SSL Mutual/Unidirectional Authentication
Last updated: 2020-03-09 14:59:42PDF
Specific process of SSL mutual authentication
- The browser sends a request to connect to the secure server.
- The server sends its own certificate and related information to the client browser.
- The client browser checks whether the certificate sent from the server is issued by a trusted CA. If yes, it will execute the protocol. Otherwise, it will send a warning message to the client that the certificate is untrustworthy and ask the client whether to proceed.
- The client browser compares messages in the certificate, such as domain name and public key, with messages sent from the server. If they are the same, the client browser will confirm the authenticity of the server.
- The server sends a request to the client for its certificate, and verifies the certificate after receiving it. If the verification fails, the connection will be rejected. Otherwise, the server will get the client's public key.
- The client browser tells the server its supported symmetric password schemes for communication.
- The server selects the password scheme with the highest encryption level from the schemes sent from the client, and notifies the browser after encrypting it with the client's public key.
- The browser selects a session key for this password scheme, and sends it to the server after encrypting it with the server's public key.
- The server receives the message from the browser, and decrypts it with its private key to get the session key.
- The server and the browser use the symmetric password scheme for subsequent communication where the symmetric key is encrypted.
Mutual authentication requires the server and client to provide identity verification, which improves security as only users authorized by the server can access.
Specific process of SSL one-way authentication
- The client browser sends the server the version number of its SSL protocol, the type of encryption algorithm, the random number generated, and other relevant information needed for communication.
- The server sends the client the version number of its SSL protocol, the type of encryption algorithm, the random number and other relevant information, as well as its certificate.
- The client uses the information sent from the server to authenticate the server, including whether its certificate has expired, whether the CA issuing the certificate is trustworthy, whether the public key of the CA certificate can correctly decrypt the CA's digital signature, and whether the domain name in the server certificate is the same as the actual domain name of the server. If the authentication fails, the communication will be disconnected. Otherwise, the client will proceed to step 4.
- The client randomly generates a "symmetric password" for subsequent communication, encrypts it with the server's public key obtained from the server certificate in step 2, and then sends the encrypted "pre-master password" to the server.
- If the server requires client authentication (optional during handshake), the client can create a random number and sign the data, and send the signed random number along with its own certificate and the encrypted "pre-master password" to the server.
- If the server requires identity verification, it must check the validity of the client certificate and the signed random number, including the validity period of the client certificate, whether the CA issuing the certificate is trustworthy, whether the public key of the CA can correctly decrypt the digital signature of the CA issuing the client certificate, and whether the certificate is in the Certificate Revocation List (CRL). If the verification fails, the communication will be disconnected immediately. Otherwise, the server will use its own private key to decrypt the encrypted "pre-master password" and then take a series of steps to generate a master password (the same password will also be generated by the client).
- The server and the client use the same master password, which is called "session password", and a symmetric key is used for encrypting and decrypting secure data communication of SSL protocol. The integrity of data communication should be guaranteed during SSL communication to prevent changes.
- The client sends a message to the server, indicating the master password generated in the previous step will be used as the symmetric key in the subsequent data communication. It also informs the server that handshake on the client side has ended.
- The server sends a message to the client, indicating the master password generated in the previous step will be used as the symmetric key in subsequent data communication. It also informs the client that handshake on the server side has ended.
- As SSL handshake ends, SSL data communication begins, i.e., the client and the server start to use the same symmetric key for data communication while checking the integrity of communication.
SSL one-way authentication only requires that an SSL certificate is installed on a website, which can be accessed by any user (except restricted IPs, etc.). Only the server provides identity verification.
Difference between SSL mutual authentication and one-way authentication
SSL mutual authentication requires both the server and client have certificates, while SSL one-way authentication does not require a client CA certificate.
Compared with mutual authentication, one-way authentication does not need server-side verification of the client certificate. When negotiating a symmetric password scheme and symmetric session key, the password scheme sent from the server to the client is not encrypted (does not affect the security of SSL process). The specific communication content is the encrypted data. In the event of third-party attacks, only the encrypted data will be obtained. To get any useful information, the third party has to decrypt the encrypted data, whose security depends on the security of the password scheme. Currently, a password scheme is secure as long as the communication key is long enough. This is why 128-bit encryption is used for communication.
SSL one-way authentication can be configured for general web applications. However, identity verification may be required for client to connect to financial applications. SSL mutual authentication should be used.