The SSL Handshake

If both a Table of Contents and Search form are not displayed in separate frames along with this one, you may wish to redisplay this book in a frameset, beginning with the first page.

HP Open Source Security for OpenVMS Volume 2:...

Overview of SSL

The SSL Protocol

Public Key Encryption

The SSL Handshake

An SSL session always begins with an exchange of messages called the SSL handshake. The handshake allows the server to authenticate itself to the client using public key techniques, also called asymmetric encryption. It then allows the client and the server to cooperate in the creation of symmetric keys, which are used for rapid encryption, decryption, and tamper detection during the session that follows. Optionally, the handshake also allows the client to authenticate itself to the server.

This exchange of messages is designed to facilitate the following actions:

Authenticate the server to the client.

Allow the client and server to select the cryptographic algorithms, or ciphers, that they both support.

Optionally authenticate the client to the server.

Use public key encryption techniques to generate shared secrets.

Establish an encrypted SSL connection.

The SSL Protocol

Public Key Encryption