Jacob

Asked: 2011-02-16 13:54:52 +0800 CST2011-02-16 13:54:52 +0800 CST 2011-02-16 13:54:52 +0800 CST

Private and public key negotiations over SSL protocol

I understand how public key encryption works and I understand how it works into SSL. Server sends encrypted(public) key so I can send it a message but only it knows the private key to decrypt it.

Does the reverse happen? Does my browser send the server a public key to send data back securely or is it not secured?

1 Answers

Voted

Best Answer

Chris S
2011-02-16T13:56:30+08:002011-02-16T13:56:30+08:00
The public/private key pair is only used to negotiate a symmetric key in SSL. Once the symmetric key has been agreed on, actual user data is encrypted using the symmetric algorithm and that new key. It is not based at all on the public/private key pair.
6

Private and public key negotiations over SSL protocol

Ping a Specific Port

Check if port is open or closed on a Linux server?

How to automate SSH login with password?

How do I tell Git for Windows where to find my private RSA key?

What's the default superuser username/password for postgres after a new install?

What port does SFTP use?

Resolve host name from IP address

Command line to list users in a Windows Active Directory group?

What is a Pem file and how does it differ from other OpenSSL Generated Key File Formats?

How to determine if a bash variable is empty?