|
|
|
|
|
|
by tialaramex
2103 days ago
|
|
|
This is a simplification of a subsequent step. The Pre Master Secret is actually used to derive several keys (exactly how many varies depending on other choices in the handshake) which are all shared between the client and server. For example, both client and server can send messages at the same time or asynchronously, and so they need separate keys for each direction. Let's call these two keys A and B, the client encrypts data with A, sends it, and the server decrypts with A, but the server encrypts data with B, sends that and the client decrypts with B. If they just use the same keys lots of things go wrong, including an adversary can now give the client back messages it just sent and it can decrypt them believing they are from the server. |
|
|