Wireshark-dev: [Wireshark-dev] seeking a info for clearing a confusion
Date Index · Thread Index · Other Months · All Mailing Lists
Date Prev · Date Next · Thread Prev · Thread Next
From: Sadik Sikder <sadiksikder@xxxxxxxxx>
Date: Wed, 27 Sep 2017 19:14:02 +0200
Hello all
I am developing for myself own Decryption system for my own packet analyzer. During developing stage i have some confusion following
i hava confusion regarding pre_master_secret. according to IETF 
8.1.  Computing the Master Secret
For all key exchange methods, the same algorithm is used to convert
   the pre_master_secret into the master_secret.  The pre_master_secret
   should be deleted from memory once the master_secret has been
   computed.

      master_secret = PRF(pre_master_secret, "master secret",
                          ClientHello.random + ServerHello.random)
                          [0..47];

   The master secret is always exactly 48 bytes in length.  The length
   of the premaster secret will vary depending on key exchange method.

-----------------------------------------------------------------------
my question is about pre_master_secret, is this pre_master_secret generated by encrypting client.rando[32][]
by server public exponent?

6.3.  Key Calculation


   The Record Protocol requires an algorithm to generate keys required
   by the current connection state (see Appendix A.6) from the security
   parameters provided by the handshake protocol.

The master secret is expanded into a sequence of secure bytes, which
   is then split to a client write MAC key, a server write MAC key, a
   client write encryption key, and a server write encryption key.  Each
   of these is generated from the byte sequence in that order.  Unused
   values are empty.  Some AEAD ciphers may additionally require a
   client write IV and a server write IV (see Section 6.2.3.3).

   When keys and MAC keys are generated, the master secret is used as an
   entropy source.

   To generate the key material, compute

      key_block = PRF(SecurityParameters.master_secret,
                      "key expansion",
                      SecurityParameters.server_random +
                      SecurityParameters.client_random);


Q: my question is here about "SecurityParameters.master_secret" , what is this master_secret? 
is this same value (if i am not wrong )of master.secret generated by 
CLIENT_RANDOM <space> <64 bytes of hex encoded client_random> <space> <96 bytes of hex encoded master secret>?


Thanks in advance...





Kind Regards,

Samsuddin Sikder
Masters Student 
M.Sc. in Communication Systems Engineering
Cologne University of Applied Sciences (FH-Köln),Germany