IT Security Stack Exchange
IT Security Stack Exchange

Questions tagged [handshake]

67 questions
20
votes
3 answers

Can attackers change the public key of certificate during the SSL handshake

The communication is not encrypted during the SSL handshake. If an attacker conducts a man in the middle attack between server and client to capture the certificate, and change the public key in the certificate and send it to client, then the…
Grey
  • 353
  • 4
  • 6
4
votes
2 answers

What is the Session ID parameter indicate in Client Hello and Server Hello messages

I was trying to understand the TLS handshake in depth. I set up Wireshark and captured the github.com traffic. While inspecting the Client Hello and Server Hello, I found a parameter Session ID. According to this article session id can be used in…
Anonymous Platypus
  • 1,392
  • 3
  • 18
  • 33
4
votes
1 answer

Circumventing Netflow's visibility on SSL traffic

In a SSL handshake, the hostname is visible most of the time as it is needed to validate the certificate over HTTP. Netflow is thus able to pick up the common name from the certificate exchange, revealing the hostname. Would a C&C server be better…
George
  • 739
  • 1
  • 6
  • 22
3
votes
1 answer

Why can SSH negotiatie two different encryption and authentication algorithms?

I recently found out, that according to the RFC, SSH can negotiate two different cipher (and MAC) algorithms for server-to-client-encryption and for client-to-server-encryption (check section 7.1. for reference). In section 6.3 this is also…
mat
  • 1,243
  • 7
  • 14
3
votes
1 answer

TLS 1.2 Handshake: Does the server have to take all extensions sent by the Client?

I am unsure about how extensions are handled in TLS v1.2. During the handshake, the client is able to add some extensions during ClientHello. As far I understood, the server can pick arbitrary subsets from this list in ServerHello similar to…
Lavair
  • 165
  • 5
3
votes
1 answer

Authentication handshake between two independent apps

I need help on a solution for below scenario from a security perspective. Scenario: There are two independent web applications App1 and App2. User will log in to App1 by performing authentication demanded by App1. Once authenticated, the user will…
ashok
  • 31
  • 1
3
votes
1 answer

Is it possible to make HTTPS 0-RTT with help from DNS?

This article gives an implementation of encrypted SNI where a public key is retrieved from the DNS. It feels like cheating but imagine this: If the server publishes its certificate on its DNS record, shouldn't the client be able to send encrypted…
Cyker
  • 1,613
  • 11
  • 17
3
votes
1 answer

What are the factors making a WPA2 handshake suitable for cracking?

Days ago I was dumping handshakes of my APs using airodump-ng. I would later use aircrack-ng to crack them using wordlists which would purposely contain the passphrases. However, I noticed that some handshakes of the same AP cracked while others…
cablewelo2ma
  • 131
  • 3
3
votes
1 answer

HandShake TLS- Certificate Unknown

I have added the necessary certificates to communicate a web service by TLS, both the client and the server added the certificates to the keystore, but in the handshake, certificate unknown is returned. SSL Conversation: Is initial handshake:…
Ventur
  • 165
  • 1
  • 2
  • 6
3
votes
0 answers

Raspberry Pi (Raspbian) not capturing WPA2 handshake with Aircrack-ng

I've been using Aircrack for a short time now with my Alfa wfif adapter on my laptop and it's been working perfectly. However when I try and do the same thing on my Raspberry Pi it's having issues capturing the WPA2 handshake. As of yet I have not…
Sleepy Tiger
  • 31
  • 4
2
votes
0 answers

Which messages are included in (D)TLS Finished message's verify_data field for session resumption

The https://www.rfc-editor.org/rfc/rfc5246#section-7.4.9 states which messages are included for PRF computation that is included in Finished messages It is clear for 'regular' (initial) handshake But assume that the client wants to resume the DTLS…
lakier
  • 121
  • 1
2
votes
1 answer

Does the SSL record protocol encrypt the handshake protocol too?

As I know the first communication protocol which establishes between client and server in SSL is handshaking protocol and as this site says: The SSL record protocol is used to transfer any data within a session - both messages and other SSL…
Kamran Hosseini
  • 121
  • 3
2
votes
1 answer

TLS handshake random bytes reused

What would happen if the random bytes provided by the client and the server in the first two messages would be reused by one peer/by both peers? I think it would highly reduce the provided security, like for example if you use a nonce multiple…
TheDoctor
  • 123
  • 3
2
votes
0 answers

Airgeddon-ng Handshake fail

I've followed the following instructions below. This is a freshly installed Parrot OS, not using VirtualBox and etc. I am also using Alfa AWUS036NHA wifi adapter. ifconfig sudo airmon-ng start wlan1 (Wlan1 = Alfa wifi adapter) sudo airodump-ng…
loki
  • 21
  • 2
2
votes
0 answers

WPA technical doubts (3)

This is the third post about the set of doubts that came up when I tried to understand WPA3. I am new to this world of cyber-security so every bit of help is welcome! Someone told me that in WPA2 forward secrecy is achieved by generating ephemeral…
almb
  • 109
  • 3
1
2 3 4 5