Skip to main content
Information Security

Questions tagged [handshake]

Ask Question

The tag has no summary.

81 questions
Newest Active Bountied Unanswered
2 votes
1 answer
96 views

My understanding TCP SYN Cookie mitigates SYN Flood attack by allowing all information to be stored in the cookie itself and not storing anything on the server. TCP SYN Cookie is implemented as the ...
Tran Triet's user avatar
  • 123
1 vote
1 answer
141 views

I am confused about the TLS handshake process in TLS 1.2 and TLS 1.3. When configuring Nginx with SSL enabled, does the ssl_certificate_key play a role in the TLS handshake itself, or is it only used ...
Latte Xu's user avatar
  • 51
2 votes
0 answers
166 views

While analyzing the handshake process in TLS 1.3 and comparing it to TLS 1.2, I began to wonder if the simplified handshake structure in TLS 1.3 introduces new vulnerabilities. This concern is ...
kmk's user avatar
  • 21
1 vote
0 answers
228 views

In the TLS handshake, I noticed that key messages like ClientHello and ServerHello aren't piggybacked onto ACK packets and are instead sent as separate packets. From a networking perspective, this ...
allexj's user avatar
  • 537
1 vote
1 answer
194 views

In a normal wifi network, after authentication we associate and then perform a handshake (WPA2: 4-way handshake, WPA3: dragonfly handshake) with the AP. How does a client now know that the frames ...
user317345's user avatar
  • 13
2 votes
1 answer
567 views

I sent a client hello indicating TLS1.3 support, and it contains a list of all ciphersuites that support TLS1.3, TLS1.2 and TLS1.1 And consider server negotiated TLS1.3 indicating serverHello....
hjhjh's user avatar
  • 51
1 vote
1 answer
223 views

I am having a Handshake session of PSK_only mode in TLS1.3 , where I use PSK's established out of band. consider, client Hello is sent with the extensions of supported_versions, PreSharedKey, ...
hjhjh's user avatar
  • 51
2 votes
1 answer
115 views

Why is step 4 needed? What does it protect in terms of security? Doesn't the protection arrives from the last step so when Va and Vb (so called TK, Temporary Keys) are compared? Other thing: I read ...
allexj's user avatar
  • 537
1 vote
0 answers
487 views

I've been trying to crack wifi wpa2 handshake using airodump-ng and aireplay-ng. I'm using alfa awus-036acs adapter. sudo airodump-ng wlan0 sudo airodump-ng --bssid MAC ADDR of AP --channel 1 -w ...
Michał Matusik's user avatar
  • 11
4 votes
1 answer
2k views

In general, I understand that nonces are used to prevent replay attacks, but in the case of a TLS 1.3 handshake, the Client/Server Hello message contains their public keys. Considering that keys are ...
tired_owl's user avatar
  • 43
1 vote
0 answers
133 views

I am currently trying to learn the TCP session creating (3 way handshake) process in detail. I was wondering what the sequence number means and also why is the ack num for the next ACK packet always ...
Flqmmable's user avatar
  • 11
1 vote
0 answers
2k views

I was running MQTT broker in my pc and tried to connect to it via mqtt client in same PC. using x509 cert for mutual tls. SSL Handshake was failing with RST from server. This was happening only in my ...
azhahes.s's user avatar
  • 11
0 votes
2 answers
164 views

What version of TLS would be required for a router that separates client requests from a web server behind a router? Let's say the supported TLS client is 1.2 and so is the web server, BUT the router ...
cadobe's user avatar
  • 3
4 votes
1 answer
1k views

I heard recently that WPA2 passwords can be brute forced if somebody captures handshake (which is not very difficult). Can somebody tell if a similar method exists for cracking SSH traffic? I mean ...
John Smith's user avatar
  • 143
0 votes
1 answer
757 views

After looking at many explanations about the TLS handshake I noticed that sometimes the server starts with the change cipher spec command and sometimes the client starts with it. I'm wondering why. Is ...
Programer.new's user avatar
  • 3

15 30 50 per page
1
2 3 4 5 6