lucky enough to have won access to the full TLS course, I have to agree that there is enough detailed content in it to answer any questions a person may have after watching this. Excellent course! Definitely worth the cost! 👍 Really, really looking forward to 1.3 with quic.
@PracticalNetworking
@PracticalNetworking Год назад
Thanks for the kind words, Scott =).
@h.b.7190
@h.b.7190 4 месяца назад
I want to Thank you for all the content you made to create such a wonderful playlist. It took me a while to understand whats going but it all makes sense. It’s so fascinating and it blows my mind that smart people created a secure tunnel for secure communications. Me in my 30s as a employee in a facility management company trying to make a step into information technology and let my path of life go in a new direction. Unfortunately I can not afford a full TLS course from your website but let me spend you a coffee at least. Thank you so much man. God bless you Is there name of your song you always use for intros? I would like to listen to it, while thinking about the TLS handshake step by step 😊
@PracticalNetworking
@PracticalNetworking 4 месяца назад
Thanks for the kind words, and thank you for supporting the channel. I'm at the gym at the moment, and don't recall what song I used in this video. But if you reach out to me on discord, I'll tell you the song... And gift you a scholarship to the course.
@cvasilak
@cvasilak Год назад
excellent description, thank you!
@PracticalNetworking
@PracticalNetworking Год назад
You're very welcome, Christos!
@Felitsius
@Felitsius 5 месяцев назад
Wow that was such a good explanation! Thank you heaps, I wish my tutors had a similar skill to transfer knowledge - it is a skillset of its own!
@trailerhaul8200
@trailerhaul8200 Год назад
Man 100K subscribers. It was way less a year ago. You are Networking great :))
@PracticalNetworking
@PracticalNetworking Год назад
Progress has been slow and steady, but it finally got to 100k =). Excited to see where it goes next !
@bd5387
@bd5387 6 месяцев назад
Awesome! Thanks man. Great stuff.
@aleksandrkubar6255
@aleksandrkubar6255 Год назад
Perfect explanation, thanks!
@sarathreddy844
@sarathreddy844 5 месяцев назад
Highly knowledgeable content!
@AbhishekSingh-xn4qb
@AbhishekSingh-xn4qb 10 месяцев назад
Hey someone, can you please come back & remove your 'single' DISLIKE from this video please. This insightful video doesn't deserve dislike at all.
@PracticalNetworking
@PracticalNetworking 9 месяцев назад
Seriously! ;p
@nishantdalvi9470
@nishantdalvi9470 9 месяцев назад
This vide is awesome 💯 just having a little doubt from where did that key expansion field come which is been used for the formation of the session keys
@aniruddhsharma8342
@aniruddhsharma8342 Год назад
Must say that if we were to speak of only the Handshake then this is the best video, would request you to cover the Certificate Change of Trust, Record and Alert Protocol as well. Thank you
@PracticalNetworking
@PracticalNetworking Год назад
GLad you enjoyed this video, Aniruddh! The rest of those topics are covered in the full course!
@rahmounmedelmahdi4181
@rahmounmedelmahdi4181 Год назад
you know the video is good when you spend 2 hours on watching 30 min good job. I wish there were free access to the rest of the content.
@PracticalNetworking
@PracticalNetworking Год назад
@zerooneservices
@zerooneservices Год назад
Thanks for such an informative video.
@PracticalNetworking
@PracticalNetworking Год назад
Glad you enjoyed it =)
@olsikapoli6287
@olsikapoli6287 9 месяцев назад
Great course Ed! I have a question on the Cipher Suites used (trying to go through the comments if it was asked before, but can't seem to find it, therefore I apologize for asking "again"). In TLS1.3, all RSA encryption and RSA cipher suites have been removed. The video started by Client having TLS1.3, but did not mention TLS1.2 libraries as well. Is it assumed in this course that Client and Server have both 1.2 and 1.3 for this handshake to work for this course?
@duckduck9954
@duckduck9954 Год назад
One of the best explanation
@mortezarezaei3006
@mortezarezaei3006 Год назад
Thanks for the informative video.
@PracticalNetworking
@PracticalNetworking Год назад
YOu're welcome, Morteza!
@sushilshiwaniwal
@sushilshiwaniwal 2 месяца назад
Very Well Explained, Thanks 😊
@PracticalNetworking
@PracticalNetworking Месяц назад
You're welcome!
@user-sw3sw2ur3g
@user-sw3sw2ur3g 8 месяцев назад
Hi! I study cryptography and your videos are the best in the whole Internet! Could you please specify the exact way of combining pre-master key\master-key with random values and strings before putting them into PRF? With love from Ukraine
@pixelmage3523
@pixelmage3523 Год назад
holy fuck this blew my mind as to how easy it was to understand it
@PracticalNetworking
@PracticalNetworking Год назад
Anything can be easy if it's explained well. Glad you enjoyed this video =)
@estebanechavarria5609
@estebanechavarria5609 Год назад
I was so shocked about all the things that are being done behind the scenes when you access an https website that I'm thinking that I would be exhausted and do not want to exchange data anymore after that long handshake haha
@chrisfahie2767
@chrisfahie2767 Год назад
Wow thank you so much that really helped
@PracticalNetworking
@PracticalNetworking Год назад
Glad you enjoyed it =)
@constantincoach372
@constantincoach372 Месяц назад
Love the content
@alexandrkovalsky1711
@alexandrkovalsky1711 Год назад
great video!
@riadali1775
@riadali1775 Год назад
Thank you so much! your video really helped alot. can you make video related to DNS management as well?
@Sharing.learnings
@Sharing.learnings Год назад
Great content
@user-ds2yw2ct9n
@user-ds2yw2ct9n Месяц назад
A very good lullaby!
@mharis6728
@mharis6728 6 месяцев назад
Thanks for this video. I have a question related to session keys generation. How Master Secret, Client and server random and "key expansion" are used or combined in order to generate these 4 session keys? My second question is how Master secret is actually generated? You said we combine Pre-Master secret, client and server random and "Master Secret" but what mechanism or algorithm is used to generate it?
@negrastormentas2865
@negrastormentas2865 11 месяцев назад
Thank you so much for this series.
@jyothibabugummapu1365
@jyothibabugummapu1365 6 месяцев назад
Awesome...thanks alot
@tanmoymallick8244
@tanmoymallick8244 Год назад
did you upload the video for the packet capture of tls handshake that you said here ???
@babai08
@babai08 Год назад
U better live 100 more years ❤️❤️
@PracticalNetworking
@PracticalNetworking Год назад
=)
@majiddehbi9186
@majiddehbi9186 Год назад
great video thx
@PracticalNetworking
@PracticalNetworking Год назад
You're welcome, Majid.
@rico5342
@rico5342 Год назад
How long does this to-and-back TLS handshake procedure take ?
@santozard
@santozard Год назад
Best of best!
@rajrajesh
@rajrajesh Год назад
Great video. For @17.00 - Can you please help clarify if the client encryption key gets generated individually at the client and the server? If so, client and server have the same set of 4 pieces of information (Master Secret, key expansion, Client Random, Server Random) that is used for the random hash function. But how is it guaranteed that the random hash function returns the same value both at the client and the server?
@PracticalNetworking
@PracticalNetworking Год назад
The nature of Hashing is that if the Client and Server hash the same pieces of information, they will receive the same output. That is what is happening here, and how the encryption keys calculated by both Client and Server end up being identical.
@nikbura9500
@nikbura9500 Год назад
@@PracticalNetworking To Clarify this further, does this mean that the Client keys are generated using the client random number and the server keys are using the server random number to be generated? otherwise how can you make two sets of keys individually on each host and ensure both sets are the same?
@elvismalope
@elvismalope Год назад
Thanks!
@PracticalNetworking
@PracticalNetworking Год назад
Hi Elvis! Thank you for supporting the channel. Contributions like this help support the continued development of free content for everyone else. If anyone else reads this comment, you should thank Elvis for funding the free resources you are enjoying. Thanks again, Elvis!
@VSHALETC
@VSHALETC Год назад
Simply great! Is it possible for you to make small introduction video on web3?
@PracticalNetworking
@PracticalNetworking Год назад
Web3 is on my list to cover, at some point. But a lot is in front of it =/
@matiashuartamendia7977
@matiashuartamendia7977 8 месяцев назад
so RSA only here for key exchange? no encryption other than symmetric keys? is it then that the symmetric cipher comes into play with the keys to encrypt the payloads? is the hashing of handshake determined by cipher suite selecion for example SHA1?
@PracticalNetworking
@PracticalNetworking 7 месяцев назад
Correct. RSA just facilitates the key exchange, and signatures. It doesn't do any real encryption of data sent being client and server. Yes, hashing is determined by Cipher Suite selection.
@encryptionforbeginners96
@encryptionforbeginners96 Год назад
Danke!
@PracticalNetworking
@PracticalNetworking Год назад
Thank you for supporting the channel! You're very welcome.
@Whowhatsit
@Whowhatsit Год назад
Gunna be using this for my brown bag report at work, big thanks for the save!
@edwinjose1885
@edwinjose1885 9 месяцев назад
Could you help clarify what's been explain at 14:40? The concept of two tunnels. Up until that point you've been saying that the keys both the client and the server have are identical. But you go into how TLS creates two tunnels and they are encrypted with two different pair of keys, and that even if one of the tunnel's been comprised, the attacker can only decrypt that tunnel and not the other. How does that work? Aren't both set of keys the same?
@edwinjose1885
@edwinjose1885 9 месяцев назад
I think I may have understood it. BOTH the CLIENT and SERVER generates a SEED for it's respective tunnels that BOTH perform a RSA Key exchange for. Correct me if I'm wrong.
@chiefriver
@chiefriver 6 месяцев назад
Any videos doing a similar walk through but with Diffiehellman key exchange? Specifically on and where in the flow the client verifies that the server does possess the long term private key that corresponds with the earlier served x509 cert? Because it doesn't need to send a premaster secret like RSA where is this same validation check performed with Diffiehellman? Ex 11:10
@PracticalNetworking
@PracticalNetworking 6 месяцев назад
Great question! I don't have a video answer but the pinned post on my Twitter is exactly what you asked for: a walk through of the TLS handshake using diffie hellman as a key exchange. =)
@vishal57971
@vishal57971 6 месяцев назад
My question is client send lists of cipher suite to server. What mechanism is work on server side and server choice one of cipher suite that client send in hello message
@atabhatti6010
@atabhatti6010 Год назад
At 5:56, the slide says Session Id in the Server Hello is 8 bytes / 32 bits? Is that right? Aren't 8 bytes 64 bits?
@PracticalNetworking
@PracticalNetworking Год назад
Yea, that's totally a typo. Someone mentioned this in my discord as well. It should say any range in 0-32 bytes. In reality, there is one field "Session ID Length" which is always 1 byte (8 bits, values 0-255, of which only 0-32 are valid) which indicates how long the actual "Session ID" field will be.
@avinashs8236
@avinashs8236 3 месяца назад
does tcp handshake (sync, syn-ack, ack ) happen before this ssl/tls handshake when a user visits a website
@PracticalNetworking
@PracticalNetworking 3 месяца назад
Yes, typically. There is a version of TLS over UDP that doesn't involve TCP 3 way handshake, but generally most TLS does. I have some videos on TCP here : pracnet.net/tcp
@joetecson
@joetecson Месяц назад
Q: If a client initiates TLS 1.0 to a server and gets denied, will it open a new stream to renegotiate the higher TLS with the server or will it use the same quintuple stream on renegotiation?
@saravananm9783
@saravananm9783 Год назад
Great content😊😇.. But, .I stucked in some points.. What is exactly "masterkey" inside the "pre-master key". And then "servers finished".? Is that same value both side?
@PracticalNetworking
@PracticalNetworking Год назад
"pre-master-key" is a random value generated by the client (at least, with the version of the handshake illustrated in the video). This random value is combined with other values to create the "Master Secret". Which is then combined with yet other values, such as the literal string "Server Finished", to create the actual Session Keys
@saravananm9783
@saravananm9783 Год назад
Thanks😊..
@bernardoolisan1010
@bernardoolisan1010 2 месяца назад
This is amazing, but people... why can't we just trust each other!
@PracticalNetworking
@PracticalNetworking Месяц назад
Wouldn't that be much easier ;)
@radhakrishna2501
@radhakrishna2501 Год назад
Thanks a lot Ed! I have a query regarding slowness issue between two servers (these servers residing in DC and branch office and communicating via meraki vpn) this issue occuring after upgrading our gear to meraki not sure what's the issue here could you help me with some troubleshooting steps please Thanks in advance
@PracticalNetworking
@PracticalNetworking Год назад
That seems pretty involved, much more involved than what is appropriate for RU-vid comments. You can try to ask in discord (pracnet.net/discord) but the issue is borderline something that would require hiring a consultant (which, I'm available for, if you are interested).
@radhakrishna2501
@radhakrishna2501 Год назад
@@PracticalNetworking thank you for the reply Ed! It indeed need consultant view will have a word with my manager on this and get back to you thank you again
@earnwisely3256
@earnwisely3256 4 месяца назад
should the session id be 8bytes / 64bits?
@PracticalNetworking
@PracticalNetworking 4 месяца назад
Yea, that's a typo. It's fixed in a note in my full course. It's actually 32 bytes (256 bits).
@silentrandom
@silentrandom 11 месяцев назад
Awesome content. Session Id 8 bytes or 64 bit. Just typo I guess
@PracticalNetworking
@PracticalNetworking 11 месяцев назад
Yes, it's a typo, good catch =). I clarify it in the TLS 1.3 handshake lesson in the course.
@Sharing.learnings
@Sharing.learnings Год назад
Yeah good content1
@gpmuthu248
@gpmuthu248 Год назад
IPsec deep dive series 🥺 please..
@PracticalNetworking
@PracticalNetworking Год назад
On my list =). Maybe a live stream.
@shervinhariri6821
@shervinhariri6821 Год назад
Awsome
@itamardoron5587
@itamardoron5587 Год назад
If the client gets the certificate alongside the public key after the client and server hello (8:50) then how are the client and server "hello" encrypted?
@itamardoron5587
@itamardoron5587 Год назад
And if it is not encrypted, is that not a risk to have the client and server random numbers public? Would it not make it easier to derive the pre master/ master secret?
@PracticalNetworking
@PracticalNetworking Год назад
Great question, and follow on question. No, the Client & Server Hello are not encrypted. ANd no, the random numbers alone cannot be used to recreate the session keys, so them being shared in clear text is not an additional risk.
@anmarofficial4953
@anmarofficial4953 Год назад
Sir I studied bachelor of computer applications as degree (three year course) Intrested to study deep on network So starting a carrier which course benefit me CCNA or CEH COURSE
@PracticalNetworking
@PracticalNetworking Год назад
Go with what is more interesting. CEH is more geared towards security and hacking, CCNA is more general networking.
@anmarofficial4953
@anmarofficial4953 Год назад
Ok thank you so much
@anmarofficial4953
@anmarofficial4953 Год назад
Can you please mention your degree path
@talesara74
@talesara74 11 месяцев назад
At 13:54 you are saying that both sides have same identical keys...and in next few seconds you are saying why 2 different sets of keys. Are the keys identical or different at both ends ? it has to identical right.
@PracticalNetworking
@PracticalNetworking 9 месяцев назад
Two different sets of two keys. Totaling 4 keys. And _both sides_ have the same set of _four keys_ . Yes, you are right, they have to be identical or else the peers could not do symmetric encryption of data (and it's decryption, of course) with each other. =)
@martinvonromualdez8175
@martinvonromualdez8175 Год назад
what if the key session is not the same ? what happened ?
@PracticalNetworking
@PracticalNetworking Год назад
Encryption Error and the Handshake fails. This would only happen if someone was tampering with the handshake and/or if something went wrong.
@pradeepgenisis
@pradeepgenisis 10 месяцев назад
What is SEED ?
@PracticalNetworking
@PracticalNetworking 9 месяцев назад
It's merely a value which is typically the result of some sort of Key Exchange operation. This value is used to generate many different symmetric keys, hence I'm referring to it as the "seed" value. In this video on Diffie-Hellman, the seed value is the number 3. ru-vid.com/video/%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE-KXq065YrpiU.html
@marouenbadrani3056
@marouenbadrani3056 Год назад
I have a question please, is the server hello encrypted? if so what is the encryption scheme? I understood that the client doesn't know yet the server's public key, so did the client's and server's hello messages not encrypted? I had understood through many tutorials and courses that the session ID should remain secret to avoid session hijack. so how come the server encrypts the server hello?
@marouenbadrani3056
@marouenbadrani3056 Год назад
and thank you for your great videos :)
@marouenbadrani3056
@marouenbadrani3056 Год назад
Also, is there only one PRF function to use? if not, haw both sides know the wright PRF function to use to generate the master key and the sessions keys
@PracticalNetworking
@PracticalNetworking Год назад
Server Hello is not encrypted =) Neither is the Client Hello., There is some talk in TLS 1.3 of enabling encrypted Client Hellos, but that comes with other requirements. For the most part, all Client Hellos and Server Hellos will be unencrypted.
@PracticalNetworking
@PracticalNetworking Год назад
@@marouenbadrani3056 The PRF is baked into the RFC, so if the Client/Server are doing "TLS 1.2", then they know exactly how the PRF works. Internally, the PRF uses a hashing algorithm, and that is negotiated in the Cipher Suite.
@aaqibshafiq5468
@aaqibshafiq5468 5 месяцев назад
@rajesh_shrestha
@rajesh_shrestha Год назад
hello sir, this is the best explanation video thank you for the insight also i have took your video as a reference for my internal presentation purpose. i have one question - is the client and the server Encryption key are exact same or not ?, if not than how it is calculated ? can you please provide me some idea about this.
@PracticalNetworking
@PracticalNetworking Год назад
Yes, they are the same. They have to be since they are _Symmetric_ Encryption keys. =)
@rajesh_shrestha
@rajesh_shrestha Год назад
@@PracticalNetworking thank you sir, i got it now.
@siavashsabet2462
@siavashsabet2462 Год назад
5:23 isnt 8bytes the same as 64 bits? Why does it say 32?
@PracticalNetworking
@PracticalNetworking Год назад
Yea, that's a typo =) it's fixed in the TLS 1.3 handshake video =)
@siavashsabet2462
@siavashsabet2462 Год назад
@@PracticalNetworking thank you so much, I am very new at this, just trying to make sure I understand everything. 😅
@singernooneheard6967
@singernooneheard6967 10 месяцев назад
Excellent videos ....but price still too high for an Indian
Далее
TLS 1.3 - What Changes? What stays the same?
8:02
Просмотров 13 тыс.
HTTPS, SSL, TLS & Certificate Authority Explained
43:29
Пранк над Катей 🤣🤣🤣
01:00
Просмотров 162 тыс.
Legendary KNOCKOUT
00:44
Просмотров 1,5 млн
What happens when a client connects?
10:47
Просмотров 25 тыс.
TLS Handshake Deep Dive and decryption with Wireshark
1:05:40
TLS Handshake Explained - Computerphile
16:59
Просмотров 546 тыс.
Breaking Down the TLS Handshake
12:29
Просмотров 251 тыс.
POPVIBE V5000 setup ASMR
0:26
Просмотров 721 тыс.
Bardak ile Projektör Nasıl Yapılır?
0:19
Просмотров 6 млн
Мечта Каждого Геймера
0:59
Просмотров 1,3 млн
Дени против умной колонки😁
0:40
solve bubbling fan issue
0:24
Просмотров 2,6 млн