Thanks Jakob. But still, it is not clear to me. If server random is not present, a malicious user can copy all the messages from client and can replay them multiple times leading to DoS attack. But even if client random is not present, I believe, attacker cannot replay messages from server side as client is going to choose the pre-master-secret. i.e attacker cannot replay any encrypted record as he will not be able to decrypt the pre-master-secret encrypted by server's public key and so, cannot generate the session key.
Am I still missing something trivial? Thanks, Thulasi. On 5 February 2013 21:21, Jakob Bohm <jb-open...@wisemo.com> wrote: > On 2/5/2013 12:05 PM, Thulasi wrote: > >> Hello all, >> >> ** This is not regarding OpenSSL software but about the protocol in >> general. >> >> I am trying to understand the use of 32 byte(4 byte data + 28 byte rand) >> client random which is part of Client Hello. I understand that Server >> Random is required to avoid replay attacks by making server to >> dynamically contribute in the derivation of session keys along with >> Pre-master-secret chosen by Client, but what additional security is >> derived from Client Random? >> >> The same benefits, but seen from the other end. > > Server random protects the server from being attacked with replays of > client packets, amongst other benefits. > > Client random protects the client from being attacked with replays of > server packets, amongst other benefits. > > Simple, really. > > > Enjoy > > Jakob > -- > Jakob Bohm, CIO, Partner, WiseMo A/S. http://www.wisemo.com > Transformervej 29, 2730 Herlev, Denmark. Direct +45 31 13 16 10 > This public discussion message is non-binding and may contain errors. > WiseMo - Remote Service Management for PCs, Phones and Embedded > ______________________________**______________________________**__________ > OpenSSL Project http://www.openssl.org > User Support Mailing List openssl-users@openssl.org > Automated List Manager majord...@openssl.org >
