How browser communicating with server using the Transport Layer Security (TLS) Handshake

How browser communicating with server using the Transport Layer Security (TLS) Handshake

1. Client Hello

The client will send the list of cipher suites supported by the browser .
The list of ciphers can be modified by the user
The Equivalent of ciphers in Firefox and RFC5246 as below
1. security.ssl3.rsa_aes_128_sha = TLS_RSA_WITH_AES_128_CBC_SHA
2. security.ssl3.rsa_aes_256_sha= TLS_RSA_WITH_AES_256_CBC_SHA

2.Server Hello

• Cipher Suite(Supported Cipher Suite):

  The server will match with its supported Ciphers list to the received cipher suite from the browser(Client Hello).
  The first match of server cipher suite with browser cipher suite is acknowledged to the client as Cipher Suite:TLS_RSA_WITH_AES_128_CBC_SHA (0x002f)

• Server Certificate:
  The server certificate details will be sent to browser as Common name ,public key etc..
• Server Hello Done:
  This message says that server is finished and awaiting the response from the browser

3.Client Key Exchange

The client will validate the certificate. if valid then gets the public key & creates the new pre master secret key, encrypt the secret key using the public key

4. Handshake Finished

The server will receive the encrypted secret key, server will decrypt the key with its private key and cache it so that the same key is used for the further communication.
The server will acknowledge the client for it.
This Cipher suites has two types of encryption .

1. Symmetric Encryption = AES (Advanced Encryption Standard )
2. Asymmetric Encryption = RSA (Ron Rivest, Adi Shamir, and Leonard Adleman) TLS_RSA_WITH_AES_128_CBC_SHA

5. Application data

The client will start using the master secret key for the future communication to the server. All further messages will be encrypted using the agreed Cipher Suite parameters