For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

KT_271103's avatar
KT_271103
Icon for Nimbostratus rankNimbostratus
Jul 27, 2016

SSL certificate

Is the below statements are correct ?   Client generating pre-master key using shared random numbers between server and client. Client encrypted with server public key and sent to server. Hence s...
application delivery
LTM
Secure Web Gateway
security
Kevin_Stewart's avatar
Kevin_Stewart
Icon for Employee rankEmployee
Jul 27, 2016

Yes, but only in the RSA key exchange.

 

The client and server will initially share two other random numbers, one from the client and one from the server, and both in the clear. In the Client Key Exchange message, the client derives a third random number, encrypts that with the server's public key, which it had just received in a previous message from the server, and sends that over. Using its private key the server decrypts this message and exposes the third value. Both parties then independently calculate the same master secret used to create symmetric encryption keys.

 

This is not, however, how it works for the Diffie-Hellman key agreement.