Breaking Down the TLS Handshake

CLIENT:
- Browser wants to establish connection to a server.
- Client sends Hello’ message
- TLS protocol number (1.2, 1.3)
- Cipher suite client supports

SERVER:
- Server sends ‘Hello’ message
- Server sends certificate file
- Includes server’s public key
- Server sends ‘Hello done’ message

CLIENT:
- Client checks that certificate file
- Checks if it has been revoked
- Checks if it is still valid
- Client generates ‘Pre-Master Secret Key’ (PMSK)
- Client pulls some characters from server’s public key, encrypts that with server’s public key, and creates Pre-Master Secret Key
- Based on PMSK, it will generate SYMMETRIC KEY from that PMSK that will be used for bulk encryption.
- Client sends ‘Client finished’ message

SERVER:
- Server decrypts PMSK with his private key
- Server creates SYMMETRIC KEY by decrypting PMSK. This symmetric key will be same as client’s symmetric key because it was encrypted with PMSK.
- Server sends ‘Change Cipher Spec’ message. This tells client to change from asymmetric to symmetric key exchange
- Server sends ‘Finished’ message

END:
Both of them have symmetric key used.

kallikantzaros

Wow this is great. It takes months to truly get your head around this but vids like this make it so easy to refresh my memory

JamesEtc

The waterfall analogy was outstanding, provided an excellent framework for further study.

joshuaeuceda

That was an amazing explanation, perfectly understood having the basics. Thank you

mferreira

The most thorough explanation of TLS Handshake. Thank you!

pankajchaturvedi

after went through so many other videos. Finally got clear picture only from your explanation. Very good explanation, thanks !

ramkumark

Video is mirror image flipped, and the tshirt he's wearing has the text printed also mirror image flipped. That's how he's able on the glass so well.

Now start learning some TLS!

zajec

Perfect explanation. I thought every time we encrypt with server certificate public key the whole time but it's not.

zakb.

This is CooL. Better explanation than Google's IT certification video! Thanks a lot!!!

imashish

another good explanation need to watch a few times

juliantoon

Great video, simple explanations, not dumbed down, not too technical. Good learning experience.

livamuzika

Thanks Xians for making this concept so easy.

md.bidyuth

That was entertaining to watch :)
Thanks.

Zen-lzhc

You're so fcking good at making it so unclear and so hard to understand! Feeling like you're in fear that someone will understand this and take away your job from you.

itsmith

Thank you for helping me better understand this. I'm studying for my cert and I kinda understood reading it but this makes more sense! Awesome video and explanation.

terrancepinkney

Great explanation. Breaking something down that takes microseconds to complete into a 12min video.

usersn

Wow, it is amazing to know what happens behind the scenes. I would like to meet the people who create/invent these things.

claudedjale

Just what i was looking for. Appreciated

viky

Thank you for explaining things perfectly!

Zohdiak

So, the communication starts with asymmetric cryptography and finishes with symmetric cryptography, so we have a hybrid cryptography. Very very good!

mrhex