The image below is part of a SSL/TLS handshake. Answer the questions below about
ID: 3771995 • Letter: T
Question
The image below is part of a SSL/TLS handshake. Answer the questions below about the selected packet in the image:
1. What version of SSL/TLS is being used?
2. What is the handshake type?
Eile Edit View Go capture analyze Statistics Telephony Iools Internals belp Filter tc pstream eq0 Protocol Length Info 0.16823200 192.168, 2.106 69. 280, 196 TCP 66 6 0,1923 400 69 196 230,196 192,168, 2,106 TCP 60 https murray [SYN ACKI seq O Ack win-BI 54 murray https [ACK) Seq-1 Ack-1 win 64240 Len 0 7 0.19241500 192.168.2.106 69.196, 230.196 TCP 296 Client Hello 80.19297000 192.168.2.106 69.196, 230.196 TLSV1. 60 https murray [ACK) Seq 1 Ack 243 win 35204 Len 0 90.20263000 69.196.230.196 192.168.2.106 TCP 20377500 69, 196.230. 196 192.168, 2.106 146 Change C TL5vi. her Spec 11 0.20377700 69.196.230.196 192.168.2.106 TLSvi 107 Encrypted Handshake Message 12 0.20380700 192.168.2.106 69.196, 230.196 54 murray https CACK) Seq 243 Ack-146 win 64095 Len TCP 13 0.20426800 192.168.2.106 69.196, 230.196 TLSv1.2 113 change Cipher Spec, Encrypted Handshake Message 14 0.20444800 192.168.2.106 69.196, 230.196 TLSV1.2 699 Application Data 15 0.23381700 69, 196.230.196 192.168.2.106 60 https murray [ACK) Seq-146 Ack 302 win 35145 Len 0 TCP 16 0.23381900 69, 196.230.196 192.168.2.106 60 https murray [ACK] Seq-146 Ack-947 win 34500 Len 0 TCP Secure Sockets Layer TLSv1.2 Record Layer: Handshake Protocol: Server Hello Content Type: Handshake (22) version: TLS (0x0303) Length: 81 Handshake Protocol Handshake Type: Length: 77 version TLS (0x0303) Session ID Length: 32 Session ID: dBa407eob891d9ac644ae5682d2784417141bfec91f 37797... Cipher Suite: TLS RSAUNITH 3DESLEDE.cBC SHA (0x000a) Compression Method: null (0) Extensions Length: 5 Extension: renegotiation info B TLSv1.2 Record Layer: change cipher Spec Protocol: change cipher Spec Type: change cipher spec C20) Version: TLS 1.2 (0x0303) Length: 1 Change Cipher Spec Message 0000 00 oc 29 46 bo eb 68 7 74 ce 16 ee 08 00 45 00 0010 00 84 8f 74 40 00 f5 06 06 64 45 c4 e6 c4 co a8 to. 00020 02 6a 01 bb 04 63 46 28 ca dif dd O5 be dd 50 18 j...cFC 0030 89 84 01 a6 00 00 16 03 03 00 51 02 00 00 4d 03 03 56 6e 43 de 52 fe 0d c6 73 9b ea d9 f1 48 0c 0040 VnC.R 0050 6b bd 8c a6 6d 36 97 3b a0 1c 83 d2 9e ee 29 4c 00600 c6 20 d8 a4 07 e0 b8 91 d9 ac 64 4a es 68 2d 27 dJ.h- Profile Default Packets 270-Displayed 67 248%) Dropped: 0 (0.0%Explanation / Answer
ANSWER 1)The version of ssl/tls used is TLS V1.2. (0x0303)
This protocol was defined in RFC 5246 in August of 2008. Based on TLS 1.1, TLS 1.2 contains improved flexibility. The major differences include:
Answer 2) The handshake type is: Server Hello (2)
since first one is for client and second is from the server.client sends a message to which the server responds.
the sources to understand this concept in a better way is :
http://blogs.msdn.com/b/kaushal/archive/2013/08/03/ssl-handshake-and-https-bindings-on-iis.aspx
-The MD5/SHA-1 combination in the pseudorandom function (PRF) was replaced with cipher-suite-specified PRFs.
-The MD5/SHA-1 combination in the digitally-signed element was replaced with a single hash. Signed elements include a field explicitly specifying the hash algorithm used.
-There was substantial cleanup to the client's and server's ability to specify which hash and signature algorithms they will accept.
-Addition of support for authenticated encryption with additional data modes.
-TLS Extensions definition and AES Cipher Suites were merged in.
-Tighter checking of EncryptedPreMasterSecret version numbers.
-Many of the requirements were tightened
-Verify_data length depends on the cipher suite
-Description of Bleichenbacher/Dlima attack defenses cleaned up.
Related Questions
Navigate
Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.